In this AppSalat you can find out how OpenHaystack managed to uncover Apple security gaps. Thanks to Alexander Heinrich and Milan Stute from TU Darmstadt, who contacted us for their research.
According to rumors, Apple’s AirTags are small transmitters that can be attached to everyday things so that they can be found using the “Where is?” App. This app is of course already available on iPhone, iPad and Mac. It currently shows the location of your own Apple devices and those shared by friends and family members.
These codes are played on a BBC Micro: Bit. This is a small Bluetooth transmitter that serves as an AirTag in this case.
Now it sends out signals that are recognized by nearby iPhones. These then save the current location in encrypted form in the Apple “Where is?” Network. The location data is then downloaded again on the Mac, decrypted and displayed in the app.
Enjoy with caution
The small project is actually a research work by security researchers at the Technical University of Darmstadt. They want to reveal that the location history of macOS can be traced back up to nine weeks even by malicious applications.
As interesting as this temporary concept of the app may sound, it is advisable not to use OpenHaystack in everyday life. Namely, the above code becomes generated only once and no longer changed, which means that the whole thing is not so certain. However, the developers want to incorporate this security mechanism in the future.
Despite the security gaps discovered by the employees and students, Apple has not yet paid out a security bounty for this.
Where can I try OpenHaystack?
You can get OpenHaystack for free from Github page of the project. Before opening it for the first time, you have to allow the app to run. You can do this in the system settings under “Security”.
India and Pakistan’s steroid-soaked rhetoric over Kashmir will come back to haunt them both clenbuterol australia bossier man pleads guilty for leadership role in anabolic steriod distribution conspiracy