I revised the title many times. Am I giving the impact breadth of what it could be without veering into click-bait?

Bluetooth Low Energy MESH Network, it is built into the OS without any noted country exemption. Although there be will many air gaps, that is not what I mean.

https://www.apple.com/newsroom/2024/05/apple-and-google-deliver-support-for-unwanted-tracking-alerts-in-ios-and-android/

Some questions that came to mind reading it?

  • Can China even pull it out of the OS for good measure, hack it?
  • Even with topology of some enable, others disable, others wanting security will be reading bluetooth MAC addresses of un-consenting, disabled, for tracking of others whom have enabled, even if they are not being targeted. See below screenshots from the Internet Engineering Task Force presentation.
  • Is the Bluetooth freqz and combinatory fields bio-active in any regard of it’s function? Do plants stay healthy around “high intake” Bluetooth whatever that may be?
  • They mentioned other devices and Industry being involved, how many devices to we expect to also use this protocol in the future?
  • If we mapped it out, all of these devices thus operating, mapped out of the whole network with a Supercomputer, real-time, how much energy do you think it would be? How many BLE pulses per second, in a busy metropolitan area?
  • Who pushed for this TRACKING NETWORK I will be partcipating in whether I like or NOT (uptake)?
  • Where was the pre-planning market and socio-economic research on this presented beforehand?
  • If entities very intent on tracking you, will just disable/refuse the protcol, then why instead would Apple and Alphabet whom introduced the vulnerability, just …make thier own implementation secure?

So we’re going to skip this useless marketing-speak on 9to5 Mac - Here’s how the new Cross-Platform Tracking Detection works in iOS 17.5

As far as I can tell, there is nothing that says it doesn’t perform assessment of the MAC address in range, all of them, for “your” security of course. In fact, it seems in line with what they want to accomplish: Track all the trackers? Later safeguard them with a “Safefilter” online database check when Phone starts?

Did I get it wrong?

  • Elias Griffin@lemmy.worldOP
    link
    fedilink
    English
    arrow-up
    1
    arrow-down
    2
    ·
    6 months ago

    Thank you for adding this, erm, maybe a bit “insider” info, as I always wondered how easy and reliable it was to map MAC to Manufacturer on mobile devices. Given what you say, the IETF tracking database could technically contain, or used as metadta, for another system to identify all device models.

    Yeah, and what is that MAC generation scheme Apple/Android uses from a Security standpoint, what conditions make it regenerate and how often? How easy is it to map a “new” random MAC against a Model again when it re-enters the network and fingerprints itself again.

    Lots to think about it.

    • thisisnotgoingwell@programming.dev
      link
      fedilink
      English
      arrow-up
      3
      ·
      edit-2
      6 months ago

      I think you need to take the thought of “network” completely out of your mind. This protocol is specifically regarding devices such as air tags, which don’t have any network capability themselves but rely on “connecting” to Bluetooth of the manufacturers models. The phones themselves are what gives tracking information back, based on GPS of the phone that was in proximity of the tracker.

      The question that Google/Apple have is, how can we make sure people aren’t unknowingly being tracked by someone putting a physical tracker in say, your car. THAT’S the “protocol” part. A protocol is just an agreement on how a technology is going to be implemented. If your own tracker is following you that’s fine, the MAC address will keep changing. If someone else’s air tag is following you, your phone will know this tracker has been near you for some time, and will tell you.

      • Elias Griffin@lemmy.worldOP
        link
        fedilink
        English
        arrow-up
        1
        arrow-down
        2
        ·
        edit-2
        6 months ago

        I can appreciate your re-iterating of the fundamentals of extremely easy to understand tech, but instead of basic thinking, you just repeating the already presented text which anyone can read hopefully, I presented a case for how it could be used that meets all technical specifications and is therefore possible. Likely even, given big tech track record.

        This pheneomena of using tech “not as in the manual” is common. In fact, the Apache web server team was not sure it would work and the Internet adopted a series of HTTP patches as a whole unlike they intended.

        don’t have any network capability themselves

        That is just wrong and I can’t understand how you came to that conclusion. I also invite you to think of it as a network, because it is using Bluetooth in a network?

        • thisisnotgoingwell@programming.dev
          link
          fedilink
          English
          arrow-up
          1
          ·
          6 months ago

          Brother, I’m a 10+ year network engineer… Bluetooth is a low power, low speed, short range(30 feet) technology. The power of Bluetooth signals are over 1000x weaker than what cellphones use to connect to cell towers. There isn’t going to be any sophisticated “networking” happening between airtags. Your original post was almost gibberish, I had to struggle to arrive at the point you’re trying to make. You can call it a network if you want but you’re asking if it could be practical as a standalone, autonomous network and the answer is no. They lack the capability to communicate over any meaningful distance. Not much “networking” capability if it can’t talk to other networks. Others have struggled to talk sense into you so I won’t waste anymore of my time. Though I’d suggest that if you’re going to argue against logic then you should be more open to reason.

          • Elias Griffin@lemmy.worldOP
            link
            fedilink
            English
            arrow-up
            1
            ·
            edit-2
            6 months ago

            I’ve been doing everything in computers for 25+ years and have worked in SCI Government NOCs, including the network stack for every OS. Your text is so wierd, I think maybe you didn’t watch the IETF video did you? The networking isn’t between AirTags, where did you get that? So wierd The phones use Bluetooth Networking to connect to Bluetooth tracking devices.

            So, when the phone senses a tracker and tries to get it’s status, whom it’s tracking, etc, via the new protocol, you are saying it doesn’t use Bluetooth networking? And that if it does, it stays on the phone and does’t proliferate to other devices using Network Protocols?

            I’m sorry, but please watch the whole presentation.

            So in this Verge article where it says Apple and Android have integrated it into the “Find My Devices” networks for both platforms, it is somehow not using a network?

            If I were you, I would not start social media posts with your job experience if you didn’t read or watch any instructional material before you post, just to value your own career.

            I mean, that’s why I posted it, to hack the technicals details, take nothing for granted, and not assume anything.

            • thisisnotgoingwell@programming.dev
              link
              fedilink
              English
              arrow-up
              2
              arrow-down
              1
              ·
              6 months ago

              Yeah you’re obviously beyond reason and we’re speaking across different levels of intellect here. Bringing up NOCs shows you’re entry level, despite how many years of experience you have. Find my phone is a network because the phone which has cellular capabilities reports that to Apple/Google.

              It wasn’t my intention to start a dick measuring contest here but since it’s on the table, im a six figure(deep into six figures) engineer at a fortune 10 company. Your 25+ years of CompTIA A+ experience mean nothing to me. You’re talking to a CCIE.

              No one with any amount of intellect would call something communicating at layer two a “network”, though anything that transfers data between two devices can technically be called a network, “networking” is being able to communicate with OTHER networks.