Bug in Apple’s Find My Feature Could’ve Exposed Users’ Location Histories

Cybersecurity researchers on Thursday disclosed two distinct design and implementation flaws in Apple’s crowdsourced Bluetooth location tracking system that can lead to a location correlation attack and unauthorized access to the location history of the past seven days, thereby by deanonymizing users.

The findings are a consequence of an exhaustive review undertaken by the Open Wireless Link (OWL) project, a team of researchers from the Secure Mobile Networking Lab at the Technical University of Darmstadt, Germany, who have historically taken apart Apple’s wireless ecosystem with the goal of identifying security and privacy issues.

In response to the disclosures on July 2, 2020, Apple is said to have partially addressed the issues, stated the researchers, who used their own data for the study citing privacy implications of the analysis.

How Find My Works?

Apple devices come with a feature called Find My that makes it easy for users to locate other Apple devices, including iPhone, iPad, iPod touch, Apple Watch, Mac, or AirPods. With the upcoming iOS 14.5, the company is expected to add support for Bluetooth tracking devices — called AirTags — that can be attached to items…

http://feedproxy.google.com/~r/TheHackersNews/~3/R1GcDnWn15U/bug-in-apples-find-my-feature-couldve.html

Have a comment? Type it below!