Find My * 101

If you suspend your transcription on amara.org, please add a timestamp below to indicate how far you progressed! This will help others to resume your work!

Please do not press “publish” on amara.org to save your progress, use “save draft” instead. Only press “publish” when you're done with quality control.

Video duration
Not yet available
Language
English
Abstract
I'll introduce the technology underlying bluetooth trackers from Apple and Google, and will describe and show what can actually be seen on the air (using a hackrf/rad1o for example).

This is part demonstration of what is possible right now, part explanation of the underlying principles, and part invitation to would-be hackers to make creative use of this technology.

Apple's "Find My" network has been online for more than 5 years. Google has launched its own variant "Find My Device" this year. The Apple protocol has been previously reverse-engineered, while Google's specs are publicly available. Both take part in Detecting Unwanted Location Trackers (DULT), an IETF draft.

Underlying this is standard Bluetooth Low Energy (BLE) which can be analyzed, and toyed with, with all the standard BLE research tools. I'll show how to sniff and interact with these trackers using tools that many hackers might already have available.

Talk ID
38c3-542
Event:
38c3
Day
4
Room
Saal 1
Start
2:45 p.m.
Duration
00:40:00
Track
Security
Type of
Talk
Speaker
Henryk Plötz
Henryk Plötz
Talk Slug & media link
38c3-542-find-my-101

The video is not yet available