Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror
×
Security Apple

Apple AirTag Can Be Hacked, But It's Not as Bad as It Sounds (slashgear.com) 29

Slashgear reports that a security researcher was able to reprogram one of Apple's new AirTags, "but the process and the end result might not yet be worth the worry." Like any electronic device, especially "smart" ones, the Apple AirTag has a microcontroller that orchestrates its activities... In a nutshell, Stack Smashing "hacked" the AirTag microcontroller to modify its firmware and make it do something other than what it is designed to. That, at least for now, meant linking to a different URL when an NFC-enabled phone "taps" the tracker. Normally, it would link to found.apple.com in order to initiate the Lost Mode process.

This hack could be used to make phones go to some nefarious website but getting to that point might not exactly be straightforward. The security researcher hasn't disclosed yet the process but he admits bricking at least two AirTags to get there. Unless the tracker's firmware can be modified remotely over the air, the only way you'll get a hacked AirTag would be if you acquired it through other parties.

This AirTag hack might actually be less worrying than the debug menu that Apple may have accidentally left enabled before shipping the trackers. Fortunately, that might be something that is easily fixed with a firmware update...

This discussion has been archived. No new comments can be posted.

Apple AirTag Can Be Hacked, But It's Not as Bad as It Sounds

Comments Filter:
  • But It's Not as Bad as It Sounds

    I'd question this but it was copy/pasted by a /. editor, so I'm sure it's legit.

  • It's so useless that even if you hack it, it can't do anything worth doing. :)

    I think they finally crossed the boundary I always predicted. They actually are a jewelry company now. ... If those $0.50 rubber bracelets that "channel energies from the universe into you" are considered jewelry. ;)

    Prepare for iPhones that are completely featureless slabs of glass. Literally. "So easy to use!" ;)

  • Does NFC protocol allow an AirTag-like thing to identify the iPhone owner? I really hope not, but if the tag can send you to a malicious website that can read you FB cookies I am thinking of some scary scenarios. I don't want mysterious packages to know when it has reached me. Then again I keep NFC turned off.. as far as I know.. until the next OS update.... hmm I'd rather Apple not have skin in this game.

    • Does NFC protocol allow an AirTag-like thing to identify the iPhone owner? I really hope not, but if the tag can send you to a malicious website that can read you FB cookies I am thinking of some scary scenarios. I don't want mysterious packages to know when it has reached me. Then again I keep NFC turned off.. as far as I know.. until the next OS update.... hmm I'd rather Apple not have skin in this game.

      In other news, a malicious actor can obtain root access by standing behind you and watching you log in with their phone recording the video. Then back at Hacker HQ, they can easily see what keys were pressed. Apple has known about this easy exploit for years, and has done nothing about it. /s

      I find that the reportage of these sort of "hacks" are just about pointless. I guess it makes the researchers feel relevant. In a world where most of the IOT crap has no security at all, yet people install that stu

  • by 93 Escort Wagon ( 326346 ) on Monday May 10, 2021 @09:15AM (#61368810)

    At least one of those cop investigative / procedural shows will feature a hand-waving version of this "exploit" during an episode later this year.

  • My understanding so far of AirTags: Someone could stick one to the underside of my car, bicycle, or modify/disassemble one and shove it in my shoe while I'm swimming at the gym. If I had an iPhone and were sending my location to Apple constantly, they'd tell me that there was an AirTag following me. If I don't have an iPhone, I'd only know about it after 3 days when the speaker went off, unless I was came within range of a device controlled by the criminal actor, or if they trivially disabled the speaker.
    • Apple did think of this concern, at least partly.

      If you do happen to own an iPhone, apple will tell you if an AirTag not on your account appears to be moving with you all the time:

      https://support.apple.com/en-u... [apple.com]

      "AirTag Found Moving With You" message.

      It may be valid to ask for a similar app to run on Android.

      • Apple did think of this concern, at least partly.

        If you do happen to own an iPhone, apple will tell you if an AirTag not on your account appears to be moving with you all the time:

        https://support.apple.com/en-u... [apple.com]

        "AirTag Found Moving With You" message.

        It may be valid to ask for a similar app to run on Android.

        Because I'm concerned about privacy, I don't want to use an iPhone or a "normal" Android phone (with Google Play Services). And worse, I'm one of those insane crazy people who only turns the GPS on when it's actually needed, so it may not even work if I did use an iPhone, because it might not know that I'm "moving".

        I don't want to have to upload my location to a trillion dollar company all the time to ensure that their other surveillance systems are not tracking me.

        There does not appear to be a way t

        • by laird ( 2705 )

          It knows that there's a BLE beacon staying in range of your phone. It doesn't need GPS for that.

          That being said, cell phones always know where you are, and report it to the telco, because that's how they can route your phone calls to your cell phone - they need to know what cell you are in as you move around so that you can get calls. So if you thought that turning GPS off concealed the location of your cell phone from your telco, you were wrong. GPS, on the other hand, doesn't report your position to anyon

          • It knows that there's a BLE beacon staying in range of your phone. It doesn't need GPS for that.

            That being said, cell phones always know where you are, and report it to the telco, because that's how they can route your phone calls to your cell phone - they need to know what cell you are in as you move around so that you can get calls. So if you thought that turning GPS off concealed the location of your cell phone from your telco, you were wrong. GPS, on the other hand, doesn't report your position to anyone - it just tells your phone where you are, so that's less of an invasion of your privacy than the phone being on.

            I have no belief that telco doesn't know roughly where the phone is when the radio is on, that's plenty obvious.

            Despite the severe violations of the four (three) major US carriers in recent years (for which they are being sued presently), they do have at least some duty to their customers based on contract and/or law.

            It's a question of who gets the data though. Apps that have background location permission can't get your position when the location services are disabled. I consider these to be the gr

            • by laird ( 2705 )

              If an AirTag is in BLE range of your phone for an extended period, and it's not your AirTag, they warn you that there's a tag following you around. That's not dependent on where you actually are, just that it's in BLE range. So I wouldn't expect that it would depend on GPS, just BLE. Though I'm sure that they'd capture GPS if it's available, so that they can report where the tag is if someone's lost it.

    • If someone wanted to track you like this then there are cheaper and more concealable alternatives already. Yet no-one has been screaming about those⦠perhaps because it's not a realistic concern outside of espionage thrillers.

      It's easier to do targeted tracking of you without your consent using your existing cellphone.

      • If someone wanted to track you like this then there are cheaper and more concealable alternatives already. Yet no-one has been screaming about those⦠perhaps because it's not a realistic concern outside of espionage thrillers.

        It's easier to do targeted tracking of you without your consent using your existing cellphone.

        Any other tracking system is going to need a cellular modem and GPS and a large battery to operate. You can forego the modem if you're willing to install and then collect the device later. AirTags just need a small battery, the real work is offloaded to a billion iPhones. AirTags also offer criminals plausible deniability. "Oops, yeah, I accidentally left a key in that Uber driver's car." You can't say that if you stuck a cell-enabled GPS tracker to her car. These things will enable *casual* stal

        • > It's trivial for you to track me if you can get an AirTag into my possession.

          That's a really big if. And again, other products are cheaper and more effective for the only plausible scenarios (hiding on someone's car). Trying to single out Apple here is fearmongering.

          • > It's trivial for you to track me if you can get an AirTag into my possession.

            That's a really big if. And again, other products are cheaper and more effective for the only plausible scenarios (hiding on someone's car). Trying to single out Apple here is fearmongering.

            Apple has deployed a network with a billion sensors to detect the tags. There is no comparison. No one has done anything close to this level before.

            And I by no means am suggesting that companies doing this to a lesser magnitude are "better".

            • > "No one has done anything close to this level before"

              GPS + cellular. It's cheap and easy enough that it's already used daily for roadside bombs planted by terrorists/insurrectionists. Functioning cellphones with SIMs can be picked up for a few dollars.

    • How does the Tile device function in this scenario to prevent your comings and goings from being monitored?
      • by laird ( 2705 )

        Tile does less to protect privacy - if a tile gets near someone running the tile app, it logs it centrally. The only "advantage" of using Tile is that since fewer people are running the Tile app at a given time, it's less likely to get found. Not so good if you want your lost thing, but I guess it's good if your goal is to not have the tile be found.

"Hello again, Peabody here..." -- Mister Peabody

Working...