this post was submitted on 06 Nov 2023
215 points (92.8% liked)

Technology

59639 readers
3169 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 2 points 1 year ago* (last edited 1 year ago) (1 children)

I think the main concern is how easy and ubiquitous it is, while also being pretty hard to detect. No other transmission method lends itself so perfectly to this kind of attack.

And I wouldn't say it's that unlikely. Every publicly accessible keyboard could be targeted, like in schools or universities. Buy an identical model to those that are used in the computer room, modify it, switch it out, and wait for people to enter their emails and passwords.

[–] hemmes 4 points 1 year ago* (last edited 1 year ago) (1 children)

The potential to abuse Find My to transmit arbitrary data besides just device location was first discovered by Positive Security researchers Fabian Bräunlein and his team over two years ago, but apparently, Apple addressed this problem.

Not with Apple's network anymore apparently. But if you read the original PoC from 2021 they said Amazon's Echo devices have the same potential.

Ultimately, even the researchers have indicated the slow and unreliable nature of the attack (which now no longer works).

Small complication: public key validity. Having implemented both the sending and receiving side, I performed a first test by broadcasting and trying to receive a 32 bit value. After a few minutes, I could retrieve 23 out of the 32 bits, each one being unambiguous and with ~100 location reports, but no reports for the remaining 9 bits.

[–] [email protected] 2 points 1 year ago* (last edited 1 year ago)

I just watched a video by a German tech magazine the other day, with Fabian Bräunlein (the original researcher) demonstrating a keylogger using the Find My network. It's only 3 days old, so I don't think the main problem is fixed at all.