←back to thread

Query Apple's FindMy network with Python

(github.com)
384 points nkko | 3 comments | 21 Dec 24 12:14 UTC | HN request time: 0.618s | source
Show context
Havoc ◴[21 Dec 24 14:44 UTC] No.42479967[source]
What are the chance that this keeps working long term?

Sounds awesome & makes airtags more appealing, but if apple is just going to shut it down next week then less so

replies(3): >>42480311 #>>42480903 #>>42482047 #
stonegray ◴[21 Dec 24 15:49 UTC] No.42480311[source]
Changing the underlying find my network to break this would be challenging if not impossible while keeping the privacy protections in place. Apple can’t identify devices sending data to find my, and doesn’t log requests. Short of changes that would break compatibility with older devices it should be relatively stable.

OpenHaystack has been doing this for a few years now and Apple has made no efforts to restrict it.

replies(3): >>42480336 #>>42480693 #>>42482091 #
gjsman-1000 ◴[21 Dec 24 15:52 UTC] No.42480336[source]
> Apple can’t identify devices sending data to find my, and doesn’t log requests.

So what you're saying is that a decent firewall could still inspect the traffic, or the patterns thereof.

Also, this doesn't make any sense, as if Apple doesn't know which AirTag belongs to who, Find My would be very useless; and law enforcement would be furious.

replies(1): >>42480403 #
stonegray ◴[21 Dec 24 16:04 UTC] No.42480403[source]
Airtags are associated with your apple ID for safety, but when you make a request for the location from Find My it doesn’t include any information about which airtag you’re asking about; just a CSPRNG-incremented public key that changes every 15 minutes. The location data itself is not available to Apple.

Here is Apple’s docs on how they prevent themselves from inspecting traffic on Fmi: https://support.apple.com/guide/security/find-my-security-se...

replies(2): >>42480638 #>>42480934 #
meindnoch ◴[21 Dec 24 17:29 UTC] No.42480934[source]
So how does Find My work on icloud.com then?
replies(2): >>42481480 #>>42481808 #
1. malmeloo ◴[21 Dec 24 19:52 UTC] No.42481808[source]
The short answer is that it doesn't. The iCloud website only shows devices that are actively uploading their location to Apple, such as iPhones and iPads. AirTags are not shown there, as they use the FindMy network instead (the whole other-devices-find-your-airtags mechanism). This library focuses on the latter.

Apple devices can query your AirTag's location because they sync its shared secrets through the iCloud keychain, which is used to generate temporary keys that can be use to download and decrypt the tag's location.

replies(1): >>42482031 #
2. meindnoch ◴[21 Dec 24 20:25 UTC] No.42482031[source]
>Apple devices can query your AirTag's location because they sync its shared secrets through the iCloud keychain

I see. But can't Apple simply read this data from my iCloud keychain? Or is this kind of data sharing through iCloud keychain e2e encrypted?

replies(1): >>42485299 #
3. malmeloo ◴[22 Dec 24 09:27 UTC] No.42485299[source]
As far as I understand, the keychain is indeed e2e encrypted and it requires at least one of your other devices to be online in order to sync. However last time I checked Apple still fails the mud puddle test, so there does have to be some kind of master key that decrypts the data in the case of account recovery.