[HN Gopher] An update on AirTag and unwanted tracking
___________________________________________________________________
An update on AirTag and unwanted tracking
Author : todsacerdoti
Score : 60 points
Date : 2022-02-10 18:00 UTC (5 hours ago)
(HTM) web link (www.apple.com)
(TXT) w3m dump (www.apple.com)
| Syonyk wrote:
| > _...and we condemn in the strongest possible terms any
| malicious use of our products._
|
| Then subject them to malicious users _before_ releasing them to
| see what sort of ideas they can come up with in a few days, and
| mitigate those before general release.
|
| Go schedule a room at Defcon, give people AirTags, and see what
| they do. If they neutralized your mitigations in an hour, well...
| other people can figure that out too. That the speakers are so
| easy to disable... well, yeah, you should have figured that out
| _before_ release.
|
| I'm a bit concerned about Apple's internal ability to reason
| about malicious actors. This is the second time in recent history
| they've released a shiny something, only to discover it torn to
| shreds in very short order by people. The whole CSAM hashing
| algorithm being as weak as it was to manipulation _should not
| have been a surprise to them_ - but it sure seems like the system
| was designed without considering that the first hashing algorithm
| was trivial to intentionally collide.
|
| "Buy an iPhone to prevent people from tracking you, and if you
| want to see where the tracker is, buy a really new one!" is some
| sort of sales pitch, certainly, though this new set of things
| sounds so prone to false positives and annoyance that I'm not
| sure how long it will be until people just turn the whole thing
| off (if that's an option).
|
| It's a neat concept, but doesn't seem to have survived contact
| with reality and humans very well.
| nomel wrote:
| I've said this in other threads, but I'm probably done buying
| AirTags, because the anti-stalking features, that I assume
| you're aware of, are so annoying, that I don't want to add any
| more to my life.
|
| When I get in my car with my wife, we both get a notification
| that an AirTag is following us, because my wife is potentially
| stalking me with her purse and keys. I can silence this
| notification for only one day. I can't disable it, because
| that's what a stalkers or abusive boyfriend would do. They
| randomly beep and boop to notify me that they exist, and I'm
| being stalked, and to put my phone near the offending AirTag so
| I can see the serial and last four digits of the owners phone
| number.
|
| If someone were actually stalking me, I probably wouldn't
| notice.
|
| I think the whole concept is almost doomed, if you're to be
| satisfied. The purpose of an AirTag is to track a thing. The
| desire of a stalker is to track a thing. I don't think these
| two identical problem spaces can exist together, in some
| harmonious way, that would satisfy people with your concerns,
| without constant annoyance. Just imagine if these were more
| popular and you did something crazy like, got on a bus, or went
| on a plane, walked any reasonable distance down a street with
| someone in your proximity.
|
| I would love to hear a solutions that doesn't result in
| constant notifications. I also think it's completely silly to
| say "We'll we just have to restrict location track of anything,
| because there are bad people out there. Period." If the metric
| is to stop all the bad, then technology needs a huge lobotomy!
| varenc wrote:
| Apple just needs to add shared AirTags to iClould family
| sharing. I think that'd solve your issue and ~90% of other
| unwanted stalking alerts. They already allow shared "Find My
| iDevice" and just need to add AirTags to the mix.
| nomel wrote:
| I agree, but from previous HN threads, people have said
| that this would enable people in abusive relationships to
| be stalked. Also, it appears that some distance is required
| to trigger the notification, so I imagine stalkers could
| use the AirTags within this distance. For example, to find
| which apartment someone lives in, within a building.
|
| I think there will always be headlines about stalking and
| abuse, and people claiming Apple didn't do enough (even
| though it's so annoying as is), regardless.
| varenc wrote:
| > would enable people in abusive relationships to be
| stalked
|
| I can see that concern, but family sharing ALREADY lets
| you share iDevice locations at all time. That's a
| superior form of stalking compared to AirTags... So I
| just don't get this concern. It might just be perception
| though. From a PR perspective this is a bad time to
| release any feature that could be perceived as reducing
| AirTag stalking alerts.
| Syonyk wrote:
| > _then technology needs a huge lobotomy!_
|
| Yes, it does. It really, really does. The absolutely human-
| toxic nature of most modern consumer tech ("You buy me, I
| feed you ads, and collect absolutely as much data as I can to
| improve the ads other people pay me to deliver to you!" model
| being the core complaint here) has done a huge amount of
| damage to humanity.
|
| There are upsides, but we culturally seem horrible at
| actually evaluating things fairly. Always-on devices,
| constantly sending notifications, are just horrible to every
| aspect of humans - and the more we learn about just how
| horrible the are, the better the companies involved refine
| their ability to "drive their users nuts" for more eyeball-
| time to view ads, desired or not.
|
| So, yes, if what you get out of my writings are that we
| should radically pull back on what consumer tech is and can
| do, you're evaluating my position quite accurately.
| varenc wrote:
| Have any of the AirTag stalking mitigations actually been
| defeated by hackers? Besides physically removing the speaker.
|
| The "an AirTag is traveling with you" alerts haven't been
| defeated as far as I can tell. Apple tweaked some of the time
| periods after launch but the core technical mitigations are the
| same.
|
| I agree the current situation is non-ideal, but it's not clear
| to me this is from a lack of sufficient pre-release pentesting.
| Syonyk wrote:
| > _The "an AirTag is traveling with you" alerts haven't been
| defeated as far as I can tell._
|
| Perhaps not, but they're meaningless to the >50% of the
| population that doesn't have a modern enough iPhone as their
| daily carry phone.
|
| Having moved back to a flip phone, I _literally_ have no way
| to identify if such a tag is being used against me.
| olliej wrote:
| AirTags shipped with anti-abuse features on day one, no other
| product provides any anti-abuse features whatsoever.
|
| The speaker could be defeated, but the anti tracking stuff
| cannot be stopped without breaking the basic functionality.
|
| If you're demanding that companies must go to great length to
| avoid abuse of their products why aren't you demanding the same
| from tile? Why not the myriad gps trackers on Amazon? It's not
| unreasonable to demand that Amazon ensures every such tracker
| they sell has speakers and anti abuse features.
| Syonyk wrote:
| > _It's not unreasonable to demand that Amazon ensures every
| such tracker they sell has speakers and anti abuse features._
|
| I agree, however, this thread is about Apple's AirTag
| devices, and complaining about Amazon's incredibly vile sales
| practices seems at least somewhat off topic for it.
| throwntoday wrote:
| To what extent is any hardware manufacturer responsible for
| malicious usage of their product in your opinion? Surely you
| don't believe that all bases can be covered no matter how
| simple the product prior to launch. I credit Apple for making a
| best effort at launch and continuing security and support for
| much longer than the industry standard in their products. But
| realistically there is no way to launch something flawless as
| you seem to be suggesting.
| Syonyk wrote:
| I don't think all bases can be covered, certainly. But
| neither do I think Apple has been doing a good job of even
| _trying_ to do a good job of it, at least recently.
|
| Apple clearly put some thought into how the product would be
| misused, and added some features for that - but then appears
| to have not bothered having actual (simulated malicious)
| users test those features to see how they'd bypass them.
| Things like "removing the speaker" seem oddly trivial, yet
| there's no indication Apple even thought through that
| situation. It wouldn't be too difficult to design something
| in which the deliberate disabling of the speaker rendered the
| device useless after a few days, yet would be unlikely to
| trip in normal use. They're pretty well sealed.
|
| "Red teaming" something like this in the early design phases
| is often useful to be able to figure out how to mitigate
| these sorts of attacks, and Apple, far too often lately,
| seems to be in a "...they did _what_? No, they can 't have...
| we didn't think they'd... ugh, OK, let's add something to
| support that..." mode.
|
| And if they don't have family sharing support, as seems to be
| the case from the other comments here, it clearly means they
| weren't tested with any sort of realistic use case, because
| "Oh, yeah, my wife's keys in her purse keep making my phone
| go off when we're driving together" seems a common use case
| to discover in testing.
|
| I don't think a company should be responsible for all
| malicious uses, but when those uses seem utterly trivial to
| manage (remove speaker, your tracking target uses Android and
| like almost all Android users hasn't downloaded Apple's app
| to check for AirTags following them), I think they've missed
| something really important in the design phase.
| 323 wrote:
| Making AirTags safe is fundamentally impossible, a bit like
| trying to make a knife impossible to hurt yourself with.
|
| For example:
|
| > _deliberate disabling of the speaker rendered the device
| useless after a few days_
|
| That only kicks the can. Now people will silence the
| speaker from outside, for example by covering the whole
| AirTags in superglue and foam to muffle all vibrations.
| Syonyk wrote:
| > _for example by covering the whole AirTags in superglue
| and foam to muffle all vibrations._
|
| Which makes it larger, harder to hide, and easier to
| find. Go try - see how much foam it takes to reasonably
| muffle the beeper. It'll take a lot more than you think.
| 323 wrote:
| If I put it in your bag or in your car, I can make it 10
| times bigger and you will still not notice it.
|
| Use your own thinking, how would a red team go about
| silencing the device.
|
| Also, try covering your phone speaker holes with your
| finger. See how effective that is.
| drdaeman wrote:
| I'd really want to ask weird and possibly insensitive, but
| nonetheless (I believe) a legit question - shouldn't be it a
| society that needs to somehow change (I've no idea how,
| though), rather than technologies killed because it threats
| existing societal stuff? I hate to say this but it really
| feels that our assumptions of privacy are becoming outdated
| and there's no going back.
|
| Unlike e.g. facial recognition, AirTags are not even some new
| breakthrough, just some well-known existing technologies made
| a bit more mainstream/commonly available (can't even say
| "more affordable", the price point hadn't changed). Yet, it
| causes an uproar.
|
| Technological genie just cannot be put back in the bottle and
| it's only gonna get worse in the future, as tech will become
| smaller, smarter and more magical.
| Syonyk wrote:
| > _...shouldn 't be it a society that needs to somehow
| change (I've no idea how, though), rather than technologies
| killed because it threats existing societal stuff?_
|
| We've allowed, collectively, anything that falls in the
| "tech" realm to deploy first, ask questions later, and more
| or less force society to conform. I think it's been absurd,
| we see more and more backlash against it, and rightly so. A
| company shouldn't be able to just ignore the law and do
| whatever they want because they use computer chips, but
| we've seen more or less exactly that in a number of cases.
|
| - Uber/AirBnB can be seen as venture-capital funded, money
| losing ways around existing taxi/hotel/rental laws, and
| their tendency to expand into a market without permission
| and then demand the right to stay there against the laws
| that prohibit exactly such things, is an example of this
| model. - The various "Dump tons of scooters in a city
| without asking, profit, and make cleanup the city's
| problem" is another example here. It's littering, really,
| but somehow tech companies involved get a pass because it's
| neat. - Literally every "We collect all the behavioral data
| you don't realize we're collecting to improve our models of
| you so we can sell better advertisements to our actual
| customers" business model does the same thing - take first,
| ask permission never (or, at least, try very hard to never
| have the topic come up).
|
| I'm not OK with this, and I hope more and more people
| aren't OK with it either.
|
| > _I hate to say this but it really feels that our
| assumptions of privacy are becoming outdated and there 's
| no going back._
|
| Privacy shouldn't be something subject to the current state
| of technological surveillance. We should, as a society,
| decide what privacy ought to be, and then limit tech
| companies accordingly.
|
| Europe seems to be making decent headway on this front,
| with "No, you can't just keep doing that..." rulings
| against tech companies. I hope that spreads.
| CamperBob2 wrote:
| You're both right; it's an interesting question. Something
| that can't be used maliciously is probably not useful for
| much of anything at all. OTOH, when the potential for harm is
| far greater than the potential for good, as it arguably is
| here, that calls for extra discretion on the part of the
| developers.
| phil21 wrote:
| > as it arguably is here
|
| That may be understating it a bit. I honestly can't decide
| which is greater.
|
| Airtags as-is are nerfed for non-technical reasons as to
| make them more or less useless to me, despite their ability
| to be incredibly useful.
|
| For example:
|
| Due to the nag/anti-stalking alerts I can't put them on dog
| collars due to day-care visits. No way for others to
| whitelist a tag on their phone, or any way to silence it.
|
| Same goes now for the car. It's annoying to just toss one
| in each trunk in case of theft or whatnot, since the cars
| are shared.
|
| The privacy concerns have more or less turned this product
| into something of a very narrow usage band - aside from a
| personal bookbag or whatnot I don't see many other
| realistic uses at this time. Not useful for hiding in my
| power tools, etc. etc.
|
| I had pretty high hopes for these for some peace of mind
| (dogs), and I live in a high crime area so being able to
| track my expensive items has proven useful in the past. I
| was excited about expanding on this use until they started
| crippling them.
| bitexploder wrote:
| Meanwhile, you can get a cheap GPS tracker for the price of
| an AirTag or two...
| Syonyk wrote:
| And if you want it to report out, it has to have an active
| cell plan, and the power consumption is rather radically
| higher than "years on a button cell," so the device is
| bigger, it needs a clear enough view of the sky to get a
| GPS signal, etc. They're an awful lot less useful and less
| discreet. Again, not impossible by any means, but certainly
| quite a bit less convenient than an AirTag with a removed
| speaker.
| badwolf wrote:
| Or just get a Tile, that will ping any Amazon echo or
| Ring doorbell it goes near.
| olliej wrote:
| I just checked and all the reports of misuse so far don't
| seem to be "for months at a time". I can also get a
| prepaid sim with very little identification and there's
| no direct link from an arbitrary gps device to the person
| who used it.
|
| I think there was a brief surge in people abusing them
| because they _thought_ AirTags were untraceable, which
| they very explicitly are not. As apple says in the
| article they can directly go from an AirTag to the
| account that owns it.
| vineyardmike wrote:
| > I just checked and all the reports of misuse so far
| don't seem to be "for months at a time".
|
| Its also only like 6-8 months old at this point.
| drdaeman wrote:
| I don't think the typical issue is that someone can
| maliciously track some other person specifically for
| years. Longevity of the tracker is an added benefit, not
| what makes it different.
|
| Honestly, in my personal opinion I feel that only thing
| that's really different is the company's notoriety. It's
| no fun to bash Tile (people just don't have any beef with
| them), but kinda fun when it's Apple. And that they've
| actually sent out a viral idea ahead of product release
| focusing attention on this aspect (so, naturally, it
| echoes back).
| bitexploder wrote:
| That was kind of my point. People can buy these GPS
| trackers for the same price and have a stealthy
| surreptitious tracker. What's new is Apple made so omg,
| better freak out and write eleventy-one angsty articles
| about them. In this case I can't even muster an eyeroll
| at how silly it is.
| throw10920 wrote:
| I think that a key issue in this case isn't just that Apple
| made a device that could be used for tracking - after all,
| you could engineer or buy a different tracking device from a
| number of vendors - but that its feasibility was massively
| increased due to a unique Apple asset - its network of
| iDevices. That is, Apple released a product that was
| _uniquely good at tracking people due to an Apple-specific
| asset_.
|
| Slightly less, but still very importantly, there's the fact
| that by design you can't see if someone is tracking you
| unless you buy _another_ Apple product, which wasn 't an
| intrinsic engineering limitation, but just a choice that
| Apple made for their own profit.
| varenc wrote:
| Apple released an Android app that lets you check for
| AirTags separated from their owner near you: https://play.g
| oogle.com/store/apps/details?id=com.apple.trac...
|
| Of course you have to know about it and it only provides
| scanning when the app is open instead of constantly doing
| it in the background like iOS.
| jmull wrote:
| I think you're completely misunderstanding the threat model
| here.
|
| First the reality: Malicious actors interested in, e.g.,
| tracking other people or other people's things without their
| knowledge or consent, have many other options. To defeat them,
| an Apple product just needs to be somewhat less
| convenient/useful/cost-effective than some of the many other
| options.
|
| Second, the perception: Apple needs to convince their customers
| and potential customers that _they care_ and they'll _do
| something_ when there's an issue.
|
| As released, they pretty much had number one covered, though
| improvements are always good. So they are mostly working on
| number two... it's good when there are actual improvements, but
| that's not the main point.
| darkwizard42 wrote:
| These feel like welcome changes. Don't think it addresses all the
| past concerns.
| tssva wrote:
| It addresses none of the key past concerns. Specifically the
| ability for the devices to operate with their speakers disabled
| and no effective means for non-iPhone users to detect they are
| being tracked. The Android app Apple released is basically
| useless since it requires manual scanning.
| dwaite wrote:
| > The Android app Apple released is basically useless since
| it requires manual scanning.
|
| It is better than nothing. The limitation on background
| scanning is likely due to Android + diverse hardware not
| providing a low-power way to do such a thing.
|
| The more effort Apple takes to bind an Apple ID to a real
| world identity, the more consequence comes from abuse of a
| tag. The alerting serves to make that consequence more
| likely.
| Gigachad wrote:
| Mostly all seem ok. The only one that makes me a little sad is
| the precision finding tool will make it easier for thieves to
| spot tags on bikes.
| writeslowly wrote:
| > We hope this starts an industry trend for others to also
| provide these sorts of proactive warnings in their products.
|
| I guess they're hoping Tile (or whoever else) will feel obligated
| to create similar nerfs or annoyances on their trackers? I
| thought this was interesting because this is one time vertical
| integration (having a huge network of iPhones) is putting an
| Apple product at a competitive disadvantage
| eternityforest wrote:
| This kind of scares me. Privacy first tech groups seem to be
| getting more vocal about trying to change the whole industry.
|
| I hope someday we have a fully open global tracking network,
| not affected by Apple an Mozilla and all the rest who seem to
| want to destroy any technology that can be used to invade
| privacy, regardless of how many legitimate uses it has.
| olliej wrote:
| Can you give examples?
| eternityforest wrote:
| Battery Status API, Ambient Light are the two big Mozilla
| examples I know, but I suspect the list may be fairly long.
| I believe they are also against web bluetooth and serial.
|
| Apple has some permission stuff that apparently degrades
| Tile on their platforms IIRC.
| vineyardmike wrote:
| I really thought that Tile would release some sort of fixed
| LoRa type antennae in popular areas (SF, LA, NYC) managed by
| them that would act as supplements to their app tracking
| which they knew was mediocre. I've never been able to
| successfully use Tile's tracking, and AirTags work great.
|
| I think the Amazon Sidewalk has a lot of potential in this
| space as a viable alternative to the iDevice network apple
| has. Google should def release competition that can leverage
| their device network too, considering their comparable
| hardware penetration.
| micromacrofoot wrote:
| I'm not always a fan of Apple's decisions, but short of pulling
| AirTags off the shelves and scrapping the product entirely,
| they've gone far beyond any of their competition (Tile) with this
| stuff.
|
| Ultimately, maybe we're better off just losing things sometimes.
| unethical_ban wrote:
| Exactly - this seems like the kind of thing where the only way
| to really mitigate its abuse is to not have it at all.
|
| "Your scientists were so preoccupied with whether or not they
| could, they didn't stop to think if they should." - Dr. Ian
| Malcolm
| quantified wrote:
| Let's see how hard it is to neuter the sound generation within
| the AirTag itself. If it's silent itself, an Android or no-
| device trackee is vulnerable.
|
| There is not much tech that lacks unpreventable malicious use.
| Needs to be expected for pretty much anything.
| Syonyk wrote:
| Trivial.
|
| https://mashtips.com/remove-airtag-speaker/
|
| Or just buy a pre-modded one.
|
| https://uk.pcmag.com/mobile-phone-
| accessories/138509/silent-...
| Spivak wrote:
| You don't have to actually do that. The devices aren't
| directly authorized by Apple. So long as you broadcast the
| right beacons over BT you can make any device findable by the
| Find My network.
| zingplex wrote:
| Would it be possible to design the device to detect if the
| speaker has been tampered with? Perhaps having some sort of
| microphone on board to detect whether the speaker is
| functional would work.
| mperham wrote:
| I get an alert every time I ride my wife's bicycle. It would be
| nice to be able to mark her tags as ok to be near me.
| closetohome wrote:
| Being able to share AirTags via a family iCloud account seems
| to be a pretty commonly requested feature. It does seem a
| little silly that I can track every device attached to the
| account but not AirTags.
| dwaite wrote:
| I suspect they are working on it, but the crypto is privacy-
| preserving enough to make centralized authorization
| management hard.
|
| Specifically, you get a cryptographic secret when you pair
| the key, it broadcasts as a bluetooth beacon with encrypted
| messages based on that secret and current time, that get
| reported up to an Apple service.
|
| When you want to see your accessories, your device will
| compute the encrypted messages at appropriate times and have
| apple search for them.
|
| However, there's no network push to an AirTag available to
| tell it to rotate keys. You could grant more people to see a
| tag by sharing the secret - but you then could not remove
| that permission without physically resetting the tag.
|
| I suspect the solution will eventually be having derived keys
| from the secret and date, and date-based "leases" for
| permissions - I share the current key to allowed peers. That
| would mean revocation might be represented in the UX
| immediately, and take a day (or some other time period) to
| actually start to fail cryptographically.
| dwaite wrote:
| sorry I didn't mean the MAC address but rather an HMAC-
| based key derivation. I suspect they rotate MAC addresses
| every half hour or so, but the broadcast itself is
| encrypted such that you can't tell two belong to the same
| AirTag without knowing the secret.
|
| I might have a secret key for the AirTag, and the encrypted
| messages derive a new key each day based on the current
| date, then encrypt a check-in message based on the current
| time.
|
| If I share the secret key, its permanent access until a
| hardware reset of the AirTag. If I want to share "for a
| while", I just share a bag of those derived keys for the
| date range. The UX might represent it as not having a date
| range, and my devices which know the secret just
| periodically share out the derived keys when online to give
| out keys, and effectively make it so that any revocation of
| permission takes a week.
|
| The other option is for me to be able to share enough
| information with Apple's servers that (on permission
| change) it blocks the AirTag web service query itself. That
| won't help you with any shared secrets allowing someone to
| detect its the same tag even after MAC rotation.
| olliej wrote:
| I do think it should be possible to share encryption keys
| (ignore this MAC alas doesn't work because the MACs and
| randomized and rotate fairly frequently when in the
| vicinity of an owner's devices)
| ssully wrote:
| Even outside of family. I would buy an airtag for my dog for
| when my friend watches them. It'd be nice to drop off my dog
| and "share airtag with this user" so they can have a resource
| in case my dog got lost.
| seltzered_ wrote:
| "We plan to update our unwanted tracking alert system to notify
| users earlier that an unknown AirTag or Find My network accessory
| may be traveling with them."
|
| How does this work if one doesn't own an iPhone?
| cyral wrote:
| There is an Android app which allows Android users to see the
| same notifications.
| Gys wrote:
| https://play.google.com/store/apps/details?id=com.apple.trac.
| ..
|
| With 100.000+ installs it seems only a very small percentage
| of Android users is aware or cares
| teruakohatu wrote:
| Look at the reviews. It doesn't seem to work. It requires
| manual scanning and does not work in the background.
| bigmattystyles wrote:
| Yea, but philosophically, you shouldn't have to opt in (to
| opt out) - if I don't want to any part of apple's ecosystem,
| this forces me to actively opt out.
| Gigachad wrote:
| What do you want them to do? Shoot brain waves in to your
| skull to notify you without any device?
| bigmattystyles wrote:
| There's really nothing they can do short of not doing the
| airtags at all. The spectrum does not belong to them,
| it's leased to them and they are a user. We can ask for
| oversight.
| cyral wrote:
| What about Tile and other AirTag competitors? None of them
| even have an app to alert you to unwanted trackers at all.
| bigmattystyles wrote:
| No love for them either - but your retort is pure
| whatabout-ism - it doesn't address my core complaint.
| pantalaimon wrote:
| Does it also conveniently increase the coverage of the
| network?
| olliej wrote:
| Nope, that requires their magic low power networking chip
| thing
| ungoogled wrote:
| I'm sure they're frustrated that people keep using AirTags as
| tracking devices rather than local thing-finders, but I think
| there are good reasons for that.
|
| Local trackers have been around for a long time. I had a "TV
| remote finder" years ago that you'd stick to a TV remote (or
| keys), and it would beep when activated by a second device. More
| recently, Tiles work pretty well, assuming you don't need
| direction finding. Personally I don't regularly lose anything
| large enough to benefit from an AirTag. I need it for things like
| individual AirPods.
|
| But a small device with a worldwide range and no subscription fee
| that I can attach to a car or suitcase? _That 's_ a novel
| capability. I have one in both cars and my electric skateboard.
| badwolf wrote:
| > "TV remote finder"
|
| I was sorely disappointed when they announced the new Apple TV
| remote, and it didn't have airtag built into it.
| karaterobot wrote:
| > In an upcoming software update, every user setting up their
| AirTag for the first time will see a message that clearly states
| that AirTag is meant to track their own belongings, that using
| AirTag to track people without consent is a crime in many regions
| around the world
|
| That really should do it. I mean, in the unlikely event that a
| message to first time users doesn't solve the problem of people
| being stalked using AirTags, go ahead and keep working on the
| other updates. Belt and suspenders. But my guess is, it won't be
| necessary.
|
| They should consider adding a message for iPhone users to tell
| their friends with Android phones that they "should be really
| careful not to get tracked by AirTags, because there's no way
| they'd know about it".
|
| /s
| theshrike79 wrote:
| They can just install an app if they're worried about being
| tracked by AirTags:
| https://play.google.com/store/apps/details?id=com.apple.trac...
|
| Just remember to add the Tile app too, it does the same thing.
| alkonaut wrote:
| 99% of the tracking notifications are given to my family members.
| It's hilarious that you can't "join" a family members tag so it
| can be shared within the family.
| todd8 wrote:
| I like the functionality of the AirTags so I don't want them
| nerfed, but I can think of no way to fix their fundamental
| problem of being such easy to use stalking devices.
|
| Chefs knives are great for cooking and are inexpensive and easy
| to purchase; they can be very dangerous weapons in the wrong
| hands so we make it against the law to use them in that manner.
| Maybe that's the best we can do with AirTags.
| post_break wrote:
| Just keep nerfing it Apple. They made the beeps louder with this
| new update too. So every time my wife borrows keys, my car, etc
| it's gonna go nuts. I guess I'm going to have to rip the speaker
| coils out of all of them at this point.
| r00fus wrote:
| TBH sharing keys is a nightmare even without airTags. Honestly
| recommend each spouse gets their own key to each vehicle. Once
| my wife had her keys stolen and we made do for a year sharing
| my car key and it was hell (because both of us prefer the EV to
| the minivan).
|
| I don't track keys but I track my wallet and my wife does not
| need or ever ask for that.
| 6sp wrote:
| Luckily keys are on the way out. Between a August Smart Lock
| and a Tesla I haven't carried keys in years and I don't miss
| that nightmare.
| pavel_lishin wrote:
| How are fobs different in this scenario?
| r00fus wrote:
| You can drive your Tesla using your smartphone app or
| other devices.
| zht wrote:
| unless if their servers go down, in which case you can't
| unlock your car
| wewtyflakes wrote:
| I may be incorrect, but I believe once you are near the
| car that it can connect via Bluetooth and operate over
| that local network, rather than going through the public
| internet and routing commands through Tesla's servers,
| but again, I could be misunderstanding how those features
| operate.
| bloggie wrote:
| Proximity unlocking does not rely on LTE, and still
| works. Remote unlocking using the app would not work,
| because it relies on LTE. So the car can still be
| unlocked and used as normal in areas where there is no
| cellular reception. This is not some egregious oversight.
| KennyBlanken wrote:
| Or the cellular network goes down, which happens about
| once a year during a bad winter storm.
| gnicholas wrote:
| It's nuts that there's no family sharing ability, which would
| moot this common issue.
| FireBeyond wrote:
| Or just buy them on eBay, pre-silenced.
|
| I'm really not exactly sure what happened here in this
| "update", other than "FYI, we'll give out information after
| being subpoenad" and "we'll also include a dialog to say "don't
| track people with these"."
|
| "So, basically nothing, then?"
| post_break wrote:
| It will alert people that they are being tracked even sooner
| than the threshold now, and it will now play an even louder
| alert tone.
| isoprophlex wrote:
| Are airtags still useful for eg. tracking a stolen bike? Or will
| it now alert the thief within minutes that the bike contains a
| tracker?
| mmastrac wrote:
| I don't think you can simultaneously limit unwanted tracking
| and still track thieves surreptitiously. Basically both are
| "unwanted tracking" by the "victim".
| dwaite wrote:
| There are details not exposed outside of NDA, but my suspicion
| is that there is a requirement that MAC rotation happen more
| slowly, like every 15 minutes, and it is a bluetooth MAC and
| the actual GPS/cell based 'movement' which together trigger an
| alert.
|
| If a bike's Find My support randomized its MAC on every
| broadcast, it may very well not be possible to tell that it is
| not a new device each time. That might not be allowed per the
| licensing agreement, and that might be something that Apple has
| heuristics to detect and alert on.
| varenc wrote:
| I believe an AirTag stops randomizing some broadcast
| identifier when it's separated from its owner. The AirTag by
| itself has no location awareness. But when an iDevice sees
| the same separated AirTag at multiple locations it fires the
| alert.
| [deleted]
___________________________________________________________________
(page generated 2022-02-10 23:00 UTC)