Apple has not yet addressed a critical security vulnerability in its Find My network.

      Apple

      Apple's Find My network is an effective tool for locating your devices, but it possesses a significant security flaw that remains unaddressed. Researchers at George Mason University found that the network can be taken advantage of to track nearly any Bluetooth device—not just AirTags or iPhones—by leveraging a combination of Apple's network and a device's Bluetooth address. “It's akin to turning any laptop, smartphone, or even gaming console into an Apple AirTag—without the owner's knowledge,” stated lead author Junming Chen. “And a hacker can execute this remotely, from thousands of miles away, with just a small investment.”

      To grasp the exploit, it's essential to understand the workings of the Find My network. For instance, an AirTag sends out a Bluetooth signal to nearby Apple devices, which then anonymously transmits that signal to Apple Cloud. The anonymity is key to the exploit.

      Jesse Hollington / Digital Trends / Apple

      Because the Find My network is based on encrypted data instead of administrative access, the researchers were able to create a key that adjusts in real-time. They called it “nRootTag,” and alarmingly, it boasts a 90% success rate.

      The team tested this exploit on various devices with alarming results. They managed to determine a computer's location within 10 feet and tracked an airplane's flight path (as well as its number) by monitoring a gaming console brought onboard by a passenger. While the experiment showcases the capabilities of the Find My network, it also demonstrates how easily malicious actors could obtain sensitive information. AirTags have previously been misused to track individuals—one reason Apple plans to make the speaker harder to remove in AirTag 2—but nRootTag extends beyond that. The researchers easily traced VR headsets, smart TVs, and many other devices.

      Apple

      Qiang Zeng, another researcher on the team, emphasized a particularly alarming aspect. “If it's concerning for your smart lock to be compromised, it becomes even more terrifying if the attacker knows its location. With our introduced attack method, the attacker can achieve this.”

      The team notified Apple about this security issue in July 2024, and the company has acknowledged it in their update notes. However, no fix has been released yet. The exploit takes advantage of fundamental features within the Find My network, and implementing a remedy that doesn't hinder location tracking will require time—potentially years, as the team indicated.

      In the meantime, Chen advises keeping all devices and software up to date and being vigilant about any application requesting Bluetooth permissions, especially if such permissions are unnecessary.

      Patrick Hearn covers smart home technology like Amazon Alexa, Google Assistant, smart light bulbs, and more.

      AirPods are set to acquire Find My functionality and potential respiratory monitoring

      Apple's well-known white true wireless earbuds are expected to gain several new features with the general release of iOS 15, the most significant of which may be connecting a pair of AirPods to your Apple ID. This would provide a similar capability to locate them that Apple users currently have with their iPhones, iMacs, MacBooks, and iPads.

      The first indication of this feature appeared in the code for an iOS 15 beta release, as discovered by 9to5Mac. It appears that you will be able to associate AirPods Pro and AirPods Max with your Apple ID (unfortunately not available for regular AirPods owners). This would enable you to utilize Apple's vast Find My network to track down lost earbuds or headphones. Regrettably, the beta code also hints that, unlike the locking and remote wipe features provided for Apple's computing devices, there is no option to prevent someone who finds your audio equipment from disconnecting it from your Apple ID and claiming it as their own.

      Our first look at the Galaxy Z Flip 7 reveals more than just design

      We finally have an idea of what the Galaxy Z Flip 7 will look like, and its design is reminiscent of the Gameboy SP. The Z Flip 7 features a 3.6-inch cover display that unfolds into a 6.8-inch internal display, making it larger than its predecessor. Although this size increase is welcome, the Z Flip 7 is still smaller than other flip phones available in the market.

      These images stem from an official CAD render leak of the Z Flip 7, initially obtained by Android Headlines. While these leaks do not confirm the device's internal specifications, they do facilitate educated guesses based on the visible design.

      Pixel Watch 3 gets key health feature Apple Watch lacks

      Last summer, Google introduced the Pixel Watch 3, showcasing its “loss-of-pulse” feature. Regulators have now approved this function, which, according to the company, will be accessible to users in the U.S. starting in March.

      The “loss-of-pulse” feature is groundbreaking as it can detect when a user's heart stops beating. If this happens, the watch will automatically call emergency services