AirGuard - Protecting Android Users From Stalking Attacks By Apple Find My Devices
Finder networks in general, and Apple’s Find My network in par- ticular, can pose a grave threat to users’ privacy and even health if these networks are abused for stalking. Apple’s release of the AirTag—a very affordable tracker covered by the nearly ubiquitous Find My network—amplified this issue. While Apple provides a stalking detection feature within its ecosystem, billions of Android users are still left in the dark. Apple recently released the Android app “Tracker Detect,” which does not deliver a convincing feature set for stalking protection. We reverse engineer Apple’s tracking protection in iOS and discuss its features regarding stalking de- tection. We design “AirGuard” and release it as an Android app to protect against abuse by Apple tracking devices. We compare the performance of our solution with the Apple-provided one in iOS and study the use of AirGuard in the wild over multiple weeks using data contributed by tens of thousands of active users.
We research Apple’s offline finding network Find My since the launch in June 2019. For this we reverse-engineered its functionality, implemented the first findable trackers (before AirTags existed) and now provide an automatic stalking protection system for Android users, which gets extended the longer it exists. In our talk we want to present all our three contributions and focus on our App AirGuard that protects Android users against stalking attacks with AirTags. We perform an ongoing user-study, which observes the risk at which users are and how many AirTags and other devices they discover throughout a day.