Precisely. I'm grounded, but I have bought a few airtags. They're on keychains and will be attached to some clothing (thought about other places in the luggage, but for most of it, doesn't really help) when I can get up in the air again. In the meantime, I have attached an airtag inside my car with a keychain where it's not easily found.

Was wondering, if a Samsung phone connects to a plane's WiFi, would these track, while say, you're over the ocean?

An apple AirTag won’t connect to an android device to anonymously update it’s location, it’s an IOS only integration. But an Airtag will connect if close enough to somebody ELSE on the planes ios device assuming they have some wifi connectivity even over an ocean - I would imagine. I’ve had devices update over the USA at least (connectivity is connectivity) when my IOS devices were off for the most part and give updates certainly due to other ppls IOS devices connecting to the AirTags and uploading location information. Certainly over CONUS many more flyers are buying and using WIFI and have IOS devices of one sort or another ON and active.

what I’m not certain about is if the https conduit that airtags use or the IOS device uses to SEND the data over the internet to apple is in the subnet or the unrestricted HTTP/S path that certain airline carriers have OPEN and that don’t require a purchased internet package while in flight.

I see what you're getting at. I suspect it's likely not, there's no incentive for them for them to do so. Unless Apple paid them for this access, why would they allow data to anything other than their own sites and the service providers? They may allow some messaging apps, but this? I doubt it. But it'd be very hard to test.

Agree, I don’t see any incentive, but it could just be happening coincident. For example, with IOS Messages is the end to end secure encrypted channel that apple uses between IOS endpoints.. it MIGHT also be the conduit that apple uses to send the anonymous and most likely encrypted Airtag data.. For United as an example, one can activate FREE messaging over this protocol (it’s not SMS messaging but data messaging) without paying for Internet on a flight.

If apple is using that protocol at least for the AirTags information transport, then its possible that when anyone on the plane with an IOS device has enabled the free messaging, that a proximate AirTags that sees their device, then this tag information could be sent out over the sat/internet encrypted messages pathway and ultimately update the apple AirTag server information in relative real-time

Wells did anyone successfully try it? AirTag, Tile or SmartTag, just wondering, did it track while you had it in your luggage over the ocean?

I haven't heard anything flattering about any airline IT department, however, it would be easy to block... you only allow https/443 (blocking all other ports) and set it to only direct only to a united or panasonic (as examples, I have no clue who their provider is) IP address/name. Quite likely they haven't configured the above example properly. Done smartly with a proper SIEM, they would likely see this kind of info (they might be collecting it and not managing it properly) and filter those out if they wanted to. I know some airlines offer messaging apps access free of charge, but considering how much they all whine about a lack of profit they're making, I find it hard to believe that they wouldn't see some of these loopholes and closing them.

That said, I don't know how complicated it is with aircraft systems. On a standard network, it's not that difficult.

Voice VOIP (which is basically anything today) audio calls and video and audio streaming over VPN still works fine, they haven’t shut that down yet in over 10 years.

Yes, but that's the whole point of a VPN. It encrypts and obfuscates data. Unless you have the key, you only know data is going to or coming from a proxy service. What that data is, you don't know. Where it going to or coming from is a total mystery. They could block known VPN servers, but that's a whack a mole game that requires constant playing.

It’s not really a game of whackamole, it’s a protocol (several actually, but defined) like any other, and the main destination VPN server IP ranges and destinations don’t change that often. But IF they blocked the VPN protocols they would also block all the legitimate and necessary uses of VPN while traveling for say business travelers and most likely actually LOSE many of those flyers, so they can’t and I think they won’t.

they couldn’t really or wouldn’t really be able to try and figure out which VPN providers, or destination servers were being used for non-approved uses because there’s just no way to know which ones are being used for those purposes.

They COULD make VPN use simply more painful for either VOIP audio streaming, Zoom streaming or other video/audio streaming by putting in some throughput interference or sequencers so legitimate approved VPN access like corporate mail or pst file download etc. would simply surge and fall, surge and fall and for the user appear relatively stable and intact.. but for an audio stream, let alone video, it would just stop or drop too many packets, or stutter and freeze, and for the user probably become so dissatisfactory as to avoid its use.

Let’s hope they don’t read this stuff.

Exactly. So blocking the protocols isn't the way they would go as you would kill corporate VPNs. However, they really just have to block commercial VPN providers (think NordVPN/Express VPN/PIA/etc) at the IP range level (which would be a lot of work considering the big ones all sub-contract data centers and use their names for registration) All the big corporations have their own ASNs and contracts with main providers for their VPNs. But that's what the whack a mole game is about.


That's the other think about corporate VPNs... in general large corporate VPNs frown upon most streaming sites. I know of several that restrict the use of any streaming while connected to their VPNs. They might allow for boutique sites to host things like training videos, but sites like Youtube? Not a chance. So those aren't the ones they're worried about.

And that would lessen the user experience and drive away travelers. There's also a good chance that would corrupt any file transfers such as corporate mail. But that said, I doubt Apple or Tile or Samsung would set up something like that just to thwart tags/tiles/etc. .

I am seeing a lot of smart finder tags being sold in Asia. Definitely Chinese products and says both IOS and Android. Not expensive either so wonder if anyone has tried any other products other than Tile? One was called Smart Finder. I use Air Tags and if there is a good android choice I will buy it.

The bigger "issue" is that many airlines now have free/low-cost messaging access, at least once authenticating in their captive portal. If that messaging access includes iMessage, that access requires creating some rule to allow traffic to Apple's servers so that users can send and receive iMessages. Those same rules may be broad enough to also allow whatever system Apple uses to communicate location data for AirTags to function - after all, both are housed on Apple servers and use encrypted connections to them, and neither (presumably) requires a lot of bandwidth to function.

Several airlines allow free iTunes access which requires a data connection to the Apple servers Browsing iTunes and downloading purchases is more data intensive than iMessages or the AirTags.

It depends on your use case. Part of the appeal of the big brand tags is that you don't necessarily have to be near the tag to track it. Chinese tags/tiles/whatever you want to call it likely wouldn't have that kind of coverage. They might have a plugin with Wechat, but again, limited market vs. Apple or Google/Samsung. I mean, if you travel within Asia, it might be competitive, but outside of that? Not so much (especially with security allegations against them)

It'd still be blockable. Both are Apple services, however Apple would point them at different servers. Otherwise there could be a service degradation. It's just a matter of capturing the data and breaking it down (not difficult for a security outfit to do). This is just something airlines have to decide on. If the effort is worth it or not.