<img height="1" width="1" style="display:none;" alt="" src="https://px.ads.linkedin.com/collect/?pid=2960562&amp;fmt=gif">
Primary_FullColor

Unmasking AirTags: the Power of Flying Fox Enterprise

Amy Devine

07/27/23

Apple's AirTags have revolutionized personal item tracking, emerging as discreet guardians of your belongings. Packed with Bluetooth Low Energy (BLE), Ultra Wideband (UWB), and Near Field Communication (NFC), these tiny dynamos connect your world to your Apple iPad or iPhone.

A pivotal element of AirTags is their seamless integration into Apple's expansive ecosystem, estimated at 2 billion devices. This intricate network constantly scouts for BLE beacons from AirTags, streaming their locations back to Apple's servers. Consequently, users can pinpoint their AirTag-attached items virtually anywhere with an Apple device connection.

Detecting And Countering Unauthorized Tracking

Despite Apple's efforts to avert unauthorized tracking via MAC address randomization and BLE packet encryption, security apprehensions persist. The inherent tracking capabilities of AirTags could potentially transform these convenient devices into silent spies, tracking individuals' movements or mapping out sensitive areas.

Understanding these potential security risks, our team at Epiq wondered: Could our all-encompassing wireless detection and location system, Flying Fox Enterprise (FFE), detect AirTags' silent whispers within secure areas?

Mapping the Invisible Pathways

Navigating through Apple's labyrinth of advanced encryption and MAC address randomization posed a significant challenge. However, during rigorous testing, our engineers uncovered a distinct pattern: the rise and fall of unique Apple-specific MAC addresses, each with a lifespan of roughly 30 minutes. This pattern, once deciphered, served as our breakthrough, verifying FFE's ability to detect the presence of Apple's AirTags within a secure environment.

After setting up a controlled setup equipped with our Flying Fox Enterprise (FFE) system, we began monitoring for possible BLE transmissions. The system employed its wideband RF detection capabilities to capture and dissect the dense traffic of wireless signals. During this rigorous testing, our engineers uncovered a distinct pattern in the clutter. Every Apple-specific MAC address detected by the FFE sensor appeared to have a limited lifespan of roughly 30 minutes. After this period, it would disappear, only to be replaced by a new MAC address in a continuous cycle.

In essence, we were witnessing Apple's MAC address randomization—a clever technique where AirTags switch MAC addresses regularly to evade tracking. However, having decoded the pattern, FFE was able to keep track of these changes, thereby ensuring the constant detection of AirTags in a secured space. Bingo! FFE could detect Apple's AirTags within a secure environment and enable you to execute your mitigation and security plans with confidence. It's not a wild goose chase!

In the following screenshots, we illustrate how FFE users can track the evolving MAC addresses, expected to appear at the same or similar locations as their predecessors.

Displaying Apple devices with 13 and 17 detections, where MAC addresses roll. This is captured in the FFE detection scan event pane.

FFE, AirTags detection #1

MAC address from 17 Apple events last detected at about 3:25pm. This MAC address subsequently disappears.
FFE, AirTags detection #2

A new Apple MAC address surfaces at 3:26 pm, a minute after the previous MAC address ceased beaconing, and commences its own sequence of beacons.
FFE, AirTags detection #3

Riding the Wave of Innovation with Enhanced Security

The ebb and flow of innovation and security is a dance we know well at Epiq Solutions. In our quest to stay ahead, we don’t just anticipate change, but try to stay at the front line, ensuring that security is never compromised, no matter how advanced or discreet the technology.

As you prioritize the safety of your secure environment, our groundbreaking solutions stand ready. Learn more about how FFE is bolstering security measures and you in safeguarding your secure environment from silent threats.

More Epiq Stories

Introducing Sidekiq™ NVM2: Small Form Factor MIMO SDR

Epiq Solutions is excited to announce the Sidekiq™ NVM2 - the latest addition to Epiq's small form...

READ BLOG

Sean Reminga

07/23/24

How to Troubleshoot an SDR in 6 Steps

If troubleshooting is an art, troubleshooting a complex embedded device like a Software Defined...

READ BLOG

Wyatt Taylor

04/29/24

Accelerating AI/ML Signal Processing: Epiq’s New Partnership with DeepSig

Today, we’re excited to announce a new partnership with DeepSig that will allow us to deploy...

READ BLOG

John Orlando

04/05/24

Welcoming CyberRadio Solutions to Team Epiq

Epiq has spent the last 14 years focused on bringing low-SWaP software-defined radio platforms to...

READ BLOG

Wyatt Taylor

12/07/23

Epiq Solutions Paves the Way for AI/ML Integration in RF Spectrum Analysis

The world of AI and ML is evolving at a rapid pace. While much of the fanfare is focused on...

READ BLOG

John Orlando

12/06/23

Still Epiq, Always Epiq

Over the past 14 years, Epiq’s team has been unwavering in its pursuit to become leaders in...

READ BLOG

Anastasia Hamel

10/03/23

AI & RF Sensing: Next-Gen Direction Finding Solutions

In an increasingly sophisticated wireless landscape, the need for situational awareness calls for...

READ BLOG

Wyatt Taylor

SDR

08/22/23

Introducing Sidekiq™ NV800: SDR for Advanced RF Spectrum Applications

Epiq Solutions is excited to announce the Sidekiq™ NV800 - the latest addition to Epiq's...

READ BLOG

Amy Devine

07/26/23

Make your RF Field Work Easier: PRiSM the Compact, Agile Powerhouse

The realm of RF engineering is witnessing a radical transformation, with the advent of agile,...

READ BLOG