The airtag tracker has become one of the old Apple products which finally gathered a little controversy when it was launched. Easy to use and almost too easy to disappear, Apple’s new findings, my network is also criticized because it becomes a privacy disaster waiting to happen. Apple has worked to overcome some of them for several months since the airtag was launched, but the newly reported vulnerability was now threatening to endanger good iPhone users who took the time to help track the missing tracker owner.
Apple adjusts my system to accommodate new airtag trackers and ease of use. However, this convenience raises privacy concerns, such as how trackers can be used to follow people. There is even one vulnerability that allows airtag to be hacked and modified to do more than just broadcast the location.
For his credit, Apple has fix these problems when they come, but there seems to be no end that has not been seen in potential exploitation. The latest has been reported by the Broks on Revolveve around the lost airtag mode, where it allows the owner setting messages and contact numbers to call if the tracker is found. The problem is that there is no hard security check on the link that the user can use.
In one very reasonable scenario, a hacker will inject the URL into the telephone number field of Missing Fashion Airtag. The link will direct the user to the evil page disguised as the iCloud login page. People who are not realized, thinking of doing good deeds, entering the credentials on the page, giving hackers of some interesting data for further hacking, especially because people tend to reuse passwords throughout the service.
The report also touched Apple’s own behavior in handling bug reports from Bobby Rauch security researchers. There was a debate about the responsible disclosure of the vulnerability, especially after the company requested silence about this problem. That said, Apple has also been excluded for a long time because of its poorest handling of these reports, which often ended published before before Apple improved them.