Apple's #Airtags are an ingenious technology: they fuse every Ios device into a sensor grid that logs the location of each tag, using clever cryptography to prevent anyone but the tag's owner from pulling that information out of the system. 1/ 
If you'd like an unrolled version of this thread to read or share, here's a link to it on pluralistic.net, my surveillance-free, ad-free, tracker-free blog:
pluralistic.net/2022/02/15/man… 2/
pluralistic.net/2022/02/15/man… 2/
But there are significant problems with Airtags' privacy model. Some of these are unique to Apple, others are shared by all Bluetooth location systems, including Covid exposure-notification apps and Airtag rivals like Tile. 3/
For example, minute imperfections in these devices' Bluetooth radio circuitry make it possible to uniquely identify them without having to bypass their encryption, simply by tracking the signature "fingerprint" of each radio:
pluralistic.net/2021/10/21/sid… 4/
pluralistic.net/2021/10/21/sid… 4/
That's an attack on the device's owner. But tracker tags also enable attacks *by* the device's owner. 5/
For example, there's a thriving market for Airtags whose speakers have been disabled (the speakers emit a chirp that is supposed to warn people if they are being tracked by someone else's Airtag):
9to5mac.com/2022/02/03/air… 6/
9to5mac.com/2022/02/03/air… 6/
Even without gimmicked speakers, tracking people with Airtags (and their competitors) is frighteningly easy. The @nytimes' @kashhill (consensually) tracked her husband around Manhattan with a constellation of these bugs.
nytimes.com/2022/02/11/tec… 7/
nytimes.com/2022/02/11/tec… 7/
Even with the chirping speakers, her husband - a press privacy advocate with a strong technical background - struggled to locate and de-activate the Airtags. Hill reports that many people - particularly women - are finding Airtags hidden in their cars, clothes and elsewhere. 8/
The far-reaching surveillance potential of these trackers was driven home by a stunt/investigation carried out by @LilithWittmann, who confirmed her suspicion that a German government agency was a front for a spy operation,. 9/
Wittmann mailed Airtag-bugged packages to it and watched as they were relayed to facilities used by the intelligence services ("the Office for the Protection of the Constitution").
lilithwittmann.medium.com/bundesservice-… 10/
lilithwittmann.medium.com/bundesservice-… 10/
It's a fascinating new operational security wrinkle that relies on the popularity and ubiquity of Apple's Ios devices; foiling it requires not just that a spy facility be mobile-phone-free, but that all the facilities that deliver its mail also adopt this measure. 11/
• • •
Missing some Tweet in this thread? You can try to
force a refresh
