Who Can Find My Devices? Security and Privacy of Apple’s Crowd-Sourced Bluetooth Location Tracking System-Reference-Cited by-同舟云学术

Who Can Find My Devices? Security and Privacy of Apple’s Crowd-Sourced Bluetooth Location Tracking System

Published:2021-04-27 Issue:3 Volume:2021 Page:227-245
ISSN:2299-0984
Container-title:Proceedings on Privacy Enhancing Technologies
language:en
Short-container-title:

Author:

Heinrich Alexander¹,Stute Milan¹,Kornhuber Tim¹,Hollick Matthias¹

Affiliation:

1. Secure Mobile Networking Lab , Technical University of Darmstadt , Germany

Abstract

Abstract Overnight, Apple has turned its hundreds-of-million-device ecosystem into the world’s largest crowd-sourced location tracking network called o~ine finding (OF). OF leverages online finder devices to detect the presence of missing o~ine devices using Bluetooth and report an approximate location back to the owner via the Internet. While OF is not the first system of its kind, it is the first to commit to strong privacy goals. In particular, OF aims to ensure finder anonymity, prevent tracking of owner devices, and confidentiality of location reports. This paper presents the first comprehensive security and privacy analysis of OF. To this end, we recover the specifications of the closed-source OF protocols by means of reverse engineering. We experimentally show that unauthorized access to the location reports allows for accurate device tracking and retrieving a user’s top locations with an error in the order of 10 meters in urban areas. While we find that OF’s design achieves its privacy goals, we discover two distinct design and implementation flaws that can lead to a location correlation attack and unauthorized access to the location history of the past seven days, which could deanonymize users. Apple has partially addressed the issues following our responsible disclosure. Finally, we make our research artifacts publicly available.

Publisher

Walter de Gruyter GmbH

Subject

General Medicine

Link

https://www.sciendo.com/pdf/10.2478/popets-2021-0045

Reference52 articles.

1. [1] Oleg Afonin. Extracting and Decrypting iOS Keychain: Physical, Logical and Cloud Options Explored. Elcomsoft Co. Ltd. 2020. url: https://blog.elcomsoft.com/2020/08/extracting-and-decrypting-ios-keychain-physical-logical-and-cloud-options-explored/ (visited on 02/08/2021).

2. [2] Oleg Afonin. iCloud Authentication Tokens Inside Out. Elcomsoft Co. Ltd. 2017. url: https://blog.elcomsoft.com/2017/11/icloud-authentication-tokens-inside-out (visited on 09/03/2020).

3. [3] Apple Inc. App Review. url: https://developer.apple.com/app-store/review/ (visited on 02/09/2021).

4. [4] Apple Inc. Apple Platform Security. 2020. url: https://support.apple.com/guide/security/ (visited on 10/10/2020).

5. [5] Apple Inc. Core Location. url: https://developer.apple.com/documentation/corelocation/ (visited on 10/10/2020).

Cited by 20 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. Practical Obfuscation of BLE Physical-Layer Fingerprints on Mobile Devices;2024 IEEE Symposium on Security and Privacy (SP);2024-05-19

2. SoK: The Long Journey of Exploiting and Defending the Legacy of King Harald Bluetooth;2024 IEEE Symposium on Security and Privacy (SP);2024-05-19

3. HomeScout: Anti-Stalking Mobile App for Bluetooth Low Energy Devices;2023 IEEE 48th Conference on Local Computer Networks (LCN);2023-10-02

4. Penetrating the Silence: Data Exfiltration in Maritime and Underwater Scenarios;2023 IEEE 48th Conference on Local Computer Networks (LCN);2023-10-02

5. On Design and Performance of Offline Finding Network;IEEE INFOCOM 2023 - IEEE Conference on Computer Communications;2023-05-17