This looks great. If this Python implementation of the FindMy API actually works, it would be a major technology quality-of-life improvement for me. I hope Apple lets it stay alive.
Everyone who shares location with me does so over Find My, and my family insists on using AirTags. As a 100% desktop Linux and mobile Android user, it is one of the few things that I always need to remote in to my Mac Mini to access because there are no x-platform FindMy apps and the FindMy iCloud web app does not have feature parity to the macOS and iOS apps. One of a long list of offenses where Apple refuses to make things easy for x-platform friend groups and families. Very annoying.
Even within Apple's platforms, there's pretty limited support for automation -- you can say "Siri find my keys" but there's no App Intents / Shortcuts support for automating anything within Find My (AFAIK), which is a bit disappointing.
Find My has no any exposed Applescript commands. You'd next need to try (I think, been >a decade) Accessibility Inspector to find the names of the interface so you can tell Applescript what to click on. On some apps, even this doesn't work.
I also suspect Find My is a Catalyst-ported iPadOS app, which tend to be awful/useless for scripting.
> You'd next need to try (I think, been >a decade) Accessibility Inspector to find the names of the interface so you can tell Applescript what to click on. On some apps, even this doesn't work.
I am cursed with a lot of experience doing just this. However, I will say that every year it's getting harder and harder to do. The new security/accessibility changes in Sequoia have made things even more of a nightmare.
I ended up using Shortcuts to publish a set of screenshots from an always-on Mac every 10 minutes or so for a set of shared, family AirTags: http://vitor.io/android-airtags
I couldn't reliably get iOS to do the same, and my tests of an Android-compatible tag found it was detected much less often than an AirTag riding along with it.
Wow, that's some dedication to solve this problem! Very nice write-up. It was also good to see your thinking behind why doing this on an always-on Mac was better than possible alternatives. Thankfully M-series Macs don't draw much power at all at idle.
Kind of? Right now it feels like it's glued on the side and a good proof of concept. It takes a lot more panning and zooming than it should. But it DOES work, one-way: you can see your friends' locations but they can't see yours.
To the best of my knowledge, AirTag locations still cannot be obtained through the iCloud website. The locations it shows are simply generated by the devices themselves and uploaded directly to Apple. This library specifically only queries the FindMy network, which is the system that allows other iPhones (and iPads etc.) to "find" your devices.
The library also explicitly does not integrate with your Apple account, but only uses it to query encrypted location reports from Apple. This can be done with any account, even if it does not "own" the device, as long as you can generate the correct keys.
Hopefully locations shared by users not part of my iCloud Family account, and "Items" (Apple jargon term for AirTags). Currently it only shows macOS or iOS "Devices" directly linked to my iCloud account, or in my iCloud Family, none of the locations shared by friends. And it shows no "Items," not even those in my iCloud account.
“Items” is not an Apple jargon term for AirTags. AirTags are not the only thing that can show up in this list. Third-party FindMy-compatible devices are quite common.
Since you frankly seem to have a bee in your bonnet about Apple, I’d suggest that you actually look into these. They might be more to your taste.
Cross-platform. There are 3 major desktop operating systems (Windows, Linux, and Mac) and 2 major mobile operating systems (iPhone and Android). Every single OS has a huge marketshare worldwide (including Linux, if you count servers).
A truly x-platform app is one that works well on all 5 of these platforms, e.g. Signal. A moderately x-platform app is one that works well on the two mobile operating systems and on web as an alternative to desktop, e.g. WhatsApp. A single-platform app, like Apple FindMy, only works properly on e.g. Mac + iPhone. Apple tends to be the only major industry player that produces these sorts of apps, e.g. iMessage, FaceTime, Final Cut Pro, Keynote. Although with Keynote you can often get by with the iCloud web version, which has a useful 80%-or-so of the desktop app's features. Even apps like Meet, Zoom, and Teams -- run by rival companies -- are more x-platform than major Apple apps.
I think the GP knows what cross-platform means, but is confused by using "X" as shorthand for "cross". In my opinion, it's not widespread enough for the four-letter saving to be worth the confusion.
I didn't directly interpret it a cross-platform but more as (x) platform... Asin variable x which is not Apple... Which is semantically the same I guess but not entirely.
Just to add to the different ways that that exact grouping of letters can be interpreted.
Maybe because I see an API as being able to be accessed from anywhere, so you could query it from a home automation device to trigger something when you are withing X meters of your house, which even if Apple truly released a cross-platform version of Find My that wouldn't be possible.
Long before the richest man on earth bought Twitter to be his personal megaphone to help him prepare to become president in order to boost all his personal endeavors, the letter X has been used as a sort of contraction to replace common morphemes like "cross", "trans" etc, in places where the physical representation "x" likens to a cross or crossing of some sort, or in reference to the Greek letter Chi. Must we change our use of language to support this guy, too?
You pretty much listed all the examples where that’s done (x-ing is also a big one, on signs), but there are way more cases where no one would ever use the letter X like that. I think parsing that kind of “syntax sugar” takes more cycles than a lot of people care to spare just to understand what a stranger is saying online. It’s too loose to be commonly applicable. Things like “Xmas” are accepted on a case by case basis.
The argument wasn’t made out of principle, either. If it were more widespread, it would be worth the potential confusion. It’s just not. I agree with that.
Linux is not a “major desktop operating system”. Let’s be intellectually honest here, particularly because you’re using the number “3” to bolster your argument that Apple is being negligent or unfair or whatever.
Be annoyed at Apple for not ‘supporting Android’ or whatever all you want, but let’s not pretend that Apple isn’t paying a very justifiable amount of attention to desktop Linux. What next, iCloud.com doesn’t load properly in Lynx?
Possible in the apple ecosystem. If the kids are part of a "familly", you can monitor / control using Parental Controls accessed from your iPhone > Settings > Screen Time.
It sounds like the gp’s objection might be that they’d like for their children to use iPhone and its parental controls, but they themselves would prefer to use other platforms to manage the supervision features. As far as I know, you do in fact have to be within the apple ecosystem to manage the ScreenTime features as you suggest.
Firewalla looks really thoughtfully designed! I’m glad to be aware of it.
I actually have Firewalla (it's great!). But it's only helpful when a kid's phone is connected to the network itself (which they can escape easily by disconnecting from wifi). The native stuff works on all networks.
Unless you are arguing that the feature should be removed from iOS and macOS devices, it is entirely a technical issue. Me preferring to use an Android device rather than an iPhone is not a parenting issue.
Hey everyone! I'm the author of FindMy.py. I'd like to use this moment to give a shout-out to some other people that deserve way more credit than me, as the project definitely would not have existed without them. If this stuff interests you then please do check them out, there is a dedicated section in the project's README (https://github.com/malmeloo/FindMy.py?tab=readme-ov-file#cre...).
Congrats ! I don't have an iPhone or Mac. Can I buy an AirTag, initialize it with the help of a friend who has an iPhone, and then locate the AirTag or ring it from my PC with this Python lib?
I don't see how you would get the private key for the airtag off the iPhone without jailbreaking it. The readme of the project implies you can do this but the docs are completely lacking
I realize that the docs are rather empty right now; it takes a lot of time to turn my thoughts into text, which I do not really have at the moment. Contributions are welcome, of course ;-)
You used to be able to query this data locally from your MacBook, but Apple decided to encrypt it. It was fun to put an AirTag on your cat, then use GPS Visualizer to plot your cat's activities overnight.
While we're here, I have an ask (of anyone). I want the same exact thing you said, except for an outdoor dog on a large property.
I would like a tag that just records its own GPS coordinates locally on-device, every so often, and then when my dog comes home, I can check where she's been.
They are called GPS trackers or GPS loggers. You can find some that save coordinates to a microSD card and optionally send the location via cellular connection for about 10 dollars on AliExpress.
I have a TK913 GPS tracker for my ebike, which is configured to send location reports to my server running Traccar[1]. I'm very happy with the setup, it Just Works. I can check where my bike is at any point from the web UI from my phone. It supports A LOT[2] of these cellular-enabled GPS trackers.
I have used them before on various bikes and they work just fine. Battery life is about 25 hours, it is weather resistant, and then you can sync them after you record an activity. And at less than $30, if it gets lost, it isn't the worst thing in the world.
I think the concern could be that someone other than you might have access to your disk or computer.
Perhaps some people in a uniform could get access to that computer, physically or otherwise, and then have access to lots of interesting location histories from it, and they may not have your best interests in mind.
I don't think AirTag work that way. AirTag protocol is specifically designed so Apple or other parties will not be able to track users by serial numbers.
Where there's a will, there's a way. Apple is very clear law enforcement can approach them with any AirTag and they will immediately be able to tie it to a user.
They do, Airtag hardware need to be signed to add to your iCloud account. But the actual location beacon messages are not linked to your iCloud account and can’t be associated with the sending airtag.
I don't have an iPhone or Mac.
Can I buy an AirTag, initialize it with the help of a friend who has an iPhone, and then locate the AirTag or ring it from my PC with this Python lib?
I bought some $8 third-party AirTags from AliExpress, flashed them with some firmware, and used Macless Haystack to track them without owning any Apple devices.
Note that, locating airtags and making them play sound requires them to be near some other iDevice (the battery is a standard CR2032), so if you live in a remote ranch or something and nobody around you has an iphone, they might not be very useful.
It wouldn't even need to be a remote ranch—everything I'm seeing suggests they have a range of between 30-100 feet depending on walls and whatnot, which means even in a typical suburb you've got pretty high odds that none of your neighbors have a device within range at the moment you need it.
My experience is that this is rarely true in reality. I live in a freestanding house in a suburban area (not in the US, let alone SF). I’ve moved a couple of times since I’ve started using AirTags. Even when none of my own devices have been around, I still manage to get quite frequent location updates.
For the use case of identifying where they are on a map, I can certainly believe that an iPhone will connect more often than you move the object the tag is attached to. But when it comes time to actually trigger a sound to find it stuck under a cushion or what have you, is there going to be an iPhone within range at that moment?
That's a very unusual use case. When one of my airtags is in my building I can locate it with ~0.1ft precision using UWB. No matter how many other iPhones are in the building I can't get <100ft precision without UWB.
The difference between "airtag is in under the top left corner of the couch cushion" and "airtag might be in the same building as you" is so large that I wonder why you don't get a old used iPhone and swap the battery to create a functional phone.
I'm not OP. I've got an iPhone and two iPads and a Mac in the house. I'm asking for OP, who has no i-devices and wants to know if an airtag would be useful anyway.
> Can I buy an AirTag, initialize it with the help of a friend who has an iPhone, and then locate the AirTag or ring it from my PC with this Python lib?
Ringing it might be an unusual case for you, but it's exactly what OP was asking about.
(It's also by far the most common use case for this category of device for me. I misplace things all the time and it's super convenient to not have to wander all over the house looking for it.)
Theoretically yes, once the AirTag is deployed the keys should be static and you should be ready to go. Apple should also not be able to "ban" the tag at some later point in time.
I would suggest signing into a separate Apple account that's under your control to pair the AirTag, however. Not due to the risk of being banned, but because I have the suspicion that removing an AirTag from your (friend's) account may prompt the device to instruct the AirTag to reset. But if you sign into another account, pair it using an iDevice and then log out, that shouldn't be an issue.
So far they don't really seem to care, however we've seen the lengths Apple is willing to go to when it comes to protecting their sweet revenue stream during their fight with Beeper. OpenHaystack has been functional for a long time, but they obtain locations from a running Mac, while this project directly accesses their API. This is also the most attention this project has received in a long time, so we'll see how that goes.
Over the past year only of my accounts has been banned by Apple, and I was using that one to request locations every 5-10 minutes 24/7 in Home Assistant, with no other usage of the account other than one registered hackintosh. I'm currently using another account that is querying data every 15-30 minutes, which has been working fine so far. You just need an account to anonymously download location reports, so if your throwaway gets banned just create a new one and things should work again. Just make sure to attach it to a real device or hackintosh at least once to "activate" the account's iCloud API.
I do just want to make it clear that I have no intentions on keeping this working "at all costs" - at least not without other people willing to help me out. The library is currently not even trying to be stealthy, and it can be easily detected using heuristics if they really wanted to.
Changing the underlying find my network to break this would be challenging if not impossible while keeping the privacy protections in place. Apple can’t identify devices sending data to find my, and doesn’t log requests. Short of changes that would break compatibility with older devices it should be relatively stable.
OpenHaystack has been doing this for a few years now and Apple has made no efforts to restrict it.
I’ve been using FakeTag[0] and OpenHaystack[1] coupled with a vibration sensor to notify me when various things happen around my house. Inspired by this [2] article. It’s worked flawlessly for ~2 years.
You're correct in saying that it would be challenging for them to overhaul the entire network, but this library directly makes API calls to Apple's servers to request location reports. So while the tags would likely keep working, they could totally block the library or your account if they really wanted to.
> Apple can’t identify devices sending data to find my, and doesn’t log requests.
So what you're saying is that a decent firewall could still inspect the traffic, or the patterns thereof.
Also, this doesn't make any sense, as if Apple doesn't know which AirTag belongs to who, Find My would be very useless; and law enforcement would be furious.
Airtags are associated with your apple ID for safety, but when you make a request for the location from Find My it doesn’t include any information about which airtag you’re asking about; just a CSPRNG-incremented public key that changes every 15 minutes. The location data itself is not available to Apple.
The short answer is that it doesn't. The iCloud website only shows devices that are actively uploading their location to Apple, such as iPhones and iPads. AirTags are not shown there, as they use the FindMy network instead (the whole other-devices-find-your-airtags mechanism). This library focuses on the latter.
Apple devices can query your AirTag's location because they sync its shared secrets through the iCloud keychain, which is used to generate temporary keys that can be use to download and decrypt the tag's location.
As far as I understand, the keychain is indeed e2e encrypted and it requires at least one of your other devices to be online in order to sync. However last time I checked Apple still fails the mud puddle test, so there does have to be some kind of master key that decrypts the data in the case of account recovery.
It’s explained pretty well in link provided in comment your replying to.
The tl;dr is: The information is publicly available in an encrypted form that is only readable by the party with the key.
Think of it like this, when you mark an item as lost you publish a hashed public identification key, if another device detects that key it creates a location report encrypted with your public key and posts it to a public list of encrypted reports, you decrypt the report with your private key.
If you mean from another device other than one that your keychain is on, ie, a browser on a device you haven’t logged into before, you can’t.
You can get an active location through iCloud if the device is powered on or its last location before power off if the setting is enabled. But you can’t decrypt find my location reports without the private key, which is only available in devices you’ve logged into.
So Apple has no way to see anything even when developing the platform itself?
They must have a way to decrypt payloads or otherwise get into the system they built and control. The fact that they let law enforcement know when someone is stalking someone with an AirTag shows that the data is available to them. It’s silly to think otherwise, paper or not.
> The fact that they let law enforcement know when someone is stalking someone with an AirTag shows that the data is available to them.
Not technically correct. Apple devices (and Android phones with the appropriate app) detect if an unknown AirTag is moving with them and makes it home, possibly signalling a stalking attempt.
The heuristics for this happen locally; Apple isn't "aware" of this happening. That said, when you first set-up an AirTag, the serial is tied to your account. Therefore, when you physically find an unknown AirTag and report it to law enforcement, they can then subpoena (or get a warrant?) Apple for information on the AirTag owner's identity.
The serial itself, and any personal identifiers, are not used in the locating process, however.
This is well documented in the paper above, in articles, as well as in reverse engineering efforts.
From Apple’s perspective, if someone uses the FindMy APIs to provide a commercial service that diminishes the privacy offered by Apple’s official apps, they would likely send a C&D letter. But for hobby projects, it’s not worth clamping down hard.
For the longest time I’ve wanted a way to record my location history in a durable way, without resorting to google maps history (which is great but has…obvious downsides), or some hacky short-term custom solution.
I wonder if someone could integrate this into a more coherent long-term platform.
I think it’s just super handy to know where you’ve been. Great to be able to find places (“Oh I loved this Thai place I went to 4 years ago in X city”)
Also to be able to find photos in specific locations (if you integrate it with geotagged photos like google does).
It’s one of those things I don’t actively care a ton about in the short term but is useful data to have in the long term if it can persist without a lot of effort.
Edit: I think form is “irrelevant” as long as it’s well supported and can be useable in different services later on. Same thing with notes imo (and why I use markdown). Has enough features but importantly is and will be well supported.
If you mostly walk or bike places, Strava[0] is a great way to record where you have been. I use it mostly for recording my travel (and hikes) since I walk more when visiting other places, not so much at home. Have it start recording in the morning and off in the evening. Pause if I take a bus or train and then can edit to clean it up later. Photos with geo tags can be uploaded and when you look at the map the photos will be at the location you took them. Also has a fun feature where you can replay your walk/hike/etc. It's been awhile since I downloaded my data but it was easy and everything you could want is there. The free tier is everything you need for something like the above
It’s interesting, because it could allow you to log location over time. Generally, I can only see peoples location when I open the app, but this would allow me to ping every 30 minutes and create a very long log that I could technically create manually, but would be quite a bit of work.
This, indeed. Quick addition: Apple only stores locations for up to 7 days, so I would recommend running it once per day or so if you don't need live data. If you do, be careful not to request too often (sub-30 mins) if you value your account dearly.
From a quick skim of the repository, it looks like this is only for accessories/devices that you own. I hope that this is the case, and that it doesn't work for the "Find My Friends" functionality.
I'm okay sharing my location with trusted people so that they can occasionally manually check where I currently am. I don't like the idea of them theoretically being able to automatically record my location and build a complete history of my movements over time.
You should probably just assume that the recording is possible and not share your location with people you don't trust to not do that. Find my Friends isn't Snapchat—there's nothing in the pitch about ephemerality, so you shouldn't assume they engineered it in as a design constraint.
You're right, locating friends is not currently supported. I would assume that this feature is implemented by simply sharing your device's (already recorded) latest location ping with your friends, in which case this is also currently out of scope for the project - the library only intends to interact with the "other-devices-find-my-device" network in order to be account-agnostic.
On a separate thought, if Apple has not taken concerns such as the one you portrayed into account when designing Find My Friends then I would suggest not using the system altogether. At that point it's only a matter of time before someone figures out how to extract the data. But that's an entirely different story and a personal consideration you'll have to make.
Yeah, uh... you might do well to assume that they can. The Find My Friends API is really really simple, I have a script somewhere that can pull the locations of everyone who has shared their locations with me and record it.
It's not clear to me how to actually get the required plist file to make this library work. Neither of the scripts in this issue seem to work: https://github.com/malmeloo/FindMy.py/issues/31
Is the syntax to run them just `swift <filename.swift>`?
Swift/ErrorType.swift:253: Fatal error: Error raised at top level: main.MyError.noPassword
Which version of MacOS are you using? I believe Apple has made changes to the keychain in the latest version which prevents the scripts from working properly.
The only Apple "device" I have regular access to is a hackintosh, so this stuff is frustratingly hard to debug. So far I've been relying on efforts from the community, but the scripts appear to be somewhat flaky and don't always work for everyone unfortunately.
As someone who lives in an Android family but would still like to use air tags since it's the biggest network in the U.S. I'd love a way to add and use air tags without needing to have an iPhone!
Can I use this, if I have an iPhone, to trigger actions on a server based on my location?
For example, “When I come home, fetch the latest electricity prices and notify me if I should plug in my Tesla”.
I tried that using Shortcuts, but they won’t run location based without confirmation. (There are some workarounds, but they, too, don’t work reliably in my experience.)
If you literally mean when you return home, I’ve been running Shortcut automations triggered by leaving home and arriving home, using the built in “My Home” triggers. They don’t require confirmation and as best as I can tell have been completely reliable.
However, do note that AirTags put themselves into "nearby" mode when they're near an owner device, at which point they become untraceable to the FindMy network (the system where other iPhones are finding your AirTag and uploading its location). That also makes it invisible to this library. It is however still possible to detect it using the BLE signal it is broadcasting in nearby state, which is supported by the library but not yet by the HA integration.
> Find My is an asset tracking service made by Apple Inc. that enables users to track the location of iOS, iPadOS, macOS, watchOS, visionOS, tvOS devices, AirPods, AirTags, and a number of supported third-party accessories through a connected iCloud account. Users can also show their primary device's geographic location to others, and can view the location of others who choose to share their location. Find My was released alongside iOS 13 on September 19, 2019, merging the functions of the former Find My iPhone (known on Mac computers as Find My Mac) and Find My Friends into a single app. On watchOS, Find My is separated into three different applications: Find Devices, Find People and Find Items.
> You can share your current location once, temporarily share your location while you're on the way to an expected destination, or share your ongoing Live Location... for an hour, until the end of the day, or indefinitely.
In Messages, you can use Check In to share your location... Your location is shared only if there's an unexpected delay during your trip or activity and you're unresponsive.
This is actually one of the big differences between generations. It’s not just the norm for young people to share locations, but rather almost expected, with real social consequences for not. Yes it’s probably a little weird to have someone’s precise location 100% of the time, but since you’re sharing it with me there’s a good deal of trust implied (though this is not always the case as it has become more normalized). However, if we stop sharing locations, that usually implies a divorce of the relationship. People will shut you out of their life if you stop sharing your location with them, no matter the reason. From that lens, the choice is simple. You’ve gotta share your location, even if it’s a bit icky from a privacy perspective or you risk losing an entire cohort of friends. I will admit, there is a strange level of intimacy for having done it. In a world increasingly dominated by the pixels on this 4x8 screen, it is a nice reminder that the text bubbles on my phone actually come from real people that I can show you on a map.
(Obviously you can find friends who don’t care for it and you can live a normal life and be just fine. I’m privacy conscious but I still share my location with a handful of friends for the above reasons.)
> People will shut you out of their life if you stop sharing your location with them
Is the implication of this that such people just don't interact with Android users? That seems like a significant self-imposed limitation. Or are Android phones just extremely unpopular in your area?
Yeah, I switched to an iPhone solely for the blue text bubbles. Among young women in my bubble, 98% have iPhones. I’d get sneers at bars from girls when my first text on their phone was green. People would complain openly about my phone ruining their group chats. While I preferred android tech, switching to iPhone was a no-brainer because it removed a lot of friction in social settings.
Blame the emotionally dysfunctional, not the tool. It’s only a problem if it changes how you would live your life or pressured or coerced (in which case, say no).
Importantly, it works in a peer-to-peer kind of way. Apple devices act as kind of beacons and nearby iPhones can notify Apple servers of any nearby devices they detect (in a way not decryptable by Apple, only by the owner of the devices).
So AirTags, MacBooks, and turned-off iPhones are findable via passing-by turned-on iPhones.
Is it not a glaring privacy and security hole that turned-off devices can still be located?
Maybe it's just me, but if I own an internet-connected device and I turn it off, I expect it to be off. That an iPhone's definition of "off" means "you can't use it but other random people's iPhones in the vicinity can still connect to and ping it" rubs me the wrong way.
Other phones in the vicinity don't connect to yours. Yours uses Bluetooth LE to periodically broadcast some data. Other phones in the vicinity relay that data along with the approximate location to Apple.
It is not. If you don’t want your device to participate, you ca elect not to enable Find My during setup. The vast majority of people would rather a their couldn’t just turn off a stolen phone and render it unlocatable.
Also the location is only accessible to you, the owner of the device. Not Apple or "random other people's iPhones".
The engineering and thought that went into the whole thing to be useful but also privacy protecting is actually pretty impressive, and exactly the kind of thing we should be encouraging companies to do if we care about privacy. Especially since as you point out, you can still easily turn it off at any point if you want.
I don’t use the person tracking very often except on group vacations, but I track a vehicle with an AirTag after a car theft for a little peace of mind (along with other preventative measures). Every now and then it’s handy for my own devices, too, including alerting me when I’ve accidentally left one behind at a non-routine location.
I'm not familiar with these tags, do they implement the FindMy protocol? If it's a proper 3rd party AirTag ("Works with FindMy") then it should be supported, see the AirTag example in the repository for more info.
I remember there was a time when “web services” were the new hotness and everybody was gonna offer some API to whatever they had online.
What happened to this? We’ve even got the authentication part nailed down now thanks to OAuth! There is even API gateways that you can park in front of your stack that manage all the hard parts like granting client secrets to API consumers and showing registration screens to developers.
There is really nothing stopping you from opening up parts of your stack to developers and tinkerers so they can do cool shit. It even gets people to lock into your product that much more because now they’ve integrated some part of their workflow into your system in a way that might not be possible without your service!
So yeah. You already have these API’s exposed for your front end apps to use. Why not just slam a developer portal on top and let people access some of it? Who knows what cool things they’ll cook up!
If the constraint is that you don't want to install any software, there are a bunch of these web based AirDrop clones, besides the ones mentioned here are two more:
Does it really need to be 168 files of code to do this? I don't know WebRTC, but wouldn't a single PHP file be enough to create the connection between the two devices?
This looks great. If this Python implementation of the FindMy API actually works, it would be a major technology quality-of-life improvement for me. I hope Apple lets it stay alive.
Everyone who shares location with me does so over Find My, and my family insists on using AirTags. As a 100% desktop Linux and mobile Android user, it is one of the few things that I always need to remote in to my Mac Mini to access because there are no x-platform FindMy apps and the FindMy iCloud web app does not have feature parity to the macOS and iOS apps. One of a long list of offenses where Apple refuses to make things easy for x-platform friend groups and families. Very annoying.
Even within Apple's platforms, there's pretty limited support for automation -- you can say "Siri find my keys" but there's no App Intents / Shortcuts support for automating anything within Find My (AFAIK), which is a bit disappointing.
Yes, although I recently discovered Hammerspoon which is a clever little bit of open source macOS desktop automation technology:
https://www.hammerspoon.org/
I suspect they might be a bit wary of the privacy implications of giving other apps/Shortcuts access to Findmy data
What about Apple Automator and Applescript?
Find My has no any exposed Applescript commands. You'd next need to try (I think, been >a decade) Accessibility Inspector to find the names of the interface so you can tell Applescript what to click on. On some apps, even this doesn't work.
I also suspect Find My is a Catalyst-ported iPadOS app, which tend to be awful/useless for scripting.
> You'd next need to try (I think, been >a decade) Accessibility Inspector to find the names of the interface so you can tell Applescript what to click on. On some apps, even this doesn't work.
I am cursed with a lot of experience doing just this. However, I will say that every year it's getting harder and harder to do. The new security/accessibility changes in Sequoia have made things even more of a nightmare.
I ended up using Shortcuts to publish a set of screenshots from an always-on Mac every 10 minutes or so for a set of shared, family AirTags: http://vitor.io/android-airtags
I couldn't reliably get iOS to do the same, and my tests of an Android-compatible tag found it was detected much less often than an AirTag riding along with it.
Wow, that's some dedication to solve this problem! Very nice write-up. It was also good to see your thinking behind why doing this on an always-on Mac was better than possible alternatives. Thankfully M-series Macs don't draw much power at all at idle.
Does Blue Bubbles work for this? They have find my built into their app
Kind of? Right now it feels like it's glued on the side and a good proof of concept. It takes a lot more panning and zooming than it should. But it DOES work, one-way: you can see your friends' locations but they can't see yours.
What information is available through this api that would not already be available over the web?
To the best of my knowledge, AirTag locations still cannot be obtained through the iCloud website. The locations it shows are simply generated by the devices themselves and uploaded directly to Apple. This library specifically only queries the FindMy network, which is the system that allows other iPhones (and iPads etc.) to "find" your devices.
The library also explicitly does not integrate with your Apple account, but only uses it to query encrypted location reports from Apple. This can be done with any account, even if it does not "own" the device, as long as you can generate the correct keys.
Hopefully locations shared by users not part of my iCloud Family account, and "Items" (Apple jargon term for AirTags). Currently it only shows macOS or iOS "Devices" directly linked to my iCloud account, or in my iCloud Family, none of the locations shared by friends. And it shows no "Items," not even those in my iCloud account.
(... yep, it looks like one of their example programs is about accessing AirTag info via API: https://github.com/malmeloo/FindMy.py/blob/main/examples/rea... ...)
“Items” is not an Apple jargon term for AirTags. AirTags are not the only thing that can show up in this list. Third-party FindMy-compatible devices are quite common.
Since you frankly seem to have a bee in your bonnet about Apple, I’d suggest that you actually look into these. They might be more to your taste.
What does "x-platform" mean in this context?
Cross-platform. There are 3 major desktop operating systems (Windows, Linux, and Mac) and 2 major mobile operating systems (iPhone and Android). Every single OS has a huge marketshare worldwide (including Linux, if you count servers).
A truly x-platform app is one that works well on all 5 of these platforms, e.g. Signal. A moderately x-platform app is one that works well on the two mobile operating systems and on web as an alternative to desktop, e.g. WhatsApp. A single-platform app, like Apple FindMy, only works properly on e.g. Mac + iPhone. Apple tends to be the only major industry player that produces these sorts of apps, e.g. iMessage, FaceTime, Final Cut Pro, Keynote. Although with Keynote you can often get by with the iCloud web version, which has a useful 80%-or-so of the desktop app's features. Even apps like Meet, Zoom, and Teams -- run by rival companies -- are more x-platform than major Apple apps.
I think the GP knows what cross-platform means, but is confused by using "X" as shorthand for "cross". In my opinion, it's not widespread enough for the four-letter saving to be worth the confusion.
I didn't directly interpret it a cross-platform but more as (x) platform... Asin variable x which is not Apple... Which is semantically the same I guess but not entirely.
Just to add to the different ways that that exact grouping of letters can be interpreted.
Maybe because I see an API as being able to be accessed from anywhere, so you could query it from a home automation device to trigger something when you are withing X meters of your house, which even if Apple truly released a cross-platform version of Find My that wouldn't be possible.
That's a good point, well taken. Especially now that "X" is the name of a social media platform :-)
Long before the richest man on earth bought Twitter to be his personal megaphone to help him prepare to become president in order to boost all his personal endeavors, the letter X has been used as a sort of contraction to replace common morphemes like "cross", "trans" etc, in places where the physical representation "x" likens to a cross or crossing of some sort, or in reference to the Greek letter Chi. Must we change our use of language to support this guy, too?
Xtian Xmas xfer tx/rx xor...
You pretty much listed all the examples where that’s done (x-ing is also a big one, on signs), but there are way more cases where no one would ever use the letter X like that. I think parsing that kind of “syntax sugar” takes more cycles than a lot of people care to spare just to understand what a stranger is saying online. It’s too loose to be commonly applicable. Things like “Xmas” are accepted on a case by case basis.
The argument wasn’t made out of principle, either. If it were more widespread, it would be worth the potential confusion. It’s just not. I agree with that.
I don't think "xor" belongs to that list, given that the "x" in it is a shortening of "eXclusive".
Linux is not a “major desktop operating system”. Let’s be intellectually honest here, particularly because you’re using the number “3” to bolster your argument that Apple is being negligent or unfair or whatever. Be annoyed at Apple for not ‘supporting Android’ or whatever all you want, but let’s not pretend that Apple isn’t paying a very justifiable amount of attention to desktop Linux. What next, iCloud.com doesn’t load properly in Lynx?
Estimates from earlier this year are over 60 Million Linux powered desktop PCs globally.
That's not a huge portion of total market share but is still major by some measure.
Cross platform (something that works well outside of Apple apps/devices)
Cross platform -> † platform -> t platform might be a better choice
One that really annoys me is inability to monitor/control my kid's device useage and time limits.
Possible in the apple ecosystem. If the kids are part of a "familly", you can monitor / control using Parental Controls accessed from your iPhone > Settings > Screen Time.
Also checkout firewalla https://help.firewalla.com/hc/en-us/articles/360008214094-Ac...
It sounds like the gp’s objection might be that they’d like for their children to use iPhone and its parental controls, but they themselves would prefer to use other platforms to manage the supervision features. As far as I know, you do in fact have to be within the apple ecosystem to manage the ScreenTime features as you suggest.
Firewalla looks really thoughtfully designed! I’m glad to be aware of it.
I actually have Firewalla (it's great!). But it's only helpful when a kid's phone is connected to the network itself (which they can escape easily by disconnecting from wifi). The native stuff works on all networks.
I’ve always thought their implementation of this is pretty poor. Lots of granular options but it’s difficult to cover all bases.
[flagged]
Unless you are arguing that the feature should be removed from iOS and macOS devices, it is entirely a technical issue. Me preferring to use an Android device rather than an iPhone is not a parenting issue.
Hey everyone! I'm the author of FindMy.py. I'd like to use this moment to give a shout-out to some other people that deserve way more credit than me, as the project definitely would not have existed without them. If this stuff interests you then please do check them out, there is a dedicated section in the project's README (https://github.com/malmeloo/FindMy.py?tab=readme-ov-file#cre...).
If you have any questions, feel free to ask :-)
Any idea why the latest version on pypa is 0.2.x. That seems like it was released a while ago.
Congrats ! I don't have an iPhone or Mac. Can I buy an AirTag, initialize it with the help of a friend who has an iPhone, and then locate the AirTag or ring it from my PC with this Python lib?
I don't see how you would get the private key for the airtag off the iPhone without jailbreaking it. The readme of the project implies you can do this but the docs are completely lacking
Could you please include some usage examples in the README?
There is an examples directory that covers basic usage: https://github.com/malmeloo/FindMy.py/tree/main/examples
Official docs: https://docs.mikealmel.ooo/FindMy.py/
I realize that the docs are rather empty right now; it takes a lot of time to turn my thoughts into text, which I do not really have at the moment. Contributions are welcome, of course ;-)
You used to be able to query this data locally from your MacBook, but Apple decided to encrypt it. It was fun to put an AirTag on your cat, then use GPS Visualizer to plot your cat's activities overnight.
https://github.com/icepick3000/AirtagAlex
https://www.gpsvisualizer.com
While we're here, I have an ask (of anyone). I want the same exact thing you said, except for an outdoor dog on a large property.
I would like a tag that just records its own GPS coordinates locally on-device, every so often, and then when my dog comes home, I can check where she's been.
Does this exist?
They are called GPS trackers or GPS loggers. You can find some that save coordinates to a microSD card and optionally send the location via cellular connection for about 10 dollars on AliExpress.
I have a TK913 GPS tracker for my ebike, which is configured to send location reports to my server running Traccar[1]. I'm very happy with the setup, it Just Works. I can check where my bike is at any point from the web UI from my phone. It supports A LOT[2] of these cellular-enabled GPS trackers.
[1] https://www.traccar.org/
[2] https://www.traccar.org/devices/
Any cheap Garmin watch should do the trick
And if you want to spend more, Garmin even makes a range of dog tracking equipment: https://www.garmin.com/en-US/p/965617
You know honestly? I have thought of using a XOSS cycling computer (https://www.amazon.com/XOSS-Speedometer-Accessories-Waterpro...).
I have used them before on various bikes and they work just fine. Battery life is about 25 hours, it is weather resistant, and then you can sync them after you record an activity. And at less than $30, if it gets lost, it isn't the worst thing in the world.
My dog has a Fi GPS/cellular collar. You could just get that and leave it on at night and it would show you where your dog wanders around.
This person specifically wants offline.
You could definitely use meshtastic devices to do this
i tried that except damn cat figured out how to take its collar off every time
> but Apple decided to encrypt it.
Yes. As part of a major effort to reduce the abuse potential of AirTags, something that people have been very justifiably demanding.
Ah yes.
The data that is already displayed in my GUI, is now encrypted on my disk that I have full access to. Got it. /s
I think the concern could be that someone other than you might have access to your disk or computer.
Perhaps some people in a uniform could get access to that computer, physically or otherwise, and then have access to lots of interesting location histories from it, and they may not have your best interests in mind.
That's what disk encryption is for.
I'm also interested by the Haystack project to have an ESP32-based object identify as an AirTag and be able to follow it
Does anyone knows if their approach is "sustainable", or if Apple can easily "block out" such hacks from their network?
If it functions exactly as an AirTag does then it would be hard as they would not want to block all previously sold AirTags
Is there something it can do to whitelist legitimate AirTag serial numbers?
I don't think AirTag work that way. AirTag protocol is specifically designed so Apple or other parties will not be able to track users by serial numbers.
Where there's a will, there's a way. Apple is very clear law enforcement can approach them with any AirTag and they will immediately be able to tie it to a user.
One doesn’t exclude the other - a physical airtag may have an ID available, but not broadcast it anywhere.
Also, “when there’s a will…” doesn’t really apply to cruptography
That is not the same thing.
They do, Airtag hardware need to be signed to add to your iCloud account. But the actual location beacon messages are not linked to your iCloud account and can’t be associated with the sending airtag.
I don't have an iPhone or Mac. Can I buy an AirTag, initialize it with the help of a friend who has an iPhone, and then locate the AirTag or ring it from my PC with this Python lib?
It would be awesome.
I bought some $8 third-party AirTags from AliExpress, flashed them with some firmware, and used Macless Haystack to track them without owning any Apple devices.
https://notes.stavros.io/programming/third-party-airtags-res...
Google have also launched their own network, Find, which is turned off by default and useless for now.
Note that, locating airtags and making them play sound requires them to be near some other iDevice (the battery is a standard CR2032), so if you live in a remote ranch or something and nobody around you has an iphone, they might not be very useful.
It wouldn't even need to be a remote ranch—everything I'm seeing suggests they have a range of between 30-100 feet depending on walls and whatnot, which means even in a typical suburb you've got pretty high odds that none of your neighbors have a device within range at the moment you need it.
My experience is that this is rarely true in reality. I live in a freestanding house in a suburban area (not in the US, let alone SF). I’ve moved a couple of times since I’ve started using AirTags. Even when none of my own devices have been around, I still manage to get quite frequent location updates.
How frequent is frequent?
For the use case of identifying where they are on a map, I can certainly believe that an iPhone will connect more often than you move the object the tag is attached to. But when it comes time to actually trigger a sound to find it stuck under a cushion or what have you, is there going to be an iPhone within range at that moment?
That's a very unusual use case. When one of my airtags is in my building I can locate it with ~0.1ft precision using UWB. No matter how many other iPhones are in the building I can't get <100ft precision without UWB.
The difference between "airtag is in under the top left corner of the couch cushion" and "airtag might be in the same building as you" is so large that I wonder why you don't get a old used iPhone and swap the battery to create a functional phone.
I'm not OP. I've got an iPhone and two iPads and a Mac in the house. I'm asking for OP, who has no i-devices and wants to know if an airtag would be useful anyway.
> Can I buy an AirTag, initialize it with the help of a friend who has an iPhone, and then locate the AirTag or ring it from my PC with this Python lib?
Ringing it might be an unusual case for you, but it's exactly what OP was asking about.
(It's also by far the most common use case for this category of device for me. I misplace things all the time and it's super convenient to not have to wander all over the house looking for it.)
Theoretically yes, once the AirTag is deployed the keys should be static and you should be ready to go. Apple should also not be able to "ban" the tag at some later point in time.
I would suggest signing into a separate Apple account that's under your control to pair the AirTag, however. Not due to the risk of being banned, but because I have the suspicion that removing an AirTag from your (friend's) account may prompt the device to instruct the AirTag to reset. But if you sign into another account, pair it using an iDevice and then log out, that shouldn't be an issue.
Tile Tracker already has that. I wouldn't relying on Apple being merciful.
What are the chance that this keeps working long term?
Sounds awesome & makes airtags more appealing, but if apple is just going to shut it down next week then less so
So far they don't really seem to care, however we've seen the lengths Apple is willing to go to when it comes to protecting their sweet revenue stream during their fight with Beeper. OpenHaystack has been functional for a long time, but they obtain locations from a running Mac, while this project directly accesses their API. This is also the most attention this project has received in a long time, so we'll see how that goes.
Over the past year only of my accounts has been banned by Apple, and I was using that one to request locations every 5-10 minutes 24/7 in Home Assistant, with no other usage of the account other than one registered hackintosh. I'm currently using another account that is querying data every 15-30 minutes, which has been working fine so far. You just need an account to anonymously download location reports, so if your throwaway gets banned just create a new one and things should work again. Just make sure to attach it to a real device or hackintosh at least once to "activate" the account's iCloud API.
I do just want to make it clear that I have no intentions on keeping this working "at all costs" - at least not without other people willing to help me out. The library is currently not even trying to be stealthy, and it can be easily detected using heuristics if they really wanted to.
Cool. Thanks for the detailed response.
Afraid only devices I've got are iphones and icloud accounts where I can't risk a ban.
Changing the underlying find my network to break this would be challenging if not impossible while keeping the privacy protections in place. Apple can’t identify devices sending data to find my, and doesn’t log requests. Short of changes that would break compatibility with older devices it should be relatively stable.
OpenHaystack has been doing this for a few years now and Apple has made no efforts to restrict it.
I’ve been using FakeTag[0] and OpenHaystack[1] coupled with a vibration sensor to notify me when various things happen around my house. Inspired by this [2] article. It’s worked flawlessly for ~2 years.
[0] https://github.com/dakhnod/FakeTag
[1] https://github.com/seemoo-lab/openhaystack
[2] https://hackaday.com/2022/05/30/check-your-mailbox-using-the...
You're correct in saying that it would be challenging for them to overhaul the entire network, but this library directly makes API calls to Apple's servers to request location reports. So while the tags would likely keep working, they could totally block the library or your account if they really wanted to.
> Apple can’t identify devices sending data to find my, and doesn’t log requests.
So what you're saying is that a decent firewall could still inspect the traffic, or the patterns thereof.
Also, this doesn't make any sense, as if Apple doesn't know which AirTag belongs to who, Find My would be very useless; and law enforcement would be furious.
Airtags are associated with your apple ID for safety, but when you make a request for the location from Find My it doesn’t include any information about which airtag you’re asking about; just a CSPRNG-incremented public key that changes every 15 minutes. The location data itself is not available to Apple.
Here is Apple’s docs on how they prevent themselves from inspecting traffic on Fmi: https://support.apple.com/guide/security/find-my-security-se...
So how does Find My work on icloud.com then?
The short answer is that it doesn't. The iCloud website only shows devices that are actively uploading their location to Apple, such as iPhones and iPads. AirTags are not shown there, as they use the FindMy network instead (the whole other-devices-find-your-airtags mechanism). This library focuses on the latter.
Apple devices can query your AirTag's location because they sync its shared secrets through the iCloud keychain, which is used to generate temporary keys that can be use to download and decrypt the tag's location.
>Apple devices can query your AirTag's location because they sync its shared secrets through the iCloud keychain
I see. But can't Apple simply read this data from my iCloud keychain? Or is this kind of data sharing through iCloud keychain e2e encrypted?
As far as I understand, the keychain is indeed e2e encrypted and it requires at least one of your other devices to be online in order to sync. However last time I checked Apple still fails the mud puddle test, so there does have to be some kind of master key that decrypts the data in the case of account recovery.
It’s explained pretty well in link provided in comment your replying to.
The tl;dr is: The information is publicly available in an encrypted form that is only readable by the party with the key.
Think of it like this, when you mark an item as lost you publish a hashed public identification key, if another device detects that key it creates a location report encrypted with your public key and posts it to a public list of encrypted reports, you decrypt the report with your private key.
>you decrypt the report with your private key
Where would this private key be coming from when opening Find My on icloud.com (a website)?
From your keychain. Decrypted locally.
If you mean from another device other than one that your keychain is on, ie, a browser on a device you haven’t logged into before, you can’t.
You can get an active location through iCloud if the device is powered on or its last location before power off if the setting is enabled. But you can’t decrypt find my location reports without the private key, which is only available in devices you’ve logged into.
Websites can access my keychain? Since when?
So Apple has no way to see anything even when developing the platform itself?
They must have a way to decrypt payloads or otherwise get into the system they built and control. The fact that they let law enforcement know when someone is stalking someone with an AirTag shows that the data is available to them. It’s silly to think otherwise, paper or not.
> The fact that they let law enforcement know when someone is stalking someone with an AirTag shows that the data is available to them.
Not technically correct. Apple devices (and Android phones with the appropriate app) detect if an unknown AirTag is moving with them and makes it home, possibly signalling a stalking attempt.
The heuristics for this happen locally; Apple isn't "aware" of this happening. That said, when you first set-up an AirTag, the serial is tied to your account. Therefore, when you physically find an unknown AirTag and report it to law enforcement, they can then subpoena (or get a warrant?) Apple for information on the AirTag owner's identity.
The serial itself, and any personal identifiers, are not used in the locating process, however.
This is well documented in the paper above, in articles, as well as in reverse engineering efforts.
> they let law enforcement know when someone is stalking someone
Source? That's not a thing
+1
From Apple’s perspective, if someone uses the FindMy APIs to provide a commercial service that diminishes the privacy offered by Apple’s official apps, they would likely send a C&D letter. But for hobby projects, it’s not worth clamping down hard.
For the longest time I’ve wanted a way to record my location history in a durable way, without resorting to google maps history (which is great but has…obvious downsides), or some hacky short-term custom solution.
I wonder if someone could integrate this into a more coherent long-term platform.
> without resorting to google maps history (which is great but has…obvious downsides)
Maybe relevant: they moved it to on-device now: https://9to5google.com/2023/12/12/google-location-history-ti...
I starred this on GitHub a few weeks ago! https://github.com/Freika/dawarich Have not played with it, but maybe could fit your needs!
Oh this looks cool, will give it a try!
There are , or at least were, commercial services that did this. What do you want to do with this data? What form do you need it in?
I think it’s just super handy to know where you’ve been. Great to be able to find places (“Oh I loved this Thai place I went to 4 years ago in X city”)
Also to be able to find photos in specific locations (if you integrate it with geotagged photos like google does).
It’s one of those things I don’t actively care a ton about in the short term but is useful data to have in the long term if it can persist without a lot of effort.
Edit: I think form is “irrelevant” as long as it’s well supported and can be useable in different services later on. Same thing with notes imo (and why I use markdown). Has enough features but importantly is and will be well supported.
If you mostly walk or bike places, Strava[0] is a great way to record where you have been. I use it mostly for recording my travel (and hikes) since I walk more when visiting other places, not so much at home. Have it start recording in the morning and off in the evening. Pause if I take a bus or train and then can edit to clean it up later. Photos with geo tags can be uploaded and when you look at the map the photos will be at the location you took them. Also has a fun feature where you can replay your walk/hike/etc. It's been awhile since I downloaded my data but it was easy and everything you could want is there. The free tier is everything you need for something like the above
[0] https://www.strava.com/
[added] been using it since ~2012
It’s interesting, because it could allow you to log location over time. Generally, I can only see peoples location when I open the app, but this would allow me to ping every 30 minutes and create a very long log that I could technically create manually, but would be quite a bit of work.
You don't need to do that, the API will happily return the last N days of location pings.
This, indeed. Quick addition: Apple only stores locations for up to 7 days, so I would recommend running it once per day or so if you don't need live data. If you do, be careful not to request too often (sub-30 mins) if you value your account dearly.
From a quick skim of the repository, it looks like this is only for accessories/devices that you own. I hope that this is the case, and that it doesn't work for the "Find My Friends" functionality.
I'm okay sharing my location with trusted people so that they can occasionally manually check where I currently am. I don't like the idea of them theoretically being able to automatically record my location and build a complete history of my movements over time.
You should probably just assume that the recording is possible and not share your location with people you don't trust to not do that. Find my Friends isn't Snapchat—there's nothing in the pitch about ephemerality, so you shouldn't assume they engineered it in as a design constraint.
You're right, locating friends is not currently supported. I would assume that this feature is implemented by simply sharing your device's (already recorded) latest location ping with your friends, in which case this is also currently out of scope for the project - the library only intends to interact with the "other-devices-find-my-device" network in order to be account-agnostic.
On a separate thought, if Apple has not taken concerns such as the one you portrayed into account when designing Find My Friends then I would suggest not using the system altogether. At that point it's only a matter of time before someone figures out how to extract the data. But that's an entirely different story and a personal consideration you'll have to make.
Yeah, uh... you might do well to assume that they can. The Find My Friends API is really really simple, I have a script somewhere that can pull the locations of everyone who has shared their locations with me and record it.
(I'm also the one who wrote the original code that was refactored a couple times until it became this project... https://github.com/JJTech0130/pypush/blob/async/examples/ope...)
This is awesome. Now I's starting to hope a similar thing is possible to manage Screen Time.
It's not clear to me how to actually get the required plist file to make this library work. Neither of the scripts in this issue seem to work: https://github.com/malmeloo/FindMy.py/issues/31
Is the syntax to run them just `swift <filename.swift>`?
Swift/ErrorType.swift:253: Fatal error: Error raised at top level: main.MyError.noPassword
Which version of MacOS are you using? I believe Apple has made changes to the keychain in the latest version which prevents the scripts from working properly.
The only Apple "device" I have regular access to is a hackintosh, so this stuff is frustratingly hard to debug. So far I've been relying on efforts from the community, but the scripts appear to be somewhat flaky and don't always work for everyone unfortunately.
I am on Sequoia 15.3. If I can do anything to help, let me know.
As someone who lives in an Android family but would still like to use air tags since it's the biggest network in the U.S. I'd love a way to add and use air tags without needing to have an iPhone!
The whole point of services like this is to get you into the ecosystem. This is a value add for iPhone users.
Can I use this, if I have an iPhone, to trigger actions on a server based on my location?
For example, “When I come home, fetch the latest electricity prices and notify me if I should plug in my Tesla”.
I tried that using Shortcuts, but they won’t run location based without confirmation. (There are some workarounds, but they, too, don’t work reliably in my experience.)
If you literally mean when you return home, I’ve been running Shortcut automations triggered by leaving home and arriving home, using the built in “My Home” triggers. They don’t require confirmation and as best as I can tell have been completely reliable.
Technically, yes! I have an experimental Home Assistant integration here, if you're into that stuff: https://github.com/malmeloo/hass-FindMy
However, do note that AirTags put themselves into "nearby" mode when they're near an owner device, at which point they become untraceable to the FindMy network (the system where other iPhones are finding your AirTag and uploading its location). That also makes it invisible to this library. It is however still possible to detect it using the BLE signal it is broadcasting in nearby state, which is supported by the library but not yet by the HA integration.
Stupid question but couldn’t you just always plug it in and then automate the bit where it actually energizes the outlet?
Fore those not familiar with the Apple ecosystem, what does "Find My" do? locate apple devices ?
https://en.wikipedia.org/wiki/Find_My
> Find My is an asset tracking service made by Apple Inc. that enables users to track the location of iOS, iPadOS, macOS, watchOS, visionOS, tvOS devices, AirPods, AirTags, and a number of supported third-party accessories through a connected iCloud account. Users can also show their primary device's geographic location to others, and can view the location of others who choose to share their location. Find My was released alongside iOS 13 on September 19, 2019, merging the functions of the former Find My iPhone (known on Mac computers as Find My Mac) and Find My Friends into a single app. On watchOS, Find My is separated into three different applications: Find Devices, Find People and Find Items.
Correct. You can also share your location with friends. A lot of friend groups (at least my age) use Find My as a kind of social network.
Does it have any battery impact? I've never tried these always-on location tracking things partly due to (unfounded?) concerns about battery use.
its not always on in that way. It will report your location when requested, and optionally just before shutting down.
How does that work woth your friends? Always on access or just occasionally?
> Always on access or just occasionally?
You have quite a few granular choices.
> You can share your current location once, temporarily share your location while you're on the way to an expected destination, or share your ongoing Live Location... for an hour, until the end of the day, or indefinitely.
In Messages, you can use Check In to share your location... Your location is shared only if there's an unexpected delay during your trip or activity and you're unresponsive.
https://support.apple.com/en-us/105104
Always on. You can see where your friends are at both in Find My and under their contact photo in your iMessages chat.
Personally I do not find the idea comforting that someone (anyone) may know where I am at all times. I would not even trust Apple either.
This is actually one of the big differences between generations. It’s not just the norm for young people to share locations, but rather almost expected, with real social consequences for not. Yes it’s probably a little weird to have someone’s precise location 100% of the time, but since you’re sharing it with me there’s a good deal of trust implied (though this is not always the case as it has become more normalized). However, if we stop sharing locations, that usually implies a divorce of the relationship. People will shut you out of their life if you stop sharing your location with them, no matter the reason. From that lens, the choice is simple. You’ve gotta share your location, even if it’s a bit icky from a privacy perspective or you risk losing an entire cohort of friends. I will admit, there is a strange level of intimacy for having done it. In a world increasingly dominated by the pixels on this 4x8 screen, it is a nice reminder that the text bubbles on my phone actually come from real people that I can show you on a map.
(Obviously you can find friends who don’t care for it and you can live a normal life and be just fine. I’m privacy conscious but I still share my location with a handful of friends for the above reasons.)
> People will shut you out of their life if you stop sharing your location with them
Is the implication of this that such people just don't interact with Android users? That seems like a significant self-imposed limitation. Or are Android phones just extremely unpopular in your area?
Yeah, I switched to an iPhone solely for the blue text bubbles. Among young women in my bubble, 98% have iPhones. I’d get sneers at bars from girls when my first text on their phone was green. People would complain openly about my phone ruining their group chats. While I preferred android tech, switching to iPhone was a no-brainer because it removed a lot of friction in social settings.
It’s a bit sad that these days I can’t say if you are joking or not.
https://nypost.com/2024/10/07/lifestyle/are-iphone-users-pet...
you can control who you share your location with and for how long. I think the options are, just once, for an hour, for the day and forever.
It's a virtual leash for couples.
Blame the emotionally dysfunctional, not the tool. It’s only a problem if it changes how you would live your life or pressured or coerced (in which case, say no).
Always on, works as a great way to check in on close friends or have them check in on you (like someone going on a first date)
Importantly, it works in a peer-to-peer kind of way. Apple devices act as kind of beacons and nearby iPhones can notify Apple servers of any nearby devices they detect (in a way not decryptable by Apple, only by the owner of the devices).
So AirTags, MacBooks, and turned-off iPhones are findable via passing-by turned-on iPhones.
Is it not a glaring privacy and security hole that turned-off devices can still be located?
Maybe it's just me, but if I own an internet-connected device and I turn it off, I expect it to be off. That an iPhone's definition of "off" means "you can't use it but other random people's iPhones in the vicinity can still connect to and ping it" rubs me the wrong way.
The off-but-still-on functionality can be turned off, and the OS does disclose that by default the device is still findable on the power off screen.
Other phones in the vicinity don't connect to yours. Yours uses Bluetooth LE to periodically broadcast some data. Other phones in the vicinity relay that data along with the approximate location to Apple.
It is not. If you don’t want your device to participate, you ca elect not to enable Find My during setup. The vast majority of people would rather a their couldn’t just turn off a stolen phone and render it unlocatable.
Also the location is only accessible to you, the owner of the device. Not Apple or "random other people's iPhones".
The engineering and thought that went into the whole thing to be useful but also privacy protecting is actually pretty impressive, and exactly the kind of thing we should be encouraging companies to do if we care about privacy. Especially since as you point out, you can still easily turn it off at any point if you want.
[flagged]
With the Apple and the Google ecosystems!
I don’t use the person tracking very often except on group vacations, but I track a vehicle with an AirTag after a car theft for a little peace of mind (along with other preventative measures). Every now and then it’s handy for my own devices, too, including alerting me when I’ve accidentally left one behind at a non-routine location.
A bunch of stuff:
- Find your Apple Watch, AirPods, laptop etc
- Find family member devices if they've granted you access to do that
- Find AirTags
- Show you the location of friends who have granted you access
Does this require you to run a virtualized apple OS in order to keep track of your tags?
Hope someone integrates this with Home Assistant soon!
https://github.com/malmeloo/hass-FindMy
It still has some rough edges, but I've been running it for a few months now for myself and some family members without any major issues :-)
Can i add xiaomi "airtag" with it?
I'm not familiar with these tags, do they implement the FindMy protocol? If it's a proper 3rd party AirTag ("Works with FindMy") then it should be supported, see the AirTag example in the repository for more info.
Using this as soon as Play sound is integrated!
I remember there was a time when “web services” were the new hotness and everybody was gonna offer some API to whatever they had online.
What happened to this? We’ve even got the authentication part nailed down now thanks to OAuth! There is even API gateways that you can park in front of your stack that manage all the hard parts like granting client secrets to API consumers and showing registration screens to developers.
There is really nothing stopping you from opening up parts of your stack to developers and tinkerers so they can do cool shit. It even gets people to lock into your product that much more because now they’ve integrated some part of their workflow into your system in a way that might not be possible without your service!
So yeah. You already have these API’s exposed for your front end apps to use. Why not just slam a developer portal on top and let people access some of it? Who knows what cool things they’ll cook up!
[flagged]
[flagged]
[flagged]
https://localsend.org/
That wants me to install a binary. I don't want to run any external code on my hardware.
If the constraint is that you don't want to install any software, there are a bunch of these web based AirDrop clones, besides the ones mentioned here are two more:
https://pairdrop.net/
https://snapdrop.net/
I've tried PairDrop, it works well.
try https://sharedrop.io/
This also looks interesting.
My question is similar to the wormhole one.
Does it really need to be 168 files of code to do this? I don't know WebRTC, but wouldn't a single PHP file be enough to create the connection between the two devices?
> I don't know WebRTC, but wouldn't a single PHP file be enough to create the connection between the two devices?
I mean, they could concatenate all 168 files and stuff them into a single <script> tag in the PHP if that would make you happier…
This. There’s even a QR code you can scan so you don’t have to type on the mobile device.
https://webwormhole.io/
That looks like an interesting approach.
Does it really need to be a giant application made from "Go, JavaScript, TypeScript and Python"?
What does all that code do? Wouldn't a single PHP file that acts as the connection between the two devices be enough?
Webwormhole needs those to setup a direct p2p connection.
Php you need intermediaries.
Dropbox.
Is that a "Sign up and install our binaries on your devices" service?
I prefer to not install additional software from 3rd parties on my devices.
You'll have to ask the apple overlords to make and install by default the app you want then.
With an iPhone you’d have AirDrop built in.