HOME About Services Blog Contact May 12, 2021 By Fabian Bräunlein It's possible to upload arbitrary data from non-internet-connected devices by sending Find My BLE broadcasts to nearby Apple devices that then upload the data for you We released an ESP32 firmware that turns the micocontroller into an (upload only) modem, and a macOS application to retrieve, decode and display the uploaded data: https://github.com/positive-security/send-my Being inherent to the privacy and security-focused design of the Find My Offline Finding system, it seems unlikely that this misuse can be prevented completely With the recent release of Apple's AirTags, I was curious whether Find My's Offline Finding network could be (ab)used to upload arbitrary data to the Internet, from devices that are not connected to WiFi or mobile internet. The data would be broadcasted via Bluetooth Low Energy and picked up ...