-
-
Save henrik242/1da3a252ca66fb7d17bca5509a67937f to your computer and use it in GitHub Desktop.
#!/usr/bin/env bash | |
# | |
# Reads AirTag data from the FindMy.app cache and converts it to a daily GPX file | |
# | |
# Rsyncs the data to a web accessible folder that can be displayed with e.g. | |
# https://gist.github.com/henrik242/84ad80dd2170385fe819df1d40224cc4 | |
# | |
# This should typically be run as a cron job | |
# | |
set -o pipefail -o nounset -o errexit | |
export PATH=/usr/local/bin:$PATH | |
DATADIR=/tmp/airtag-data | |
TODAY=$(date +%d) | |
mkdir -p $DATADIR | |
DATA=$DATADIR/airtagdata-$TODAY.txt | |
GPX=$DATADIR/airtagdata-$TODAY.gpx | |
TAGNAME=Foobar | |
if [[ $(uname -s) == "Darwin" ]]; then | |
TOMORROW=$(date -v +1d +%d) | |
else | |
TOMORROW=$(date --date="tomorrow" +%d) | |
fi | |
rm -f $DATADIR/airtagdata-$TOMORROW.gpx | |
jq -r '.[] | select(.name == "'$TAGNAME'") | .location | "\(.latitude) \(.longitude) \(.altitude) \(.timeStamp/1000 | todate)"' \ | |
$HOME/Library/Caches/com.apple.findmy.fmipcore/Items.data >> $DATA | |
START='<?xml version="1.0" encoding="UTF-8"?> | |
<gpx xmlns="http://www.topografix.com/GPX/1/1" xmlns:mytracks="http://mytracks.stichling.info/myTracksGPX/1/0" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" creator="myTracks" version="1.1" xsi:schemaLocation="http://www.topografix.com/GPX/1/1 http://www.topografix.com/GPX/1/1/gpx.xsd"> | |
<trk> | |
<name>'$TAGNAME'</name> | |
<extensions> | |
<mytracks:color red="0.000000" green="0.000000" blue="1.000000" alpha="1.000000" /> | |
<mytracks:area showArea="no" areaDistance="0.000000" /> | |
<mytracks:directionArrows showDirectionArrows="yes" /> | |
<mytracks:sync syncPhotosOniPhone="no" /> | |
<mytracks:timezone offset="120" /> | |
</extensions> | |
<trkseg>' | |
END=' </trkseg> | |
</trk> | |
</gpx>' | |
echo $START > $GPX | |
function elems() { | |
LAT=$1 | |
LON=$2 | |
ELE=$3 | |
TS=$4 | |
} | |
cat $DATA | while read line; do | |
elems $line | |
echo '<trkpt lat="'$LAT'" lon="'$LON'"> | |
<ele>'$ELE'</ele> | |
<time>'$TS'</time> | |
</trkpt>' >> $GPX | |
done | |
echo $END >> $GPX | |
cp $GPX $DATADIR/airtagdata.gpx | |
rsync -a --exclude='*.txt' $DATADIR example.com:public_html/airtag/ |
Bummer. I'm still on Ventura, so I'm not affected (yet).
I am on Sonoma 14.3.1 but I built an airtag harvesting app that I was planning to go to production with for users to track the history on a map of their FindMy tags. Putting that on hold until I find out if I can decryot these files. This was expected as Apple frowns on tracking the history..
Maybe try putting that string in a file by itself and try to figure out what kind of encryption it is. Is it base64 encoded?
Also hitting this on 14.4.1
% plutil -p /Users/xxx/Library/Caches/com.apple.findmy.fmipcore/Items.data
{
"encryptedData" => {length = 40501, bytes = 0x82f73cb2 91a2aa9f 867bd9c0 30c79f5e ... d491f5f6 52b03543 }
"signature" => {length = 64, bytes = 0xcffcffcc d3befa46 13c3dd0b 0166762d ... eed8541f b9afbce1 }
}
yes, the encryption started in 14.4 so we would expect subsequent releases 14.4.x+ to now have it permanently. Stay with macOS 10.5 to 14.3.1 and your safe. It would be nice if we could decrypt the files but we need the key to decrypt them and I can't see any way to get that as Apple does not want you to look at your own files.
The key has to be somewhere (keychain?), it should be possible to reverse engineer and re-implement the decryption
Not very familiar with GitHub, hoping that commenting will allow me to get notified about any further comments here. I've backed up my cached FindMy files just in case the encryption is cracked in the future. If anyone needs a machine running 14.4.1 for testing, let me know!
Bummer. I'm still on Ventura, so I'm not affected (yet).