The clever cryptography behind Apple’s “Find My” feature

You can track down your stolen MacBook, but no one else can—not even Apple.

The 2018 15-inch Apple MacBook Pro with Touch Bar.

Enlarge / The 2018 15-inch Apple MacBook Pro with Touch Bar. (credit: Samuel Axon)

When Apple executive Craig Federighi described a new location-tracking feature for Apple devices at the company's Worldwide Developer Conference keynote on Monday, it sounded—to the sufficiently paranoid, at least—like both a physical security innovation and a potential privacy disaster. But while security experts immediately wondered whether Find My would also offer a new opportunity to track unwitting users, Apple says it built the feature on a unique encryption system carefully designed to prevent exactly that sort of tracking—even by Apple itself.

In upcoming versions of iOS and macOS, the new Find My feature will broadcast Bluetooth signals from Apple devices even when they're offline, allowing nearby Apple devices to relay their location to the cloud. That should help you locate your stolen laptop even when it's sleeping in a thief's bag. And it turns out that Apple's elaborate encryption scheme is also designed not only to prevent interlopers from identifying or tracking an iDevice from its Bluetooth signal, but also to keep Apple itself from learning device locations, even as it allows you to pinpoint yours.

"Now what’s amazing is that this whole interaction is end-to-end encrypted and anonymous," Federighi said at the WWDC keynote. "It uses just tiny bits of data that piggyback on existing network traffic so there’s no need to worry about your battery life, your data usage, or your privacy."

Read 7 remaining paragraphs | Comments

FBI Releases Article on Protected Voices Campaign

Original release date: June 06, 2019

The Federal Bureau of Investigation (FBI) has released an article on the Protected Voices initiative designed to mitigate the risk of cyber influence operations targeting U.S. elections. As part of the initia…

Original release date: June 06, 2019

The Federal Bureau of Investigation (FBI) has released an article on the Protected Voices initiative designed to mitigate the risk of cyber influence operations targeting U.S. elections. As part of the initiative, FBI offices are coordinating with political campaigns at the local, state, and federal levels across the country to make them aware of potential cybersecurity vulnerabilities. In partnership with the Department of Homeland Security and the Office of the Director of National Intelligence, FBI has also released a series of short videos to help political campaigns defend their computer networks. The videos include tips and best practices on topics such as setting strong passwords and defending against social engineering.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users to review the FBI Article and the CISA Tip Best Practices for Securing Elections Systems for more information. CISA encourages election officials or campaign staff to report suspicious activity to their local FBI field office and to FBI CyWatch at [email protected].


This product is provided subject to this Notification and this Privacy & Use policy.


VMware Releases Security Updates for Tools and Workstation

Original release date: June 06, 2019

VMware has released security updates to address vulnerabilities affecting Tools 10 and Workstation 15. An attacker could exploit one of these vulnerabilities to take control of an affected system.The Cybersec…

Original release date: June 06, 2019

VMware has released security updates to address vulnerabilities affecting Tools 10 and Workstation 15. An attacker could exploit one of these vulnerabilities to take control of an affected system.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the VMware Security Advisory VMSA-2019-0009 and apply the necessary updates.


This product is provided subject to this Notification and this Privacy & Use policy.