TL;DR
This paper analyzes Apple's Crowd-Sourced Bluetooth Location Tracking System, revealing its privacy strengths and vulnerabilities, including potential for device tracking and location deanonymization despite strong privacy goals.
Contribution
It provides the first comprehensive security and privacy analysis of Apple's offline finding system, including reverse engineering protocols and identifying critical flaws.
Findings
Unauthorized access can lead to device tracking within 10 meters in urban areas.
Two design flaws enable location correlation and access to past location history.
Apple has partially addressed the identified security issues.
Abstract
Overnight, Apple has turned its hundreds-of-million-device ecosystem into the world's largest crowd-sourced location tracking network called offline finding (OF). OF leverages online finder devices to detect the presence of missing offline devices using Bluetooth and report an approximate location back to the owner via the Internet. While OF is not the first system of its kind, it is the first to commit to strong privacy goals. In particular, OF aims to ensure finder anonymity, untrackability of owner devices, and confidentiality of location reports. This paper presents the first comprehensive security and privacy analysis of OF. To this end, we recover the specifications of the closed-source OF protocols by means of reverse engineering. We experimentally show that unauthorized access to the location reports allows for accurate device tracking and retrieving a user's top locations with…
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Code & Models
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
