The group, which has a mixture of hardware and software skills and first detailed their hack as part of a technology collective called Lagrange Point, say a couple of dozen people have contacted them asking for help with their AirPods. “We’ve got a huge amount of interest from folks in India who have these AirPods or whose grandparents need them and they’ve not been able to use them,” Jayasimha says. Others have documented the same issue in social media posts.
The researchers demonstrated that they could bypass Apple’s geographic restrictions with a set of AirPods Pro 2 connected to a 10th generation Wi-Fi-only iPad. They note that it would be possible to do the workaround on an iPhone or iPad connected to a mobile carrier as well, but it would be more involved.
To find the workaround, the researchers first looked at the different ways that iOS establishes where a device is in the world. For Wi-Fi-only devices, there are a few checks. The server looks at which Apple Store region the device is connected to, as well as the timezone, language, and region the device is set to. Additionally, the operating system sends a simple web request to an Apple web service that then responds with the country code of the country the device appears to be in based on the location associated with its IP address.
The researchers first tried manually changing the time zone and region settings for the iPad, but it ultimately wasn’t clear whether this impacted their ability to hide the iPad’s true location. When masking the iPad’s IP address so it would appear to be connected in the United States didn’t work, the researchers assessed other metrics the device might be using to establish its geographic location. It turns out that iOS also examines Wi-Fi “Service Set Identifiers” or SSIDs that help devices connect to the right Wi-Fi network when there are many network signals in the air—like in an apartment building or at a coffee shop.
The operating system also uses GPS triangulation and device identifier “MAC addresses” of nearby devices, including routers, to establish a device’s location. In other words, even if a person in Bangalore uses a proxy to make it seem like their iPad has a US-based IP address, all the nearby routers and devices are associated with India-located IP addresses that give the real location away.
