The following is a summary of an internal research project conducted by Hudson H. and Andrew G. Goals The Find My network consists of a billion Apple devices (AirTags, iPhones, AirPods, etc) that communicate using Bluetooth and ultra-wideband, helping each other geolocate lost devices and report them to Apple’s servers. Google has created the similarly-named but separate Find Hub network. Find Hub also relies on crowd sourced data to determine the location of Android devices. Given how ubiquitous Apple and Android devices are, it is possible to connect to either of these distributed networks from almost any populated location. What we set out to learn: How is location reported when the lost device has no connection? Can you send info back to that lost device? How strictly do these corporations regulate their network (i.e. stalking alerts, snooping on users’ locations)? Our ultimate questions: Can arbitrary Bluetooth devices use these networks for free geolocation? Can a secure communication channel for data transmission be established? Abstract This project demonstrates arbitrary data transmission using Offline Finding networks. Our custom protocol establishes a unidirectional communication channel that is robust, portable, and secure. It highlights critical differences between Apple’s Find My and Google’s Find Hub networks while exploring how unlicensed 3rd parties can piggyback off both of them. We propose deployment scenarios across a variety of architectures. Find My Protocol There have been many research papers published since crowdsourced location reports were added to Find My in 2019, so we read them all to aggregate the following understanding of the Offline Finding protocol. This involved understanding what Apple has patched since its creation. Image of Find My control flow [2] Pairing Public, Private, and Symmetric keys are generated using Elliptic Curve Cryptography (ECC). These are stored in iCloud keychain, while device stores only symmetric and public ...
First seen: 2026-01-19 19:31
Last seen: 2026-01-20 05:33