Apple's Find My feature requires two devices, boasts extreme security safeguards
A report on Wednesday digs deep into Apple's new Find My service, an upcoming iOS 13 and macOS Catalina feature that leverages encrypted crowdsourced data to pinpoint the location of a missing or stolen iPhone, iPad or Mac.
Apple executive Craig Federighi introduces Find My at WWDC19.
Apple SVP of Software Engineering Craig Federighi unveiled Find My onstage at the Worldwide Developers Conference on Monday, touting the new tool's ability to track the location of iOS 13 and macOS Catalina devices even when they are offline.
A high level overview of the technology revealed Apple is leveraging its massive user install base to power Find My. Target devices send out Bluetooth beacon signals that are picked up by nearby iOS or Mac machines, which relay the identifier and their own location information back to Apple for later perusal by Find My users.
The entire process, from beacon generation to crowdsourced location data gathering, is automated, encrypted and designed in such a way that disallows bad actors -- and Apple itself -- from snooping on unsuspecting device owners.
"Now what's amazing is that this whole interaction is end-to-end encrypted and anonymous," Federighi said. "It uses just tiny bits of data that piggyback on existing network traffic so there's no need to worry about your battery life, your data usage or your privacy."
Apple provided additional context on the inner workings of Find My in a discussion with Wired. The publication broke down the system into a series of steps, the first of which reveals Find My requires at least two Apple devices to function.
When setting up Find My, the at least two Apple products generate a cryptographically strong private key that is shared between registered devices through end-to-end encrypted communication. This key is stored locally, presumably in iPhone's Secure Enclave or Mac's T2 chip, for later use.
A public key, which can only be decrypted with the aforementioned private key, is also generated and acts as the beacon sent out to nearby devices via Bluetooth. This public key rotates frequently (the exact timing was left undisclosed) and in such a way that new numbers cannot be linked to previously used key versions.
The Bluetooth beacon is broadcast to nearby devices, which automatically pick up the signal, intertwine their own location using the public key and send this information along with a hash of the public key to Apple's servers.
With the data stored in Apple's cloud, users looking for a lost device open Find My on a second Apple device to conduct a search. The second device sends a hash of its own public key to the cloud, which is matched with the stored beacon key. How, exactly, Apple is able pair two rotating public keys is at this point unknown.
Finally, Apple transmits the encrypted location of the lost device down to Find My user devices, which decrypt the information using the stored private key.
Find My debuts with iOS 13 and macOS Catalina this fall.
Apple executive Craig Federighi introduces Find My at WWDC19.
Apple SVP of Software Engineering Craig Federighi unveiled Find My onstage at the Worldwide Developers Conference on Monday, touting the new tool's ability to track the location of iOS 13 and macOS Catalina devices even when they are offline.
A high level overview of the technology revealed Apple is leveraging its massive user install base to power Find My. Target devices send out Bluetooth beacon signals that are picked up by nearby iOS or Mac machines, which relay the identifier and their own location information back to Apple for later perusal by Find My users.
The entire process, from beacon generation to crowdsourced location data gathering, is automated, encrypted and designed in such a way that disallows bad actors -- and Apple itself -- from snooping on unsuspecting device owners.
"Now what's amazing is that this whole interaction is end-to-end encrypted and anonymous," Federighi said. "It uses just tiny bits of data that piggyback on existing network traffic so there's no need to worry about your battery life, your data usage or your privacy."
Apple provided additional context on the inner workings of Find My in a discussion with Wired. The publication broke down the system into a series of steps, the first of which reveals Find My requires at least two Apple devices to function.
When setting up Find My, the at least two Apple products generate a cryptographically strong private key that is shared between registered devices through end-to-end encrypted communication. This key is stored locally, presumably in iPhone's Secure Enclave or Mac's T2 chip, for later use.
A public key, which can only be decrypted with the aforementioned private key, is also generated and acts as the beacon sent out to nearby devices via Bluetooth. This public key rotates frequently (the exact timing was left undisclosed) and in such a way that new numbers cannot be linked to previously used key versions.
The Bluetooth beacon is broadcast to nearby devices, which automatically pick up the signal, intertwine their own location using the public key and send this information along with a hash of the public key to Apple's servers.
With the data stored in Apple's cloud, users looking for a lost device open Find My on a second Apple device to conduct a search. The second device sends a hash of its own public key to the cloud, which is matched with the stored beacon key. How, exactly, Apple is able pair two rotating public keys is at this point unknown.
Finally, Apple transmits the encrypted location of the lost device down to Find My user devices, which decrypt the information using the stored private key.
Find My debuts with iOS 13 and macOS Catalina this fall.
Comments
The day before "Dub Dub" I was talking about how I wish Find My Mac was able to work more like Tile and Trackr, but through all Apple devices, since the chances of a stolen Mac of mine being connected to the internet would be very slim.
This stuff doesn't come easy. It's the result of lot's of hard work, creativity and problem solving.
I can see this schema coming to somebody in the shower as a vision -- but only after they had spent many long hours agonizing over the details from every angle. But then followed by many more long hard hours pouring over it to prove it is a bullet proof solution -- and then even more to actually build it.
Bravo to the Apple Engineer(s) who thought of this!
But for now, if it worked perfectly, it would be subtly an amazing tech hidden behind 'Find My' apps.
But seriously: "When setting up Find My, the at least two Apple products generate a cryptographically strong private key that is shared between registered devices through end-to-end encrypted communication"
Is this something a part of their CrytoKit? Like using Blockchain? Would be a great use if so.
https://appleinsider.com/articles/19/03/21/apple-looking-at-ways-to-simplify-device-connectivity-including-generating-a-mesh-network-in-an-emergency
Android could never get this kind of cohesion between devices.
No.
But imagine if they did that, how close are we to https://en.wikipedia.org/wiki/AI_takeover
Now all those who would trust Google to do something like this, raise your hands!