Tag Archive for: AirTags

Police disagree with Apple on security as Arizonans tracked with AirTags | CBS 5 Investigates

/in


PHOENIX (3TV/CBS 5) — Stalking through technology. Apple recently announced plans to add more measures to AirTags to cut down on unwanted tracking.

The Bluetooth devices are designed to track objects such as keys or backpacks, but reports are increasing across the country of the devices being used to stalk people.



Apple airtag tracking

Since the tracking devices were launched last April, the Phoenix Police Department has seen nine cases involving AirTags.




Apple’s website says it worked with law enforcement to update AirTag’s safety warnings, but there are concerns the efforts don’t go far enough.

Among the software updates that will happen later this year:

  • Alerting people sooner if a device is suspected to be tracking someone
  • A louder chirping sound if the device is separated from its owner
  • Instructions on how to find information on the device’s owner and disable the device.

Since the tracking devices were launched last April, the Phoenix Police Department has seen nine cases involving AirTags.

Detective Karrie Flanigan with the Mesa Police Department has worked on 5 cases involving spouses going through divorces or ex-boyfriends and girlfriends stalking each other.


Is my phone telling me I'm being followed?

What is…

Source…

Apple AirTags Are Being Used to Track People and Cars

/in


This development suprises no one who has been paying attention:

Researchers now believe AirTags, which are equipped with Bluetooth technology, could be revealing a more widespread problem of tech-enabled tracking. They emit a digital signal that can be detected by devices running Apple’s mobile operating system. Those devices then report where an AirTag has last been seen. Unlike similar tracking products from competitors such as Tile, Apple added features to prevent abuse, including notifications like the one Ms. Estrada received and automatic beeping. (Tile plans to release a feature to prevent the tracking of people next year, a spokeswoman for that company said.)

[…]

A person who doesn’t own an iPhone might have a harder time detecting an unwanted AirTag. AirTags aren’t compatible with Android smartphones. Earlier this month, Apple released an Android app that can scan for AirTags — but you have to be vigilant enough to download it and proactively use it.

Apple declined to say if it was working with Google on technology that would allow Android phones to automatically detect its trackers.

People who said they have been tracked have called Apple’s safeguards insufficient. Ms. Estrada said she was notified four hours after her phone first noticed the rogue gadget. Others said it took days before they were made aware of an unknown AirTag. According to Apple, the timing of the alerts can vary depending on the iPhone’s operating system and location settings.

*** This is a Security Bloggers Network syndicated blog from Schneier on Security authored by Bruce Schneier. Read the original post at: https://www.schneier.com/blog/archives/2021/12/apple-airtags-are-being-used-to-track-people-and-cars.html

Source…

How one coding error turned AirTags into perfect malware distributors

/in


One of the more frightening facts about mobile IT in 2021 is that simplicity and convenience are far too tempting in small devices (think AppleWatch, AirTags, even rings that track health conditions, smart headphones, etc.). 

Compared with their laptop and desktop ancestors, they make it far more difficult to check that URLs are proper, that SPAM/malware texts/emails don’t get opened and that emlpoyees follow the minimal cybersecurity precautions IT asks. In short, as convenience ramps up, so do security risks. (Confession: Even though I try to be ultra-vigilant with desktop emails, I do periodically — far more often than I should — drop my guard on a message coming through my AppleWatch.)

Another of the always-has-been, always-will-be cybersecurity realities is that small programming errors are easy to make and often get overlooked. And yet, those small errors can lead to gargantuan security holes. This brings us to Apple and Airtags.

A security researcher has come to the CISO rescue and found that an open area for typing in a phone number has unintentionally turned AirTags into God’s gift to malware criminals.

Let’s turn to Ars Technica for details on the disaster. 

“Security consultant and penetration tester Bobby Rauch discovered that Apple’s AirTags — tiny devices which can be affixed to frequently lost items like laptops, phones, or car keys — don’t sanitize user input. This oversight opens the door for AirTags to be used in a drop attack. Instead of seeding a target’s parking lot with USB drives loaded with malware, an attacker can drop a maliciously prepared AirTag,” the publication reported.

Source…

Apple to improve AirTags security with Android app, audio tweaks

/in


After a bit of backlash from users, Apple detailed two important changes to the way AirTags and the Find My network operate in order to prevent unwanted tracking on Thursday.

In a statement to CNET, Apple announced that it will make a detection app for Android to help prevent unscrupulous people from planting a device on someone and tracking their location without their knowledge. Currently, if your Apple device detects a Find My tracker (such as an AirTag or Chipolo One Spot) that doesn’t belong to you but is moving with you, you will be alerted. It’s a security measure to stop a stalker from dropping a tracker in your bag or pocket and knowing your every move.

But if you have an Android phone, there’s no way for you to know you’re being tracked. Apple will release an Android app to detect AirTags or other Find My trackers traveling with you. Don’t expect full Find My functionality on Android, though. This isn’t an app for you to find all your own devices (and friends) on a map, just an “unknown tracker” detector.

It’s a good measure, but one has to wonder how effective it will be. An Android user will have to download this app as a precautionary measure, or if they suspect they’re being tracked in exactly this fashion, and it’s hard to imagine a very large percentage of users will. Still, it’s an excellent security and privacy measure for those who have reason to fear being tracked but don’t own an iPhone.

Fortunately, Apple is also changing the amount of time an AirTag will wait before playing a sound. Currently, AirTags make a noise after three days separated from its “owner.” With a software update rolling out now, that time interval is getting shorter and harder to predict: a sound will now play at a random time between 8 and 24 hours. That’s arguably a much better protective measure to help prevent AirTags from being used to track unsuspecting people.

I have written professionally about technology for my entire adult professional life – over 20 years. I like to figure out how complicated technology works and explain it in a way anyone can understand.

Source…