"In research shared with Wired this week , security researchers detailed a series of vulnerabilities and design flaws with Life360's Tile Bluetooth trackers that make it easy for stalkers and the company itself to track the location of Tile devices. Tile trackers are small Bluetooth trackers, similar to Apple's Airtags, but they work on their own network, not Apple's. if you think someone is using them to track you without your knowledge."
"Tile devices do have a rotating ID, but since the MAC address is static and unencrypted, anyone in the vicinity could pick up and track that Bluetooth device. Other Bluetooth trackers don't broadcast their MAC address, and instead use only a rotating ID, which makes it much harder for someone to record and track the movement of that tag. Apple, Google, and Samsung also all use end-to-end encryption when data about the location is sent to the companies' servers, meaning the companies themselves cannot access that information."
Life360's Tile Bluetooth trackers broadcast a static, unencrypted MAC address even though they use a rotating ID. The static MAC address allows anyone nearby to pick up and record the device and link activity over time. The devices do not rotate MAC addresses or encrypt transmitted location information, which contrasts with competitors that use rotating identifiers and end-to-end encryption. The design choices expose legitimate users to tracking and increase stalking risk, and they allow the company to store or access location data in cleartext. Industry standards recommend MAC rotation and encryption to mitigate these risks.
Read at Electronic Frontier Foundation
Unable to calculate read time
Collection
[
|
...
]