Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Have you read up on how Find My works? I don’t see how it’s a spy network when only the device owner can see where a device is.

Lots of people imagine that every Apple user, or at least Apple themselves, can track devices. But it doesn’t work that way.



> only the device owner can see where a device is

Apple itself can also see where it is. This automatically means the NSA can also see where it is.


Considering the NSA probably doesn’t allow an electronic product to be sold in the US without a back door, and every square inch of the surface of the US is probably being imaged by satellites, its not like this presents new risk to you.


Backdoors tend to be sloppy and invite more than who they were built for. Nobody needs another attack surface. Ignoring and disparaging legitimate privacy concerns is unhelpful antisocial at best, gaslighting for tyrany some less cheritable might say.


The implementation seems reasonable, but how are the private keys shared between devices? It should pass through Apple some time since a phone can decrypt a laptop’s location. Or do they use bluetooth whenever near?


Generally, they have special computers that basically self-destruct when tampered with, that handle transferring key material. It's in the Apple design docs if you read them.

Apple really tries to get this right. Some countries(like China) require the computers to physically live in the country, so there could be special implementation details that alleviate some of those security guarantees, but we don't really know.

Of course, if you live in China and rely on any vendor that operates in China to protect you from the Chinese govt, you probably are wrong.


If Apple can access your account, they can see any device location the same as you. Which means that three letter agencies also have access


This is true of literally everything with a modem in it. Tracking via tower triangulation has been around for 20 years or longer. Also the entirety of your browsing history is tracked and logged by your ISP and also given to three letters agencies. And companies like Google give basically unrestricted access to all your data. Nothing is private anymore.


> Also the entirety of your browsing history is tracked and logged by your ISP

Presumably a) this is websites, not web pages, and b) a VPN negates this?


It is every page you visit. Any time you make an HTTP request it's logged.

VPN might do a little but browser fingerprinting is virtually impossible to negate unless you're using Tor on TailOS, and Google/CloudFlare will still know exactly who you are through a VPN, and so therefore so will government agencies.


What should I read?




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: