Hacker News new | past | comments | ask | show | jobs | submit login

Except that custom tags like these do not require an Apple device in order to use them, so the size of the network is not increased. They only increase the load on the network. FindMy is not a P2P/mesh network; all these tags do is broadcast keys which are picked up by iDevices, which then upload those reports to Apple.



Are the keys not tied to known apple products? Or do you make them up when you first register a device?

Trying to understand why apple doesn’t (or can’t?) already reject broadcast data from keys that are not apple products.


Two master secrets are randomly generated when pairing the AirTag for the first time, which are then saved to the iCloud keychain. Those secrets are then used to generate a new keypair every 15 minutes (at most), and the public key is broadcasted by the tag. Not only does Apple not know what the master secrets are in the first place (because they're stored in the keychain), but that's also an insane number of keys to compare against, with no real possibility to precompute them. And that's a big win in terms of privacy.


I would guess because they don’t care. The marginal cost is zero and I think they would only bother if someone ddoses or it becomes an issue.

Until then, more devices are probably positive for reducing potential pitchforking.




Join us for AI Startup School this June 16-17 in San Francisco!

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: