How does using a VPN work with the Find My iPhone app? I currently use PIA and noticed that even though I use a VPN my macbook will still show up at the correct location in the app. I like to think I’m a tech savvy person but these kinds of things throw me for a loop. If Apple is able to locate me with a single app, what makes a VPN a “secure” choice for scrambling your IP address? Is Apple’s locator based off something other than an IP? Is it a GPS thing? Is it a possibility that a VPN could render the find my iPhone app useless in an actual theft situation?
Location is done via wifi normally. It looks for wifi networks in range, because every iPhone basically acts as a survey/location scout for wireless Access points, it has an accurate database of access point hardware address to geo location. Turn off your wifi and try again. The VPN doesn’t play into it in this case. You load find my phone, Apple sends a notification to your laptop via iCloud saying ‘hey, I need your location’ and your laptop gets its location using wifi beacons and sends it to iCloud.
Edit: added more detail
I just tested this using TorGuard on my iPhone. I used a VPN server at least 200 miles away and the location returned where my iPhone is.
The way I think it might work is that Find My iPhone sends a request to the device making the device determine its own location.
The device being able to locate itself physically is a totally different thing than the network transport used to communicate back to the server telling the server where the device thinks it is.
For iPhones they use: Bluetooth iBeacons, wifi triangulation, cell tower triangulation, and lastly satellite systems
For Mac: wifi triangulation
IP is a last resort and highly unreliable.
The answer (your iPhone checks local Wi-Fi access points and GPS) highlights the fact that actually Apple are in a very good position to track VPN usage to real life locations and thus people.
If you have a local location of a source (coupled with knowing what native IP usually lives there from historical records) and your current VPN’d IP on the same device, you can tally the two and know who’s using the source IP.
What’s wrong with this picture?
I really appreciate such a thorough response. This answered my questions perfectly.
What’s wrong with this picture?
Using a device with locations services for sensitive work
Obviously what I meant was, why haven’t I heard others highlighting this simple VPN-cracking source before?