Security News > 2022 > May > How to reprogram Apple AirTags, play custom sounds

At the Workshop on Offensive Technologies 2022 on Thursday, security researchers demonstrated how to meddle with AirTags, Apple's coin-sized tracking devices.

In February, Apple responded to reports of AirTag misuse by announcing various changes intended to make its tracking tokens more difficult to use surreptitiously.

Stalking - via AirTags, similar trackers, or other geo-aware hardware like Apple Watch - remains an ongoing concern.

"The AirTag hardware and firmware design and their integration into Apple's ecosystem still allow us to deduce underlying security assumptions. Apple's threat model likely underestimated some attacks, especially stalking, since they improved protections with subsequent updates."

The boffins examined AirTag anti-stalking features and how they might be bypassed.

While the AirTag firmware currently has no publicly disclosed remote code execution flaws, were such a bug to become known, the researcher says, this sort of firmware downgrade could be used to run arbitrary code on AirTags.

News URL

https://go.theregister.com/feed/www.theregister.com/2022/05/27/apple_airtag_sounds/