What is the 'Find My' feature that can be located on an offline device announced by Apple?


by

William Hook

At Apple's developer announcement event ' WWDC 2019 ' held on Tuesday, 4 June 2019, Apple announces a new feature ' Find My ' that combines ' Find iPhone ' and ' Find Friends ' Did. This 'Find My' uses a nearby Apple terminal to form a Bluetooth network, making it possible to search offline terminals as well. How is it possible to search on an offline terminal, said John Greens, a cryptologist at Johns Hopkins University .

How does Apple (privately) find your offline devices? – A Few Thoughts on Cryptographic Engineering
https://blog.cryptographyengineering.com/2019/06/05/how-does-apple-privately-find-your-offline-devices/


Apple Find My feature detailed in new security breakdown-9to5Mac
https://9to5mac.com/20019/06/05/ ios-13-macos-catalina-find-my /


The idea behind the Find My function is to implement a Bluetooth and cloud location tracking system on a network of Apple devices. Apple terminals always build a network with nearby Apple terminals and Bluetooth, and monitor Bluetooth beacons sent from lost terminals. When the network picks up this beacon, each Apple terminal on the network tags data from its own GPS information and sends it to the cloud. This is a mechanism that can identify the location of the lost terminal.

In addition, Find My function allows you to search for offline devices that are not connected to mobile line or Wi-Fi. However, in order to do that, it is necessary to link with another Apple terminal beforehand. In other words, if you have two or more Apple terminals, you can not find offline terminals.

According to Apple, Find My's offline location tracking is done completely anonymously and encrypted end-to-end , protecting everyone's privacy. The Apple terminal that has set up the Find My function generates a public key. As with other public key encryption settings, this public key is used to encrypt data so that it can not be decrypted without the corresponding private key. Since this secret key is stored in the linked Apple terminal, it can not be deciphered from the terminal of an unknown person.


by

Book Catalog

The public key is regularly changed to a new one. Although Apple has not clarified how often the public key is updated, it can be said that this public key update makes it quite difficult for others to decipher the Bluetooth beacon and track the Apple terminal. You

For example, consider the case where a MacBook has been stolen. A stolen MacBook keeps sending public keys over Bluetooth even if it is disconnected from the Internet. Then, when an iPhone user passes near a thief with a MacBook, the iPhone receives a Bluetooth beacon, determines the location information of the MacBook based on its GPS information, and encrypts it with the received public key. Then, upload the encrypted MacBook location information to Apple's server. Since Apple does not have a secret key, it can not decrypt MacBook location information.

Use the iPad that has the same public key and secret key as this MacBook, and request location information of the MacBook with Find My function. The hash of the public key sent by the MacBook serves as an identifier in the Apple server's database. When you upload the hash of the public key that iPad has, based on that, encrypted location information is retrieved from server and sent to iPad. If the date passed after losing the MacBook, it is possible that the public key is updated and the hash of the public key does not match between the MacBook and the iPad, but Mr. Green says that the hash of the public key uploaded by the iPad is the latest. In addition to the thing of, in order to upload the past thing collectively, it is explained that it functions as an identifier enough.


by John Beans

The Find My feature will be available on MacOS Catalina, iOS 13, and iPad OS, which will be distributed in the fall of 2019. As it is still in the stage of announcement, the detailed specifications may be changed, but it is encouraging that you can search even Apple terminals that are offline.

In addition, the Bluetooth beacon is always transmitted from the terminal, and it is the place where it is anxious about the decrease of the battery, but Apple does not have to worry about the life of the battery, the usage of data, and privacy at WWDC 2019. I was affirmed.

in Mobile,   Hardware,   Security, Posted by log1i_yk