Share this page!

Matthew Green Profile picture
Twitter logo
29 Sep, 5 tweets, 2 min read
Ok I just want to follow this up with a sanity check: “Find My” uses Bluetooth, right? So keeping it active is *not* the same as simply powering the NFC chip, which I know was available in previous phones/OSes. Or is it?
I’m asking because I know that AirTags support NFC, but also Bluetooth. And maybe the NFC chipset also supports some kind of longer-range communications? Basic question is: does the phone application processor remain “on” to support this feature?
I like that Apple has made this feature so ubiquitous that its actual technical operation can be ignored. But I actually want to know what’s happening in my phone when it purports to be “turned off!”
Anyway: this matters because if the entire application processor has to be powered, and iOS is running, then this sounds like a much more vulnerable mechanism than powering a separate NFC chipset.
This article says more and indicates that it uses UWB and only works on phones with that chip. So maybe the OS is not running, and the beacons are caches. 9to5mac.com/2021/07/21/ios…

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Matthew Green

Matthew Green Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @matthew_d_green

Matthew Green Profile picture
29 Sep
Everyone on HN is puzzling about how to ensure open access papers. The answer seems very simple: just have funding agencies (NSF/NIH/DARPA etc.) require a link to an Arxiv/ePrint version for each paper mentioned in an annual report.
For those who haven’t seen the current NSF system: for each paper you’ve published in a given year, you need to convert it into PDF/A (!!) and upload it to a private archival service run by the DoE, one that (I think) taxpayers can’t access.
(This PDF/A thing, as best I can tell, is just a subsidy for Adobe Creative Cloud. Every researcher I know converts their PDFs using a sketchy .ru website so that DoE server must be a haven of malware.)
Read 5 tweets
Matthew Green Profile picture
28 Sep
“iPhone Remains Findable After Power Off” what I can’t keep up anymore.
So I guess “power off” doesn’t mean “off” anymore, it means the device stays on and does some kind of low-power nearfield communication. I’m trying to decide how I feel about this.
The off switch is buried in the “Find My” settings dialog, weirdly in a tab called “Find My Network” which might make you think it’s intended to… find your network… but actually I think this is some kind of branding gone wrong.
Read 9 tweets
Matthew Green Profile picture
19 Sep
@claudiorlandi The claim that the protocol is “auditable.” This is a strong claim that is being made to consumers and politicians. What does it mean? I think it means “the pdata [first protocol message from server]” is a secure commitment to the scanning database X. 1/
@claudiorlandi In other words, under the assumption of *a malicious server* the clients can be assured that (provided they check that their pdata is what Apple intended to publish) then Apple cannot scan for items outside of a committed database. And this is (at least privately) verifiable. 2/
@claudiorlandi My first observation is that while this “auditability” property exists in Apple’s public claims, no corresponding “dishonest server” properties exist anywhere in the formal description of the protocol. Check for yourself. 3/
Read 9 tweets
Matthew Green Profile picture
17 Sep
So this indictment is puzzling. It concerns Michael Sussman, a lawyer who organized the collection of DNS data from hosting providers allegedly for political purposes. Many of the companies are anonymized, can we tell who they are? (Thread) context-cdn.washingtonpost.com/notes/prod/def…
So we begin with “Internet Company-1”, which is a (major?) DNS resolver. Image
The executive in question (Tech Executive-1) claims to have been offered a position as Hillary Clinton’s cyberczar if she won, so maybe that’s a clue? Image
Read 6 tweets
Matthew Green Profile picture
14 Sep
A lot of pro-CSAM scanning arguments take the following form: “phones already have lots of opportunities (real and potential) for privacy abuse, so you’re stupid for minding when we try to introduce a new and highly-scalable one.”
And to some extent this argument is correct! It’s hard to believe this, but the iPhone (and mass-market smartphones) only launched in 2007. In 14 short years these devices have done more to erode user privacy than 114 years of all other electronic technologies combined.
From my perspective the only reasonable reaction for any technologist observing this incredible privacy collapse is: to wake up in the morning trying to fix it, and collapse into bed at night having spent the entire day trying to undo the damage.
Read 8 tweets
Matthew Green Profile picture
13 Sep
The thesis of this article is that Britain “tamed big tech,” but the actual legislation seems to require a few privacy switches for kids — switches that should be on for everyone under a reasonable regulatory regime. wired.co.uk/article/age-ap…
“Strange women lying in ponds is no basis for a system of government.” Image
The major observation here is that tech firms will do all sorts of things to “protect children” as long as they’re (1) relatively inexpensive, (2) don’t substantially harm their own financial interests. Which generally means doing ineffective things.
Read 4 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!

Follow Us on Twitter!

Like this author's thread?

Get emails when @matthew_d_green has new unrolls!

Check out other threads from @matthew_d_green!

Read all threads by @matthew_d_green

:(