i have a bunch of raspberry pis lying around. i have always been curious that the tiles i've used to track my stuff don't seem to rotate or change their mac addresses in any way, but i figured that there had to be something i wasn't seeing.
recently, there has been more talks about the flaws in the way that tile's broadcast their data. essentially, it isn't a serious exploit, but still one that reduces their security, and i want to create a fun program as a proof of concept to see if i could spoof a tile device and essentially get it to pop up at different locations across campus.
i'm not an expert on bluetooth by any means, but i have used mac addresses to keep track of presence detection in the past with home assistant. i first had the idea years ago when I could see that tiles showed up on the "add bluetooth device" menu on my phone, and the addresses didn't change. i just used the ble tracker integration, but after finding it unreliable because it ran on my raspberry pi not located at any of the house entrances, i didnt put much more thought into it.
what seems to be the problem, is that if a device was able to track a tile and find its rotating id (which is unencrypted) by checking the mac addresses of the tile, it could relay that information to another device. that device, which could formulate that message with similar contents, could broadcast it out in order to try and fool nearby phones with the tile app into believing it is the real tile, and then updating the location within tile's database.
i'm not very well versed in making my own tooling for these sorts of things, so my code may be very bad, but i will still try to share parts of it through the development process. also, as you can see, i have a blog now! check the rss feed out if you wanna follow. i should have more to share on the project very soon :3