Array

Apple’s Find My Network Could Be Exploited to Send Text Messages to Nearby Devices, Security Researcher Finds


Apple’s Find My network could be exploited to broadcast arbitrary messages to nearby Apple devices, a security researcher has found. The network is formally meant to help people find their lost items. It is claimed to have “industry leading security” as well as end-to-end encryption. However, research shows that the Find My network can enable a way to send any text messages — and not location details — to nearby devices including iPhone, iPad, and Mac.

Security researcher Fabian Bräunlein has found a loophole that allows exploitation of the Find My network protocol to send normal text messages to nearby devices. The researcher was able to transmit text messages by replicating the way an AirTag communicates over the crowdsourced network and sends its GPS coordinates as an encrypted message.

Bräunlein took reference from a recent study conducted by Germany’s Technical University (TU) of Darmstadt that was aimed to help developers build accessories for the Find My network. After understanding the protocol powering the network, the researcher developed a custom device with a microcontroller running a proprietary firmware to transmit the message. He also built a custom Mac app to decode and display the message from the device.

The proof-of-concept created by Bräunlein essentially replaces the location data that the Find My network normally broadcasts with text strings.

It is unclear at this moment whether the model developed by the researcher could be used to circulate malicious content over the Find My network. However, the extensive research conducted by Bräunlein shows that the protocol used by Apple could be moulded to broadcast not location data but content such as text messages.

Earlier this week, a German security researcher reported that the Apple AirTag could be hacked to replace the default Find My link with a custom link for NFC readers. This manipulation was similar in nature to what has now been found on the Find My network.


We dive into all things Apple — iPad Pro, iMac, Apple TV 4K, and AirTag — this week on Orbital, the Gadgets 360 podcast. Orbital is available on Apple Podcasts, Google Podcasts, Spotify, and wherever you get your podcasts.
Affiliate links may be automatically generated – see our ethics statement for details.

For the latest tech news and reviews, follow Gadgets 360 on Twitter, Facebook, and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel.


Samsung Galaxy F02s, Galaxy M02s Receive Android 11-Based One UI 3.1 Core Update in India: Reports





Source link


Apple’s Find My network could be exploited to broadcast arbitrary messages to nearby Apple devices, a security researcher has found. The network is formally meant to help people find their lost items. It is claimed to have “industry leading security” as well as end-to-end encryption. However, research shows that the Find My network can enable a way to send any text messages — and not location details — to nearby devices including iPhone, iPad, and Mac.

Security researcher Fabian Bräunlein has found a loophole that allows exploitation of the Find My network protocol to send normal text messages to nearby devices. The researcher was able to transmit text messages by replicating the way an AirTag communicates over the crowdsourced network and sends its GPS coordinates as an encrypted message.

Bräunlein took reference from a recent study conducted by Germany’s Technical University (TU) of Darmstadt that was aimed to help developers build accessories for the Find My network. After understanding the protocol powering the network, the researcher developed a custom device with a microcontroller running a proprietary firmware to transmit the message. He also built a custom Mac app to decode and display the message from the device.

The proof-of-concept created by Bräunlein essentially replaces the location data that the Find My network normally broadcasts with text strings.

It is unclear at this moment whether the model developed by the researcher could be used to circulate malicious content over the Find My network. However, the extensive research conducted by Bräunlein shows that the protocol used by Apple could be moulded to broadcast not location data but content such as text messages.

Earlier this week, a German security researcher reported that the Apple AirTag could be hacked to replace the default Find My link with a custom link for NFC readers. This manipulation was similar in nature to what has now been found on the Find My network.


We dive into all things Apple — iPad Pro, iMac, Apple TV 4K, and AirTag — this week on Orbital, the Gadgets 360 podcast. Orbital is available on Apple Podcasts, Google Podcasts, Spotify, and wherever you get your podcasts.
Affiliate links may be automatically generated – see our ethics statement for details.

For the latest tech news and reviews, follow Gadgets 360 on Twitter, Facebook, and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel.


Samsung Galaxy F02s, Galaxy M02s Receive Android 11-Based One UI 3.1 Core Update in India: Reports





Source link

More from author

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Related posts

Advertismentspot_img

Latest posts

Call of Duty League team owner suing Activision Blizzard for $680 million

Rodriguez — whose company owned and operated the Call of Duty League’s OpTic Texas team — and now-retired OpTic player Seth “Scump” Abner...

One of the last small-ish Android phones looks like it’s going the way of the iPhone Mini

As phone sizes trended upward, one small device stood its ground year after year: the Asus Zenfone. That appears to be changing soon,...

Want to stay up to date with the latest news?

We would love to hear from you! Please fill in your details and we will stay in touch. It's that simple!