News + Trends
Checkm8: New vulnerability found in iPhones - Apple powerless
by Livia Gamper
Apple's new «Find my...» feature is pretty awesome
24.10.2019
Translation: Eva Francis
iOS 13 and the new MacOS have made Apple devices even less attractive to thieves. You can now track or lock your lost iPhone, iPad, or Mac thanks to other users.
Apple and Android have had a function to track, delete or lock lost devices for quite some time. With iOS 13 and MacOS Catalina 10.15, Apple has added a brilliant new feature.
Let’s get this straight: the Activation Lock isn't the same as the passcode that you've hopefully set.
The problem is that devices which are only protected with a passcode can be reset to the factory settings with a hard reset. In this case, all data will be lost. This keeps others from getting at your private information, but it also erases everything else that’s on your smartphone, tablet or notebook.
Activation Lock, however, locks devices completely. If they are linked to Apple's iCloud via the «Find my» function, they cannot be reset to factory settings and they can only be unlocked entering your Apple ID and password.
The countless websites, tools and YouTube videos, which allegedly help to remove the Activation Lock don't work for up-to-date operating systems. Such a device is useless to any thief.
This is what’s new
iOS 13 and MacOS 10.15 make it possible to track or set an Activation Lock on a lost iPhone, iPad, Apple Watch or Mac from another Apple device.
This even works if your device isn’t connected to the mobile network or a WLAN. Apple uses small data packs («payload») for this function, which are sent via Bluetooth when connection requests are made. Here's the full presentation at WWDC 2019 (from 1:51:25).
This means that if you leave your iPhone in a bar or your MacBook is stolen from your bag at the airport, nearby Apple users can act as accomplices to track your device. You will need at least two Apple devices and the «Find my» function needs to be activated on all of them.
This is how it works:
- A private and a public key are generated locally for your devices. With the public key, data can be encrypted by anyone, but only you can decrypt it with the private key.
- The public key rotates and is only valid for a short time. This prevents someone from using your public key to identify you for a prolonged period of time.
- Your iPhone or Mac regularly sends a signal via Bluetooth that is picked up by other Apple devices.
- The foreign devices know where they are. They encrypt this information with the public key they just received.
- They send the encrypted location information, visible only to you, to Apple, along with a «fingerprint» (hash) of your public key. Apple thus knows which device is sending the information, but not who the device belongs to. You only know which hashes are near your device.
- Using your second Apple device, which uses the same private key, you mark your iOS device or Mac as lost (where is it?) or stolen (lock it!).
- Your second device sends the matching fingerprint (hash) to Apple, which searches its databases for millions and millions of active hashes nearby.
- Apple uses the hashes to transmit the desired signal to nearby devices that forward the command to your device.
The only conceivable chance for a tech-savvy thief of your iPhone or iPad is to find an omnipotent jailbreak. Yet, the recently released exploit for iOS devices checkm8 doesn't help thieves: this bug requires local access to a Mac that your iPhone already trusts.
If you've forgotten all passwords or bought a second-hand device by legal means, there's also an official way: Apple itself has a master key for all devices and can unlock devices with Activation Lock. This requires an appointment in the Apple shop and proof of purchase – otherwise Apple can't do anything.
A really smart move by Apple. Take that, thief!
By the way: Apple didn't invent this; there are several Bluetooth trackers that have a community function. Tile finders, for example, are available in our shop.
Aurel Stevens
Chief Editor
aurel.stevens@digitecgalaxus.chI'm the master tamer at the flea circus that is the editorial team, a nine-to-five writer and 24/7 dad. Technology, computers and hi-fi make me tick. On top of that, I’m a rain-or-shine cyclist and generally in a good mood.
41 comments
later