Current user device protection solutions, such as Apple's Find My iPhone, or Google's Find My Device, exist a moral paradox. While these features allow users to know where their device is in the case of theft, it also tells companies like Apple or Google to know its location, and also the location. of the user. Whether or not companies exploit that data is something users cannot know.
The problem seemed to be even worse when during the recent WWDC 2019 event, Apple introduced the new Find My feature on iOS and MacOS, with a solution to use Bluetooth signals from nearby Apple devices to Locate user devices. This seems like a new disaster of privacy when revealing your device location to many other parties, in addition to Apple.
However, Apple quickly reassured people that their new features were based on a sophisticated and complex encryption system, that Apple itself could not know the location of the device. But at the same time this system still allows the owner to determine where his device is located.
This paradox solution turns out to be just a tip for at least two of your Apple devices. Each device will create a constantly changing key so that nearby Apple devices can be used to encrypt and upload their location data, but only the remaining Apple device you Ownership can handle that key and decode that location.
This system will relieve the threat of tracking Bluetooth signals from users' Apple devices. Matthew Green, cryptographer at John Hopkins University said: "If Apple does exactly that, and there are lots of words if here, it seems that this will do things in a private way. Even if I keep track of you walking around, I won't be able to tell if you're the same person an hour ago.. "
In fact, Find My cryptography goes a step further, saying that even Apple cannot know the user's location based on the Bluetooth signal from their device. This will be a significant improvement in privacy compared to previous Apple tools like Find My iPhone and Find Friends, when there are no layers of protection against Apple knowing your location.
How does this system work?
Below is Apple's description of how this system works, step by step:
– When you set up the Find My feature for the first time on your Apple device, you will need at least two devices for this feature to work – when each device will create a private key cannot The guess is shared with each other through an end-to-end encrypted communication system, so only these two devices can decrypt each other's code.
– Each device will create a public key, used to encrypt its location data. It can only be decoded if the above private key is present. This public key code is the "signal" that your device will broadcast to nearby Apple devices via Bluetooth.
– Thanks to a special algorithm, this public key will change frequently, periodically changing into a new number, not related to the old number. Apple declined to indicate the change cycle of this key. But changing this key frequently will make it harder for anyone who wants to track your location via a Bluetooth signal.
Thanks to the large number of Apple devices in use, it can be used to locate your device lost.
When someone steals your MacBook, even if it is closed and disconnected from the internet, it still plays the public key via Bluetooth signal to Apple devices around.
– Now, suppose a stranger iPhone catches this signal, it will check its own location and encrypt that location data with the public key itself from the stolen laptop. Since the public key doesn't contain location information and often changes, the stranger's iPhone doesn't know the laptop's previous locations.
– At this point, the stranger's iPhone will upload two information to Apple's server: encrypted location, and hash code for the laptop's public key, acting as an identifier. Since Apple doesn't have a laptop's private key, it can't decode the laptop's location data.
– When you want to find a stolen laptop, you need to turn on your second Apple device – for example, an iPad, which contains both the private key and the same public key, is also periodically changed. same as laptop. When you touch the search button, the iPad will upload the hash code of the public key to the Apple server, so that the appropriate hash code can be found.
– A complicated detail here is that the hash code for the iPad public key will not be the same as the hash code of the stolen laptop, since it has been changed many times since the stranger's iPhone recognizes and Upload it. It seems that your iPad can upload a series of hash codes of previous public keys, so that Apple can rearrange them and show the laptop's location when detected.
– Apple will send the laptop's encrypted location to your iPad, and since your iPad has a private key, only you can decrypt it and know the location of the laptop. Meanwhile, because the hash code is designed to be irreversible, Apple cannot use it to determine the device's public key and track the user's location.
Obviously this is a complicated process, although Apple said the descriptions have been greatly simplified, and that the system will continue to be changed before actually releasing on MacOS Catalina and iOS. 13 at the end of the year.
Refer to Wired