An exploit allows messages and additional data to be sent across Apple's Find My network, according to the findings of a security researcher.
Security researcher Fabian Bräunlein has found a way to leverage Apple's Find My network to function as a generic data transfer mechanism, allowing non-internet-connected devices to upload arbitrary data by using nearby Apple devices to upload the data for them.
The Find My network uses the entire base of active iOS devices to act as nodes to transfer location data. Bräunlein explained in an extensive blog post that it is possible to emulate the way in which an AirTag connects to the Find My network and broadcasts its location. The AirTag sends its location via an encrypted broadcast, so when this data is replaced with a message, it is concealed by the broadcast's encryption.
Bräunlein's practical demonstration showed how short strings of text could be sent from a microcontroller running custom firmware over the Find My network. The text was received via a custom Mac app to decode and display the uploaded data.
It is not immediately clear if this Find My network exploit could be used maliciously or what useful purposes it may serve. Nonetheless, it seems that it could be difficult for Apple to prevent this unintended use due to the privacy-focused and end-to-end encrypted nature of the system.
For more information, see Bräunlein's full blog post, which explains in detail the entire technical process behind passing arbitrary data through the Find My network.
Despite being more than two years old, Apple's AirPods Pro 2 still dominate the premium wireless‑earbud space, thanks to a potent mix of top‑tier audio, class‑leading noise cancellation, and Apple's habit of delivering major new features through software updates. With AirPods Pro 3 widely expected to arrive in 2025, prospective buyers now face a familiar dilemma: snap up the proven...
Tuesday April 22, 2025 10:22 am PDT by Juli Clover
Apple plans to release an all-new super thin iPhone this year, debuting it alongside the iPhone 17, iPhone 17 Pro, and iPhone 17 Pro Max. We've seen pictures of dummy models, cases, and renders with the design, but Lewis Hilsenteger of Unbox Therapy today showed off newer dummy models that give us a better idea of just how thin the "iPhone 17 Air" will be.
The iPhone 17 Air is expected to be ...
Thursday April 24, 2025 2:14 am PDT by Tim Hardwick
If you missed the video showing dummy models of Apple's all-new super thin iPhone 17 Air that's expected later this year, Sonny Dickson this morning shared some further images of the device in close alignment with the other dummy models in the iPhone 17 lineup, indicating just how thin it is likely to be in comparison.
The iPhone 17 Air is expected to be around 5.5mm thick – with a thicker ...
Tuesday April 22, 2025 5:01 am PDT by Tim Hardwick
A developer has demonstrated Windows 11 ARM running on an M2 iPad Air using emulation, which has become much easier since the EU's Digital Markets Act (DMA) regulations came into effect.
As spotted by Windows Latest, NTDev shared an instance of the emulation on social media and posted a video on YouTube (embedded below) demonstrating it in action. The achievement relies on new EU regulatory...
Thursday April 17, 2025 4:12 am PDT by Tim Hardwick
Apple's iPhone development roadmap runs several years into the future and the company is continually working with suppliers on several successive iPhone models simultaneously, which is why we often get rumored features months ahead of launch. The iPhone 17 series is no different, and we already have a good idea of what to expect from Apple's 2025 smartphone lineup.
If you skipped the iPhone...
Wednesday April 23, 2025 8:31 am PDT by Joe Rossignol
While the iPhone 17 Pro and iPhone 17 Pro Max are not expected to launch until September, there are already plenty of rumors about the devices.
Below, we recap key changes rumored for the iPhone 17 Pro models as of April 2025:
Aluminum frame: iPhone 17 Pro models are rumored to have an aluminum frame, whereas the iPhone 15 Pro and iPhone 16 Pro models have a titanium frame, and the iPhone ...
Apple seeded the third beta of iOS 18.5 to developers today, and so far the software update includes only a few minor changes.
The changes are in the Mail and Settings apps.
In the Mail app, you can now easily turn off contact photos directly within the app, by tapping on the circle with three dots in the top-right corner.
In the Settings app, AppleCare+ coverage information is more...
The first thought that comes to mind is someone installing a compromised IoT device that gains legitimate access to their network and then uses the Find My network to funnel data out of the network, bypassing any firewall rules that prevent the IoT device from communicating with the Internet at large.
It's the type of thing you'd see in a heist or spy movie to try and snag someone's password.
Another “IF YOU SET EVERYTHING UP JUUUUUUUUUST RIGHT, YOU CAN DO A THING!” from a security researcher. AirTags is the security gift that keeps on giving. Next week, “We’ve been able to determine that if you accelerate an AirTag at just the right speed towards a target that’s not trying to dodge and is totally aware and ok that you’re throwing it (though accelerate sounds cooler) YOU MAY BE ABLE TO HIT THEM!”
This could be used for some kind of Denial of Service Attack, couldn't it?
You set up a server that's just spamming the Find My network, then all the Apple devices are constantly bouncing these spam messages around. They may end up drowning out legitimate Find My network messages.
Waiting for someone to show a hack that executed the following steps: 1) uses forgot password 2) clicks try another device for access code pin 3) has a hamster run in a wheel to disrupt radio waves transmitting the secret pin 4) said wheel traps the secret pin and translated via a sudoku puzzle to the hacker 5) hacker inlists a millennial to decrypt the puzzle 6) millennial asks for gluten free juice cleanser for payment 7) hacker gets in!
This could be used for some kind of Denial of Service Attack, couldn't it?
You set up a server that's just spamming the Find My network, then all the Apple devices are constantly bouncing these spam messages around. They may end up drowning out legitimate Find My network messages.
From the source:
With the public key validity check implemented, everything worked flawlessly. While I didn't do extensive performance testing and measurements, here are some estimates:
The sending rate on the microcontroller is currently ~3 bytes/second. Higher speeds could be achieved e.g. simply by caching the encoding results or by encoding one byte per advertisement In my tests, the receiving rate was limited by slow Mac hardware. Retrieving 16 bytes within one request takes ~5 seconds The latency is usually between 1 and 60 minutes depending on how many devices are around and other random factors.
