Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

It's a bit more interesting than that, as it's E2E encrypted, to avoid leaking the location of any device on the network.

Find My enabled devices are actually sending "my current public key is …" messages. The finder ("adult", in your terminology) device encrypts their location with that public key, and sends that, and only that, to Apple's servers.

The finder device isn't identified in that message, so you can't track a finder device by listening to "encountered a device" transmissions to Apple.

That public key is also rotated every 15 minutes, so an attacker can't track a device by tracking broadcast messages of a specific public key.

When you connect to Find My, you download that encrypted location, and use your private key to decrypt that location.

https://support.apple.com/guide/security/find-my-security-se...



I’ll admit I simply assumed there was adequate encryption to avoid leaking location data in undesirable ways and didn’t think to investigate how they were doing it (generally an unsafe assumption - although, credit is due to Apple, slightly less unsafe in their case!).

The system being “my iPhone encrypts its location with the lost device’s public key, so only the holder of the corresponding private key (i.e. the owner of the lost device) can see that location” is actually sublime, though. That’s the minimal amount of information and yet it still achieves the highest level of privacy, right? Only the location data from the adult, only the public key from the lost child, combined in such a way that cryptographically guarantees only the parent can read the location data. No Apple IDs or serial numbers or any other identifying information even included, so it’s robust even against broken encryption. Very cool.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: