Apple really “where is?” In the past, there are already methods of how the network can be used to move further, its intention is not actually data.
Advertisement
A team of security researchers at the US State of Virginia now shows that Apple Service, called “Find My” in English, can also be misused for the tracking of other Bluetooth equipment in the region that is not integrated into the found network. According to researchers Kiang Zeng and Lisa Luo, they discovered a way to follow “almost every computer and every mobile device” in their paper that they had overright the “Find My Hacker”. to become “where is?” Bluetooth address of a device with? Joint“To convert target devices into involuntary radio bex”.
“where is?” Pass through location data through apple without approval of Apple
Exploitation named the name “Nroottag” and should be able to convert traditional Bluetooth devices into devices such as Airtags. The success rate is called “90 percent”. The central element of the attack is the fact that it should be possible, where is the crypto key “where is?” Is used as part of? To manipulate that the network believes that a traditional Bluetooth device is a real airtag. The researchers said, “When your smart lock is hacked, it is scary, but it becomes even more terrible if the attacker also knows,” the researchers said.
It should also be completely gone from a distance – from a distance of thousands of kilometers if necessary. The cost was only “some dollars”. Both Luo and Zeng have Associate Professor title in GMU Institute for Computer Science, developed a skilled key search method that you have a suitable “where?” To do this, neither the administrator right nor a privilege should be available. Instead, “Where is it?” The belief of the device is misused in the signals. The network is “where is an airtag or any other?” Integrated device addresses Bluetooth based on a cryptographic key. But the attackers do not have to do so. Instead, they just look for the key that fits on the Bluetooth address-and which works with the method mentioned in 90 percent of cases.
Lament: Apple Watch should not be called “coâ‚‚ neutrality”If users do not update, the patch may require years
It was found for various smart TV sets with Linux, Windows and Android and equipment with VR headsets. However, to find the key, the cloud-based gpus-handreds were used to find the key as soon as possible. Wrong keys can be saved in the rainbow table to be able to attack thousands of equipment at the same time. In addition to hackers, advertising companies may come up with the idea of ​​pursuing long distances in future, according to jumping chains, doctoral students and the lead author of the study. The group wants to present an accurate details of hack at the Usenix Security Seminar in Seattle in August.
Hack should be fixed by improving the check of the Apple device. In the summer of 2024, appropriate information was already sent to the group by GMU researchers. So far, however, information about a patch has not been given. It is also problematic that a large number of users will not update their devices – for various reasons, according to the chain. Where is “weak”? “Apple’s Findetzwerk is widespread as Airtags, as the instruments are very cheap. Mac, iPhones, iPads and other apple devices are used to transfer data including the status of equipment without user specially give to the user.
(BSC)
Cartel Guard IOS tracking in France wants to shut down security
