Openhaystack: Build 'AirTags' – track Bluetooth devices via Apple's network

It's actually hilarious that whoever was in charge of Google's finder network decided to cripple the product's one and only function by prioritizing privacy.

In this tradeoff, Google gained a handful of articles mentioning the "innovative" privacy improvements (before the writers had a chance to test how terribly the network actually performs). For that, they sacrificed the chance to compete with Apple in this category, which outside of device revenue also weakens Android/Pixel ecosystem and market share. You really can't make up this level of incompetence.

It's hard to believe how Google could mess up their network so badly. Apple network shall be totally dwarfed.

As a nomad-traveler, the Apple network is not particularly relevant to me, I don't travel to the wealthiest cities with a lot of Apple phones, but to the "rest of the world" where Android market share is close to 90% dominance. But even there, it still seems that Apple is doing better than Google (...)

> From what I've heard Google made their version pretty bad

I have one on my keys. The one time I tried to use it, despite refreshing multiple times, it gave me a bubble with a quarter mile radius. It turned out to be in my bag right next to me.

Samsung's solution is not a subset, but a superior, separate concept.

It works incredibly well, even at the most remote countries' airports, villages, etc I can find my 2 tags. A peace of mind.

This guy concludes that Samsung SmartTag is the best, even if you are an iPhone user:

https://m.youtube.com/watch?v=9wefUV_bR0Y

Seems like they should just piggyback on FindMy also

I dunno, a less than perfectly all-seeing omnipresent tracking network actually is a little comforting

There is a setting, where you can disable that it needs to be seen by multiple phones.

There are versions that do not require the interaction with Apple Mail.

All you need is an Apple account - the code doesn't have to run on Apple HW: https://github.com/biemster/FindMy

You can buy GPS cellular trackers. Then just get a really cheap or even free IOT sim.

Alternatively you could probably just walk to your nearest drug addict hangout with case of bottled water and ask them to stop breaking into your stuff.

Hm, AFAIK AirTags rotate their private key anyway, so I don't know if that will help your problem. Maybe they rotate it slowly, though, I'm not very familiar with the exact algorithm.

In my submissions you can find a link to an article I wrote about OpenHaystack and those alerts. TL;DR, I was never warned by iOS about an OpenHaystack based tracker that I stuck inside my car for a while. That was a couple of years ago though, so things may have changed.

I think that's the wall in Apple's walled garden here. From reading the official Apple spec. for partners a while back, as part of the pairing process, something is signed by the device with a cert/key that apple issued to that developer (after coming to an agreement i.e - $$) - and, crucially, is different from the keypair that the device will use to actually broadcast. This is then validated by apple and thus allowed to be added to that apple-id's account and hence on to the app.

The keys broadcasted by the devices themselves in 'lost' mode (i.e. not in 2 way contact with the owner's device) are arbitrary and completely opaque, Apple doesn't have any way of tying them to an ID or device or developer. This is how the proposed project here works - these keys will always find their way to the apple server.

It seems like the knockoff ones have just hijacked a legit key for the pairing process. This means if Apple desires and finds out the key, it can probably remove all devices from all accounts - although the devices themselves will keep on broadcasting and their locations could be accessed in the above janky way. I wonder too if the original key owner might get a large bill for per-device royalties if/when Apple searches it's DB for a count of 'devices-added-to-an-apple-id-signed-by-this-key'...

The "chinese clone" are official supported, here is how: https://developer.apple.com/find-my/

The Chinese clones use the Apple FindMy program, so they are official tags which can be displayed in the app. The OpenHaystack is a hack which uses different keys, and can't be shown on the app for cryptographic reasons

The clones are limited though, are they not? Like, they don't have the directional stuff and all that do they? I may be misremembering what I've read elsewhere.

You can buy third party "Find My" compatible tags for about $5 from Temu or Aliexpress. Although they're about the same size as regular Airtags, they're:

- easier to take apart (if you want discard the casing), and

- cheaper

I took one of the ones I have out of its casing to see what could be made thinner, and I found that most of the thickness was due to:

- The batter holder (CR2032)

- The speaker

- The button

The speaker and button could probably be dispensed with after initial setup. The battery holder could be removed, and the power supplied from the side instead of the top (if you want a thin card-like form factor).

They make super-thin AirTag compatible cards that fit in wallets.

Here's my 8.5 lb calico cat with the AirTag* she's had on her collar since she was a 3-month old kitten:

https://imgur.com/a/r9EGSOc

*Photo taken a moment ago with Meta Stories glasses

Use this for my dog, it is super minimal...

https://www.amazon.com/gp/product/B09DCVFNFF/

Only thing is that I found that I needed to wrap the airtag itself with some clear tape to keep it from twisting itself out of the holder.

Yup, there was a project recently that used the airtag network to transmit data from a hardware keylogger. The computer could be totally gapped and the data still gets home via the typist's iPhone.

I saw someone use this to track his mail state. They have a contact sensor inside their mailbox that rotates the broadcasted key based on the trigger count.

If the key changed, aka a new different device is visible, you know mail has been dropped in, very clever !

Possible with https://github.com/dchristl/macless-haystack

I think you can (haven't tried), check this repo https://github.com/malmeloo/FindMy.py/blob/main/examples/rea...

Would love to know who downvoted this and why. Is this not a valid question?

If you had a laptop with Bluetooth, you could install this on it and find it if it were lost, I think.

Are the clones any good though? Where do you even get them?

I’ve been meaning to toy with smaller form factors. In theory a lot of gadgets with a battery could be made trackable.

It allows you to locate a fleet of object without having to rely on wifi / GPS etc

No, the BLE identities of these tags are currently practically indistinguishable from original tags, and could be made completely identical if necessary. In fact, changing the device's MAC address is part of the specification. What they could block, is the method used by these projects to fetch encrypted location reports. However, the original OpenHaystack project (this one) needs to run on macOS and lets the system handle account authentication, so it's unlikely to get blocked any time soon.

If I remember correctly, Apple was supposed to openly accept and encourage others to leverage their network and make more “AirTag” capable devices.