Trying to detect new Airtags from a stationary scanner #112
Replies: 5 comments
-
I've been looking at the |
Beta Was this translation helpful? Give feedback.
-
I wouldn't rely on this to work properly. Apple can differ between AirTags owned by the device owner and others, because AirTags get associated to the Apple ID of the owner device in the setup process. We already thought about this but came to the conclusion that it will probably not reliable enough, because the battery level is relatively stable and solely relying on the status byte can start to cause problems when more than one AirTag is present. |
Beta Was this translation helpful? Give feedback.
-
Could you share which bits represent what? And the battery state is just two bits? Hmm, then indeed it probably won't have a lot to work with for recognising a device based on its battery level. Which is good I guess, because otherwise Apple would have dropped the ball here :-D
How so?
Don't let perfect be the enemy of good? For my use case it would already be useful even if it's not perfect. Currently my system reports if a new airtag is detected based on the number of airtags it found during a scan. If the number increases, that's relevant already (provided the user doesn't live on top of a busy footpath). As you can tell, this currently creates a lot of instances there the system notifies that it detected a new tag. I'd like to make it a little more accurate. For example by trying to guess if an airtag is truly new based on the mac address and any other data that might be useful. increasing scan duration and doing some time-based averaging would probably also help. |
Beta Was this translation helpful? Give feedback.
-
From the research paper:
If my system could filter out airtags that are happily paired or connected, that might already help with finding potential stalker devices. |
Beta Was this translation helpful? Give feedback.
-
The document you linked to mentions that once That public key is only changed once per day? That seems to imply that an Airtag in the nearby/separated state could easily be tracked since key public key remains stable for an entire day? If that is correct, then might I be able to use that (first part of the) public key to keep track of which Airtags presence the user has already been alerted to recently? |
Beta Was this translation helpful? Give feedback.
-
I'm trying to inform users of my open source smart home project when an actually new Airtag appears, but it's quite hard to do, since stationary Airtags rotate the mac every 15 minutes.
What I'd be interested in (thinking of implementing it in my project) is a way to detect when Airtags change their mac addresses, so that I can ignore the Airtags that the user was already alerted to.
They seem to change their mac address at regular interval (15 minutes), so if the Airtag count isn't too high it should be possible to do this. And if there is a way to extract other more stable values (such as battery level) it would become even easier?
I'd be curious if you think this approach is useful and possible. Perhaps it could be a feature of Airguard too?
P.S. How does Apple do this? I suspect they can only inform you if a devices is travelling with you because they can check the location of the Airtag and the phone and see if they move together for a while? That would imply Apple's protection app would also have a harder time informing people about malicious trackers if they are stationary too? After all, it migh just be your upstairs neighbour's Airtag.
Beta Was this translation helpful? Give feedback.
All reactions