I think most of those comments are missing the real point here. If an Apple product were ever used to stalk - or God forbid, harm - an individual, it would be a big national story. If a Tile or a Samsung tag (or an amazon gps tracker made for stalking) were used in the same way, it would likely only be mentioned in passing if the story were reported at all.
That's why it's so important for Apple to do this. Additional benefit - this may push other vendors to do similar things, pushing stalkers back to more tailored devices. That's still helpful, as it's a lot easier to show intent if someone uses a device like that (as opposed to 'whoops, I lost my airtag).
I spoke with Frank Wang on a few meetups in Shenzhen many years ago, back when DJI was still kind of a garage company.
Frank had big, nebulous ideas how he will be "engaging the civil society," "stakeholder negotiations," "industry wide self-governance body" blah blah blah to safeguard DJI from troubles.
I told him hiring lobbyists, and talking to officials, or even just making buzz about potential problems is a bad, bad idea.
Lawmakers can't ban things they don't know they can ban... unless you give them an idea.
Same thing with public reaction. People don't get outraged if they don't know why they should be.
In the end it came to that exact outcome, and drones are now in the process of being legislated to the ground, and effectively becoming unflyable by regular people without few kilograms of permits, and licenses.
He wanted to pride DJI on how government compliant, and safe his drones are, but instead just got them banned around every major city.
Personally I think privacy and crowdsourcing cannot go together, no matter how much algebra and privacy boilerplate is thrown in.
Not to downplay the difficulty of these things, but cryptography literally enables things that seem impossible, so I wouldn't write it off that easily
A stalker, not stupid and well-aware about the protection, visits iFixit for a picture of internals, takes a drill, and physically obliterates the buzzer, right through the case. Epoxy or superglue for protection from the elements.
So they plant an Airtag, it gets found by accident, shit hits the fan, Apple's name goes in the news, journalists start journalist things, people don't are outraged and demand Apple's repentance, AirTags made of diamond-covered vibranium, including a microphone to control the buzzing and stopping working if buzzer is broken. PR problem not solved, and the core problem of humans not understanding technology is not solved.
You eliminate 95% of the potential stalkers. It is hard to remember that for most consumers the idea of drilling into a thing made of Apple black magic is a foreign idea.
Plenty of them are in fact stupid, followed some advice from discussion forum without really understanding what they are doing and that is that.
That said, there is a foolproof way of preventing trackers from tracking you: like how the iPhone can warn you when a tracker than isn't yours is present (that's how the tracker works, after all!) then just make that feature open source and broadly available within Android. Poof, instantly you've reduced the need to worry about trackers to nil as both iOS and Android phones can thus warn users when trackers are following them and don't belong to them.
Because trackers must be registered, they actually become proof of stalking as much as they can harm individuals, if they can be caught in time of course.
It just comes with the mindshare, I guess.
it's weird to ascribe some kind of martyr-complex to how Apple is treated.
They're treated that way because they are by far the largest single corporation in the mobile game, not because the media has some sort of anti-apple fetish.
Lawsuit would follow.
Does any company have deeper pockets than Apple.
If my bag is stolen I want it to contain a hard to find device, not one that gives away its position (by warning the thief). I also want an easy mechanism to give the police temporary access to track it, til they catch the thief and get my stuff back.
Airtags are not for finding stolen things. They're for finding lost things.
I think what you described is a privacy nightmare that Apple very rightly wants to avoid. They do not want to make a small device that is hard to find and doesn't give itself away to allow people to track each other. At Apple's scale, it will be abused and there would be significant negative attention on Apple for that.
Pretty sure Van Moof is literally the first example of a third party Find My device and it sounds to me like it completely contradicts your (and Apple’s) statement about the scope and intended use of the Find My network.
A long while back, on a early Saturday morning, I was awoken by my doorbell and accosted by an angry father of a crying daughter who had had their iPhone stolen by someone at a bar the previous night. Well, "Find My iPhone" showed the dot location of the phone was my house, so it must be me... turned out it was a neighbor two houses down - thanks Apple.
The best GPS resolution available to civilians is about 8 meters (26 feet) - and that's under the best, most ideal situation using the best GPS receiver and a large antenna... things a small cell phone in a pocket or bag doesn't have.
Cell tower triangulation isn't much better either... although the two used in unison can provide better resolution, but still far from good enough to pinpoint an exact individual, or even house (if the device is near an exterior wall, it may appear to be in the neighbor's house).
Police can't exactly go up and search people on the street because some Apple service says somebody within 20-40 feet or whatever might have the device - doubly so for searching a vehicle or house without a warrant.
So, while these devices are great for personal use - they probably cannot be used for real law enforcement purposes.
I think “useless” is a bit extreme. After three days, the thief may notice it when it starts beeping, but before then it will track just fine. Clearly there’s a trade off here, but I think having anti-stalking protections is pretty important for a product that millions of people are going to bug.
Given that they talked about people scanning found AirTags and that they have those fancy looking holders for them, I can't imagine they expect the tags to be hidden. And if that's the case then a thief is going to know to take the AirTag off right away.
https://www.macrumors.com/2021/04/07/find-my-third-party-acc...
I like how much they thought about this issue.
Retrieving stolen items can be very dangerous, and Apple would want no liability from that.
1. The thief would probably still find the tracker.
2. You would probably still lose connection/track of the device.
3. Police would probably still be reluctant to travel to a private residence somewhere and try to find it.
4. Are you going to physically find and confront a criminal yourself?
Encrypt your digital devices, have backups and insure anything valuable. That is the better than using some tracker and spending your time trying to chase down criminals.
I'll definitely look if a easy to use bluetooth scanner/tracker is on fdroid and build one if not.
I also wonder how easy it is to generate random ids / ddos iphones in an area... since by default they listen and forward tags on users data connection.
edit: it beeps after 3 days so its nice enough to prevent a need for countermeasures
I don’t know where you live, but as somebody who previously lived in San Francisco, do you really think the police are going to actively pursue theft claims? It’s why car break-ins and petty theft are out of control in the bay area. The police don’t enforce laws, and certainly don’t actively track down stolen property.
It’s not great that the alert won’t trigger until you get home. At that point, the stalker now knows where you live.
For a very high value item, or for repeat offenses, it gives you a shot at getting your item back.
I believe this learning is done on-device, not relayed to the cloud.
Depending on whether you take Apple's statements at face value about how much they care about your privacy, that's either a big difference or a meaningless difference.
Because I found this article that says Tile trackers were used by bad actors
https://blog.malwarebytes.com/stalkerware/2019/07/helping-su...
So, if Airtags have stalking protections, why wouldn't I just use a Tile to track someone? They're sortof in the same ballpark of price and size.
Is it because Apple's scale is so wide that it makes their Airtags significantly better for stalking?
Ugh, so if I’m gone for longer than a weekend all my stuff at home is going to start beeping? I’m sure my roommate will love that.
"Sorry, we have too many other cases"
> Will having an Airtag's location be enough for a warrent?
Probably not (see answer #1)
> Will people become vigilantes and try to get their stuff back without law enforcement?
Some of them, surely. Most of them, no.
We already see this with things like bicycles that people are able to track down on Craigslist.
I don’t have answers but tech companies can’t create the tools that enable harm and then wash their hands of it. Good for Apple for doing _something_, points for effort.
I believe that's not 100% true because of a final failsafe: the AirTag will start making noise if it's separated for too long (the definition of which could be an issue) from the owner's iPhone. That failsafe works if the person doesn't even have a smartphone.
I don't know if there _is_ a perfect solution for this, but they are indeed trying.
I wouldn’t be surprised if removing the outershell or altering it would stop it making much noise. We’re in a situation where there is intention to hide the device, so making some effort to make it silent should be taken into account.
Surely stalking protection is doing exactly that? Couldn't I take a modded/hacked iPhone and track somebody elses tag all day long from near the edge of UWB range?
Apples original paper [1] said the signals emitted contained no unique/trackable identifier except to the key-holder who could link together all the rolling keys. Yet that can never offer this stalking protection feature.
Have Apple dropped the privacy protections they had in mind to enable this anti-stalker feature?
[1]: https://www.wired.com/story/apple-find-my-cryptography-bluet...
• An AirTag which is seeing an owning device might only be reporting its presence to that device. We can ignore those. (I'm guessing AirTags listen in some limited way, this still works if they don't, it just is always in the separated state.)
• An AirTag which is separated from its owning device will be broadcasting a public key in an "I'm separated" message.
This public key is rotated periodically, but is used for a while. When my phone sees an "I'm separated" message it will send a hash of the public key and a location (encrypted with that key) to Apple central.
If I'm in motion, and continue to see the same public key crying out that it is separated, then it is traveling with me.
Of course everything is way more complicated…
• It probably doesn't just switch to a new public key and stop using the old one, that would let you correlate them, so there is probably some period of overlap to complicate that.
• How to decide when to tell the user about the tag is a complicated problem. If I'm on a train traveling with a tag I don't recognize, I probably don't care. If I change train cars (I'm still in motion, but 98% of the tags around me changed) I might care. If am walking after getting off the train and most of the other tags are gone, except this one, I might care. If it's still with me when I get home, I care.
So if that suffix is 8 or more bits, as soon as you have an airtag on your keys, wallet, and bag, you've become a nice easy to track person.
If the suffix is less than 8 bits, then the 200 airtags around me in a classroom setting will always be falsely setting off the alert - at least one of those 256 possible suffixes will remain always in use for hours with every rotation.
Privacy 100% broken. Great.
From what I understand, when you find an airtag, you connect it to your device and it gives you the owners contact info. Anyone can get your phone number.
When you find an ottotag, you scan it and you contact the owner through ottomon. From here the GPS location is captured and communicated. All interactions are done through the service (ottomon.net). This layer act as a security layer where we filter out spam and possibly stalkers based on past behavior and other heuristics.
The two parties can communicate without revealing any information about themselves. So yeah, Apple could have made it much simpler, but they are my competitors now so let's keep this between us.
Edit: For more info -> https://www.ottomon.net/blog/privately-communicate-on-ottomo...
If you put it in lost mode. Otherwise, it doesn't reveal the owner's phone number. It's assumed that clicking lost mode and putting a phone number means you expect to be called about that lost item.
Being in lost mode will also give the owner a notification when it is found.
The airtags are also account locked the whole time and must be manually removed by the owner before someone else can use them.
Nobody had asked themselves this question.
So I think the parent makes a point worthy of discussion. If Apple is providing this protection for Airtags, why aren't they providing it for all devices?
The AirTags use a distributed bluetooth connection I think.
Let's say an abuser does use this, and goes on to track someone and then kills them (or commits some other very serious crime). The cops get involved, they start looking into it and discover (through a lapse in other privacy elements of this technology) that a third-party's iPhone was the one that gave away the location.
What are the third parties' legal defenses from the law to avoid being labeled an accomplice here?
The judge is going to be very annoyed at the incompetent prosecutor for wasting his time improperly trying to try anybody and anything connected to the actual actor as an accomplice.
[0]: https://www.amazon.com/Real-time-Tracker-Worldwide-Coverage-...
Is the argument really, “Are you aware that malicious actors can just go out and buy explosives, so there’s no point in making it difficult to turn a stove into an explosive device?”
Or maybe I make a device for the home. I work hard to secure it against malicious actors. Is anybody going to say, “Don’t bother, most people have insecure light bulbs in their home, so there’s no point securing this WiFi speaker you’re selling?”
I. Think. Not.
It’s always a good idea to reduce the threat area. Security for most people is not a simple binary “secure or not.”
---
Also, what’s with the phrase “domestic abuse activists?” Is that supposed to be some kind of slur? I’m baffled, it adds nothing to your argument, and in fact it hints at some kind of cultural bias on your part, which is irrelevant to the soundness of your reasoning.
All in all, my advice is to drop language like this unless you are specifically trying to make an argument about social activism. Sprinkling arguments with emotional devices like this subtracts from your message, it doesn’t add to it.
B) The airtags are more capable than those, more affordable, and easier to use
C) If you own an airtag, this will be available on a moment's notice. Is your wife going to get lunch with a friend? take it off your keyring and throw it in the glovebox. Boom, now you've got realtime tracking in about 5 seconds.
This obviously won't solve the problem of domestic abuse that existed before airtags were introduced, but it will go a long way towards not making it worse.
If someone has physical access to you and your devices, it will be very hard for you you be sure they are not tracking you. With a lot of Android devices, you can root them and get access to a ton of location data.
Many apps also store your location data. You can also side load apps that would do this even more so.
It doesn't add more "functionality" in the "tracking" use case, but it does make it more widely available to everyone and possibly easier to use than custom tracking solutions built with ESP32 chips.
I'm not saying to block the sale of AirTags, but they should really think through and make it impossible for misuse, otherwise reconsider if the value provided by this product is actually higher than the potential for misuse.
Some technology very much should not exist. “Tags that use an unsuspecting victim’s own phone to report their location back to a would-be criminal without their consent” is definitely on the list.
That being said, there are very easy ways to make this unusable for these cases, and I have no clue why they haven’t been implanted. Off the top of my head: a notification any time a tag has been away from it’s owners device for more than X time and has been around your device for at least Y time since, saying “it looks like XXX’s airtag has been lost and is with you, click here to message them”. Yes, this would sacrifice the privacy of the airtag owner, but it’s an opt-in, they only suffer if they buy an airtag. Compared to as-is a completely random unsuspecting person with no involvement in the ecosystem has both their privacy and security compromised.
That's exactly what Apple has done. This isn't even new information. It was part of the AirTags announcement on the 20th of April.
"iOS devices can also detect an AirTag that isn’t with its owner, and notify the user if an unknown AirTag is seen to be traveling with them from place to place over time."
https://www.apple.com/newsroom/2021/04/apple-introduces-airt...
> an AirTag separated from its owner for an extended period of time will play a sound when moved to draw attention to it.
How long is "extended"? It probably won't take more then 60-90 minutes to track someone.
This also sounds really annoying. Anytime I leave a tag somewhere I have to somehow be able to tell it "don't buzz" and if I forget it annoys all the people near where I left it. Leaving things at my parent's when going out while visiting, leaving things in a hotel room, leaving things in the gym locker, etc...
> If a user detects an unknown AirTag, they can tap it with their iPhone or NFC-capable device and instructions will guide them to disable the unknown AirTag.
So if don't own an NFC capable device? How many people would even know to "NFC" the tag or how?
Did you read past the headline? Apple is doing exactly this.
