Oddbean new post about | logout
 In theory, but I’m not sure if you can transmit arbitrary messages over that without being Apple. 
 The attacker could pretend it's 256 devices and transmit the seed by simply sending or not sending a message. It's not that high number. 
 My point was I’m not sure you can pretend you’re *any* devices without being an Apple device. In any case nostr:nevent1qqsqac7czr2hk05gkf0l5s59tg3tz8xyspn9ea7aqxrvg9pswev8y8spzfmhxue69uhk7enxvd5xz6tw9ec82cspz3mhxue69uhkummnw3ezummcw3ezuer9wcq3gamnwvaz7tmjv4kxz7fwv3sk6atn9e5k7qglwaehxw309ahx7um5wgkhyetvv9ujucnfw33k76tw9ehxjmn2vy728fpa 
 They have cheap BLE tags. If those cannot be reverse-engineered maybe you can record their beacons without the reach of any other device and then just replay them. Buying 256 tags may be worth it if the victim stores tens of millions satoshis.

I'd be really surprised if there isn't any way to sneak out 256 bits of data. Or less if the attacker wants to do some brute forcing. 
 I understand the data to be signed and tied to an Apple ID. It may well also be tied to some per-device factory-sealed key. I mean you can always buy 256 real AirTags but hardware modifications are much more likely to be detected than software ones.