Researchers have identified two vulnerabilities in Apple’s crowd-sourced Offline Finding technology that could jeopardize its promise of privacy. The technology enables the location of Apple devices even if they aren t connected to the internet. One flaw allows Apple to correlate different owners locations if their locations are reported by the same finder. Another flaw could allow someone to build malicious applications to retrieve and decrypt the OF location reports of the last seven days for all its devices. Apple has responded with a fix for the more serious flaw.
Source: https://threatpost.com/apples-location-system-expose-identities/164615/