Apple’s “Find My” service allows users to track their missing devices by leveraging a worldwide network of location-aware iGadgets. With millions of iPhones and Macs out in the wild listening for the missing device’s Bluetooth advertisements and relaying their findings to the Cupertino Mothership, it’s a highly effective way of tracking hardware so long as it stays in relatively urban areas. Unfortunately, the system is completely proprietary and non-Apple devices aren’t invited to play.
Or at least, that used to be the case. A project recently released by the [Secure Mobile Networking Lab] called OpenHaystack demonstrates how generic devices can utilize Apple’s Find My network by mimicking the appropriate Bluetooth Low Energy (BLE) broadcasts. Currently they have a firmware image for the BBC micro:bit, as well as a Python script for Linux, that will allow you to spin up an impromptu Find My target. But the team has also published all the information required to implement similar functionality on other BLE-capable devices and microcontrollers, so expect the list of supported hardware to grow shortly.
Somewhat ironically, while OpenHaystack allows you to track non-Apple devices on the Find Me tracking network, you will need a Mac computer to actually see where your device is. The team’s software requires a computer running macOS 11 (Big Sur) to run, and judging by the fact it integrates with Apple Mail to pull the tracking data through a private API, we’re going to assume this isn’t something that can easily be recreated in a platform-agnostic way. Beyond the occasional Hackintosh that might sneak in there, it looks like Tim Cook might have the last laugh after all.
It’s not immediately clear how difficult it will be for Apple to close this loophole, but the talk of utilizing a private API makes us think there might be a built-in time limit on how long this project will be viable. After all, Big Tech doesn’t generally approve of us peons poking around inside their machinations for long. Though even if Apple finds a way to block OpenHaystack, it’s expected the company will be releasing “AirTags” sometime this year which will allow users to track whatever objects they like through the system.
Apple track the approximate, or exact, geographical location of every iDevice that broadcasts (which is them all), using every other iDevice. That is the way that I see it. Like apple is not going to push out a request to every device globally to say have you seen this device. They would limit the push request to devices in the approximate area, region(county/state/shire), country. And to do that requires some form of, historical?, geographical tracking data.
I think it’s worth reading https://www.wired.com/story/apple-find-my-cryptography-bluetooth/ if you want to find out more how it works.
The rumor is that Apple actually is opening this up to third parties, so there might actually not be a time limit on this.
would love to see this on and esp32 or it’s predecessor … could even make use of a gps module and other sensors for better accuracy.
It works on an ESP32: https://github.com/seemoo-lab/openhaystack/tree/main/Firmware/ESP32
You can even flash it directly via their app
2023: as you walk around town, your iPhone buzzes and tells you that the guy walking towards you has a stolen iPhone on him. There’s a $200 iTunes voucher to split with any other nearby Apple users who’ll help you jump him and recover it. Apple’s legal team have you covered.
2023.125: a buddy learns his friends apple password, reports his friends iphone as stolen, with a $200 voucher for anyone willing to jump him to recover it. legal fiasco ensues.
Assuming the system preserves privacy decently this would be good as a crossplatform standard.
Please do this with TILE BLE network, they run on Android thus no MAC.
I want a non-Apple app or device that can tell me when an AirTag is nearby trying to connect to the mesh. I’ve never owned nor ever will own an Apple device, but I’d like to know if someone has put an AirTag on any of my stuff. Yes I’ve loaded an app that will show nearby Bluetooth devices. But that means I have to memorize a list of addresses for nearby devices I’d normally see and hope to spot the oddball I’ve never seen before.