Apple AirTags – The Stalker’s Dream
I can’t really blame Apple for this. Their heart was in the right place. Helping people find their lost stuff sounds like a reasonable goal.
The problem is that no good deed ever goes unpunished.
Initially, people bought an AirTag and then either slipped it into someone’s coat pocket or attach it to the back of a license plate. The goal there was to find out where the Stalkee lived, worked or visited.
Then Apple added software to warn stalkees that they were being stalked. At first it didn’t do that for 24 hours. They have progressively lessened that number of hours as the problem got worse.
Then they added a beep so you might notice the quiet beep. Of course, it the stalker attached it to your car, all they needed was 30 seconds worth of access to remove it. That MIGHT BE possible, depending on the circumstances.
Then capitalists figured out how to neuter the speaker so that it didn’t make any noise anymore. You still might get a warning that you were being tracked, but no beep.
Mind you there are other tracking discs, like, for example, tile, but this one is the most widely used one for a variety of (mostly malicious) reasons.
Of course, if you are an Android user and someone slips a disc in your coat, you won’t get notified – unless you install Apple’s creeper software on your Android phone, but I doubt many people even know it exists.
Now a security expert in Berlin has cloned an Airtag and programmed it to bypass Apple’s security protections. In particular, the AirTag alerts a stalkee if the phone sees an AirTag that doesn’t belong the stalkee around the phone for a number of hours. How does it do that? The AirTag periodically broadcast’s it’s key. If the phone sees the same key a lot and it is not yours, it warns you. So, this clone throws out a new key every time it broadcasts.
In fairness to Apple, this is not even their product at this point. Someone stole their idea and designed to work better for evil.
Other researchers are trying to figure out how to stop these attacks.
It will likely be a cat and mouse game – good vs. evil – for a long time, probably forever.
So once again, Apple had a good idea and hackers turned it into a pile of poop.
Credit:Portswigger