Permanently Deleted

  • eduardog3000 [he/him]
    ·
    3 years ago

    What makes it insecure exactly? It's one way communication from the AirTag to the phones around it, so none of your info is compromised.

    • Clicheguevara [he/him]
      ·
      3 years ago

      It can hijack a free ride on nearby Apple device WANs. Id not say this is a widespread low effort problem but surely state actors are aware and could utilize for mischief.

      https://www.google.com/amp/s/nakedsecurity.sophos.com/2021/05/14/apple-airtags-hacked-again-free-internet-with-no-mobile-data-plan/amp/

      • eduardog3000 [he/him]
        ·
        edit-2
        3 years ago

        The title there is extremely misleading. It can send messages to Apple's servers through your phone. Exactly what it's programmed for, what does it matter if those messages have been modified by the sender? That's a problem between the sender and Apple, not you.

          • eduardog3000 [he/him]
            ·
            3 years ago

            Please tell me then what kind of messages could be sent at such a low bandwidth, only to Apple's servers, with no possibility of a reply, only receivable by a device also owned by the sender, that would do harm to anyone else.

            • Clicheguevara [he/him]
              ·
              3 years ago

              Do you work for Apple or something? Why do you seem to be taking this personally? I'll link you another article where experts speculate on the problem. https://positive.security/blog/send-my

              You not personally finding a concern is different than there not being any concern.

              • eduardog3000 [he/him]
                ·
                3 years ago

                That's mainly just describing how it works. Again, I don't see what kind of data could be sent that could be concerning. So if you have any ideas please tell me. Like how does this in any way harm the owner of whatever phone ends up getting used?

                The use cases given in your link are exfiltrating data from a high security (to the point of using Faraday cages) site, which pretty much leaves only governments and major corporations as targets and depleting random people's mobile data by some insignificant amount.

                I don't work for Apple, I just don't like dumb fear of technology from people who don't seem to understand the technology in the first place. Did you even read the links you sent me or did you just read the headlines and decide it was scary? Literally all it does is give someone an unreliable, extremely slow, one way internet connection limited to a single server to send data to themselves. They even acknowledge that:

                However, such a scheme seems highly unreliable and probably unusable in real-world situations due to its very low bandwidth (especially with restriction such as 16 AirTags per Apple ID it seemed like data transfer could be limited to only a few bits per hour).

                It's a non-issue.

                • Clicheguevara [he/him]
                  ·
                  3 years ago

                  Don't be an asshole. Yes, I read the links. I'm not a moron. I'm not "afraid". I find a device sending data over a connection without the owner of that connection agreeing to be a middle man, incredibly problematic. Call it an ideological objection.

                    • Clicheguevara [he/him]
                      ·
                      edit-2
                      3 years ago

                      Buddy, ask yourself why you're this way and perhaps consider whether it's getting you what you want out of life.

                      If, to feel good about yourself, you need to hear me grovel, I'll do it. You totally destroyed me. I'm a simpleton next to your majestic intellect. We are all in awe.