findmydeviced

JSON
executablemacOS1.9 MBx86_64, arm64

System authentication and device management — handles user identity, biometrics, and MDM policies

Manages Apple ID authentication, Touch ID/Face ID biometric verification, and keychain access for credential storage. Enforces MDM configuration profiles and device management policies set by enterprise administrators. Accesses location services, Bluetooth LE hardware, and network configuration to support authentication flows and device tracking. Communicates with 22 network endpoints for authentication services and policy synchronization. Exposes 4 XPC services for system components and applications to request authentication, verify identity, and query device compliance status.AI

Fingerprint

Platform
macOS
Type
executable
Arch
x86_64, arm64
Min OS
26.1.0
SDK
26.1.0
File Size
1.9 MB
UUID
17995FDC-C2FC-3B30-B765-6F78DCE3A0BC
Analyzed
2026-04-09T09:49:30Z
CDHash
8dcefeca1a4066029d3a9f513c4ad4bef24df3217858320b193c888f430e3f7f

Capabilities

LocationAccess location as a system bundle (no user prompt)
com.apple.locationd.effective_bundle[object Object]
LocationLocation services access
/System/Library/Frameworks/CoreLocation.framework/Versions/A/CoreLocation
LocationLocation services access
/System/Library/Frameworks/_LocationEssentials.framework/Versions/A/_LocationEssentials
NetworkNetwork configuration and reachability
/System/Library/Frameworks/SystemConfiguration.framework/Versions/A/SystemConfiguration
NetworkCore networking (HTTP, FTP, DNS)
/System/Library/Frameworks/CFNetwork.framework/Versions/A/CFNetwork
StorageException: access additional file paths
com.apple.security.exception.files.absolute-path.read-write
/private/var/db/systemgroup.com.apple.icloud.searchpartyd.sharedsettings/savedConfiguration.plist
HardwareDirect hardware/driver communication
/System/Library/Frameworks/IOKit.framework/Versions/A/IOKit
HardwareBluetooth LE device access
/System/Library/Frameworks/CoreBluetooth.framework/Versions/A/CoreBluetooth
IpcRestricted application group access
com.apple.private.security.restricted-application-groups
group.com.apple.icloud.findmydeviced
IpcShared application group container access
com.apple.security.application-groups
group.com.apple.icloud.findmydeviced
IpcException: access additional Mach services
com.apple.security.exception.mach-lookup.global-name
com.apple.nfcd.hwmanagercom.apple.icloud.searchpartyd.ownersessioncom.apple.icloud.searchpartyd.beaconmanagercom.apple.icloud.searchpartyd.pairingmanagercom.apple.security.octagoncom.apple.securityd.ckkscom.apple.findmy.findmylocate.friendshipservicecom.apple.findmy.findmylocate.locationservicecom.apple.findmy.findmylocate.settings
SecurityApple ID authentication
/System/Library/PrivateFrameworks/AuthKit.framework/Versions/A/AuthKit
SecurityTouch ID / Face ID / password auth
/System/Library/Frameworks/LocalAuthentication.framework/Versions/A/LocalAuthentication
SecurityKeychain, certificates, code signing
/System/Library/Frameworks/Security.framework/Versions/A/Security
SecuritySecurity framework extensions
/System/Library/Frameworks/SecurityFoundation.framework/Versions/A/SecurityFoundation
SystemAccess MDM configuration profiles
com.apple.private.managedclient.configurationprofiles[object Object]
SystemMDM configuration profiles
/System/Library/PrivateFrameworks/ConfigurationProfiles.framework/Versions/A/ConfigurationProfiles

Entitlements43

adi-client661321174
com.apple.authkit.client.privatetrue
com.apple.findmy.findmylocate.friendshipservicetrue
com.apple.findmy.findmylocate.locationservicetrue
com.apple.findmy.findmylocate.settingstrue
com.apple.icloud.FindMyDevice.FindMyDeviceEraseXPCService.accesstrue
com.apple.icloud.FindMyDevice.FindMyDeviceIdentityXPCService.accesstrue
com.apple.icloud.FindMyDevice.FindMyDeviceSharedConfigurationXPCService.accesstrue
com.apple.icloud.searchpartyd.beaconmanagertrue
com.apple.icloud.searchpartyd.ownersessiontrue
com.apple.icloud.searchpartyd.pairingmanagertrue
com.apple.icloud.searchpartyd.securelocationstrue
com.apple.icloud.searchpartyd.securelocations.accesstrue
com.apple.locationd.authorizeapplicationstrue
com.apple.locationd.effective_bundletrue
com.apple.mobileactivationd.spitrue
com.apple.nfcd.hwmanagertrue
com.apple.private.CoreAuthentication.SPItrue
com.apple.private.RemoteServiceDiscovery.device-admintrue
com.apple.private.admin.writeconfigtrue
com.apple.private.aps-connection-initiate
com.apple.mobileme.fmip
com.apple.private.audio.notification-wake-audiotrue
com.apple.private.bmk.allowtrue
com.apple.private.ckkstrue
com.apple.private.critical-wake-pushtrue
com.apple.private.dark-wake-pushtrue
com.apple.private.darwin-notification.restrict-post.fmip.lostmode.enabletrue
com.apple.private.findmymacd.spitrue
com.apple.private.icloud.FindMyDeviceBridge.accesstrue
com.apple.private.iokit.assertonbatterytrue
com.apple.private.iokit.assertonlidclosetrue
com.apple.private.iokit.interactive-pushtrue
com.apple.private.managedclient.configurationprofilestrue
com.apple.private.octagontrue
com.apple.private.security.nvram.fmmtrue
com.apple.private.security.restricted-application-groups
group.com.apple.icloud.findmydeviced
com.apple.private.storagekitd.infotrue
com.apple.private.tcc.allow
kTCCServiceAccessibility
com.apple.security.application-groups
group.com.apple.icloud.findmydeviced
com.apple.security.exception.files.absolute-path.read-write
/private/var/db/systemgroup.com.apple.icloud.searchpartyd.sharedsettings/savedConfiguration.plist
com.apple.security.exception.mach-lookup.global-name
com.apple.nfcd.hwmanagercom.apple.icloud.searchpartyd.ownersessioncom.apple.icloud.searchpartyd.beaconmanagercom.apple.icloud.searchpartyd.pairingmanagercom.apple.security.octagoncom.apple.securityd.ckkscom.apple.findmy.findmylocate.friendshipservicecom.apple.findmy.findmylocate.locationservicecom.apple.findmy.findmylocate.settings
com.apple.security.exception.shared-preference.read-write
systemgroup.com.apple.icloud.searchpartyd.sharedsettings
com.apple.security.system-groups
systemgroup.com.apple.icloud.searchpartyd.sharedsettings

Interesting Strings

Network Surface

Networking Frameworks

CFNetworkCoreFoundationFoundationSecurityFoundation

Endpoints(22)

Urlhttps://fmipalservice.icloud.com/alservice/initActivationUnlock
Hostnamefmipalservice.icloud.com
Urlhttps://fmipalservice.icloud.com/alservice/disableAL
Hostnamegateway.icloud.com
Urlhttps://fmipalservice.icloud.com/alservice/disableALHandshake
Urlhttps://fmipalservice.icloud.com/alservice/validateActivationLock
Hostnamecadmium.icloud.com
Urlhttps://fmipalservice.icloud.com/alservice/disableManagedActivationLock
Urlhttps://fmipalservice.icloud.com/alservice/disableActivationLock
Urlhttps://fmip.icloud.com/fmipservice/stats/infoRequest
Hostnamefmip.icloud.com
Ipv60:8:16
Urlhttp://www.apple.com/DTDs/PropertyList-1.0.dtd">
Hostnamewww.apple.com
Hostnamemacosx26.1.internal
HostnameHcom.apple.private.darwin-notification.restrict-post.fmip.lostmode.enable
Hostname8systemgroup.com.apple.icloud.searchpartyd.sharedsettings0
Hostname8systemgroup.com.apple.icloud.searchpartyd.sharedsettings
Urlhttp://www.apple.com/appleca/root.crl0
Urlhttp://crl.apple.com/codesigning.crl0
Hostnamecrl.apple.com
Urlhttps://www.apple.com/appleca/0

DNA Capability Vector

Location
3
Keychain
0
Network
2
Storage
1
Hardware
2
IPC
3
Analytics
0
Security
4
System
2

Behavioral Profile

URL Endpoints
12
Telemetry Strings
11
File Paths
49
Bundle IDs
159
IOKit Constants
0
Library Functions
0

Structural HashesSHA-256

Code6148c0932d9a91ca2520652322e11c9ce038ddd4613d45d9da868b3899be3796
Imports667f7c2ac2f12794f42aafc184f3c39ba9d7eea2463b26dca3ea4566fa3f1477
Frameworks38ade254947d1772062199e107d43e13dd28ec679a5c42f69bdf066477808c01
Classesc82baa072f4970d52701c599520f2a2960ae4180ebf18e35cad972d916bf60a8
Entitlements5df747ab79a7b8688d3d79f05b5ede2b9195876b3b2060a2956bc98725fc6a7f
Symbols5d0c10386a73667067dacdb34ea3315e8413fddc3af0e5a7d3faceb90742b270

Static Libraries0 / 3291 functions identified

Functions(3291)

0x100001d40-[FMDNetworkAction initWithRequest:andServerInteractionController:]
0x100001de8-[FMDNetworkAction actionType]
0x100001e18-[FMDNetworkAction runWithCompletion:]
0x1000021ecsub_1000021ec
0x100002218sub_100002218
0x100002220sub_100002220
0x100002314sub_100002314
0x100002378sub_100002378
0x1000023c8-[FMDNetworkAction willCancelAction]
0x1000024e8-[FMDNetworkAction shouldCancelAction:]
0x1000024f0-[FMDNetworkAction shouldWaitForAction:]
0x1000024f8-[FMDNetworkAction description]
0x10000258c-[FMDNetworkAction serverInteractionController]
0x100002594-[FMDNetworkAction setServerInteractionController:]
0x1000025a0-[FMDNetworkAction request]
0x1000025a8-[FMDNetworkAction setRequest:]
0x1000025b4-[FMDNetworkAction .cxx_destruct]
0x1000025f8sub_1000025f8
0x100002618sub_100002618
0x100002628-[FMDCheckActivationLockRequest initWithContext:]

Imports421 symbols from 36 dylibs

libSystem.B.dylib97CoreFoundation76Foundation46libobjc.A.dylib40FindMyDevice35

Exports1

_mh_execute_header0x0

Similar Binaries1,470 comparable

findmydevice-user-agent
46.2%
mdmclient
43.9%
dmd
42.6%
studentd
42.2%
networkserviceproxy
42.2%
remoted
42.0%
seld
41.9%
inboxupdaterd
41.8%
secd
41.7%
storagekitd
41.7%