OpenHaystack is a framework for tracking personal Bluetooth devices via Apple's massive Find My network. Use it to create your own tracking tags that you can append to physical objects (keyrings, backpacks, ...) or integrate it into other Bluetooth-capable devices such as notebooks.
OpenHaystack requires macOS 11 (Big Sur).
The OpenHaystack application requires a custom plugin for Apple Mail. It is used to download location reports from Apple's servers via a private API (technical explanation: the plugin inherits Apple Mail's entitlements required to use this API). Therefore, the installation procedure is slightly different and requires you to temporarily disable Gatekeeper. Our plugin does not access any other private data such as emails (see source code).
- Download a precompiled binary release from our GitHub page.
Alternative: build the application from source via Xcode. - Open OpenHaystack. This will ask you to install the Mail plugin in
~/Library/Mail/Bundle
. - Open a terminal and run
sudo spctl --master-disable
, which will disable Gatekeeper and allow our Apple Mail plugin to run. - Open Apple Mail. Go to Preferences → General → Manage Plug-Ins... and activate the checkbox next to OpenHaystackMail.mailbundle.
- If the Manage Plug-Ins... button does not appear. Run this command in terminal
sudo defaults write "/Library/Preferences/com.apple.mail" EnableBundles 1
- If the Manage Plug-Ins... button does not appear. Run this command in terminal
- Allow access and restart Mail.
- Open a terminal and enter
sudo spctl --master-enable
, which will enable Gatekeeper again.
In principle, any Bluetooth device can be turned into an OpenHaystack accessory that is trackable via Apple's Find My network. Currently, we provide a convenient deployment method of our OpenHaystack firmwares for a small number of embedded devices (see table below). We also support Linux devices via our generic HCI script. Feel free to port OpenHaystack to other devices that support Bluetooth Low Energy based on the source code of our firmware and the specification in our paper. Please share your results with us!
Platform | Tested on | Deploy via app | Comment |
---|---|---|---|
Nordic nRF51 | BBC micro:bit v1 | ✓ | Only supports nRF51822 at this time (see issue #6). |
Espressif ESP32 | SP32-WROOM, ESP32-WROVER | ✓ | Deployment can take up to 3 minutes. Requires Python 3. Thanks @fhessel. |
Linux HCI | Raspberry Pi 4 w/ Raspbian | Should support any Linux machine. |
- Alexander Heinrich, Milan Stute, Tim Kornhuber, Matthias Hollick. Who Can Find My Devices? Security and Privacy of Apple's Crowd-Sourced Bluetooth Location Tracking System. Proceedings on Privacy Enhancing Technologies (PoPETs), 2021. doi:10.2478/popets-2021-0045 📄 Paper 📄 Preprint.
- Alexander Heinrich, Milan Stute, and Matthias Hollick. DEMO: OpenHaystack: A Framework for Tracking Personal Bluetooth Devices via Apple’s Massive Find My Network. 14th ACM Conference on Security and Privacy in Wireless and Mobile (WiSec ’21), 2021.
- Tim Kornhuber. Analysis of Apple's Crowd-Sourced Location Tracking System. Technical University of Darmstadt, Master's thesis, 2020.
- Apple Inc. Find My Network Accessory Specification – Developer Preview – Release R3. 2020. 📄 Download.