PRIVACYSHIELD: Relaying BLE beacons to counter unsolicited tracking

Offline finding networks such as Apple’s Find My, Google’s Find My Device, or Samsung’s SmartThings Find are frequently abused to stalk unsuspecting victims. These networks allow users to attach small, cheap tags to items to locate them if they are lost. The tags announce their presence via Bluetooth Low Energy (BLE) beacons, and nearby Internetconnected devices such as smartphones report their location to the finding network. However, the low price and easy-tohide footprint of offline finding tags makes them appealing to malicious actors, who place tags on their unwitting victims. Nearby devices or even the victim’s own device then unknowingly report the victim’s location to the stalker. Weanalyze the anti-stalking measures put in place by off line finding networks with a focus on Apple’s Find My and Google’s Find My Device. We show how malicious actors can bypass those measures and propose PRIVACYSHIELD, a novel relay network protecting stalking victims. Our network takes advantage of the fact that offline finding BLE beacons are unauthenticated and can be relayed to arbitrary locations. Relayed beacons cause third-party devices to report incorrect locations to the finding network, obfuscating the victim’s location. We demonstrate PRIVACYSHIELD’s effectiveness in masking a tag’s location, and show the robustness of the system against attempts to thwart its usage. Then, we suggest practical recommendations for offline finding network providers to improve stalking protection.