Hacker News new | past | comments | ask | show | jobs | submit login

This is such a charade. Making "invisible" airtags is trivial [1], and I wouldn't be surprised if such airtags are being manufactured en-masse.

We allowed the creation of a global tracking network under the false pretense of privacy. The entire Find My security model falls apart when considering "malicious" tags, and Apple knew about this from the start.

[1]: https://github.com/Guinn-Partners/esp32-airtag




In that case, couldn't someone just make a tracker tag using GPS and a mobile connection?


GPS+mobile tracker:

- 4x the cost plus ongoing fees

- 2x larger

- can’t buy it at any big box store

- relies on a third party who can also see what you’re tracking

- battery limited to weeks, not years

Accessibility and features make these way more compelling


these devices are way more insidious though, a gps/mobile tracker would have more limitations due to it being less able to be hidden and less mobile.


Have you heard the term "defense in depth"?

In the security world, it seems accepted that no security effort is a silver bullet that's 100% impossible to get around.

Rather, it seems best practice to compose many layers of security efforts, which all work to raise the level of effort an attacker is required to exploit people.

So I think it's unfair to say this is a charade.




Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: