Find my hack (nRootTag): How Apple's network can be a potential tracking tool

Murcielago

Not GrapheneOS-related, but perhaps of interest to some:

George Mason University researchers recently uncovered a way for hackers to track the location of nearly any computer or mobile device. Named "nRootTag" by the team, the attack uses a device’s Bluetooth address combined with Apple's Find My network to essentially turn target devices into unwitting homing beacons.

https://cec.gmu.edu/news/2025-02/find-my-hacker-how-apples-network-can-be-potential-tracking-tool

fid02

Murcielago The authors forgot to link to the actual paper, which is here [PDF]: https://cs.gmu.edu/~qzeng2/papers/2025-security-nrootgag.pdf

Also, this comment by Dan Goodin of Arstechnica is interesting: https://infosec.exchange/@dangoodin/114077443305730420

The new "nRootTag" attack that transforms phones, computers and IoT devices into AirTags that can be tracked over Apple Find My sounds newsworthy at first blush. But it isn't until page 5 of the research paper that we learn the attack requires the successful infection of one device if it's running Linux and two devices when running Android or Windows.

Murcielago

fid02

Thanks for the useful addition (it also puts the article into perspective somewhat).