Posted on 01/02/2023 1:22:12 PM PST by Red Badger
The Wi-Peep stands out due to its accessibility and portability. In addition, it was created by Abedi’s team using only a store-bought drone and a small amount of readily available hardware, costing only $20.
The drone-powered device exposes vulnerabilities in WiFi security.
A team of researchers from the University of Waterloo has created a drone-powered device that can see through walls using WiFi networks.
The device, named Wi-Peep, can fly close to a building and then utilize the WiFi network of the inhabitants to quickly identify and locate any WiFi-enabled devices within.
The Wi-Peep exploits a loophole the researchers call polite WiFi. Even if a network is password protected, smart devices will automatically respond to contact attempts from any device within range. The Wi-Peep sends several messages to a device as it flies and then measures the response time on each, enabling it to identify the device’s location within a meter.
Dr. Ali Abedi, an adjunct professor of computer science at Waterloo, explains the significance of this discovery.
“The Wi-Peep devices are like lights in the visible spectrum, and the walls are like glass,” Abedi said. “Using similar technology, one could track the movements of security guards inside a bank by following the location of their phones or smartwatches. Likewise, a thief could identify the location and type of smart devices in a home, including security cameras, laptops, and smart TVs, to find a good candidate for a break-in. In addition, the device’s operation via drone means that it can be used quickly and remotely without much chance of the user being detected.”
While scientists have explored WiFi security vulnerability in the past using bulky, expensive devices, the Wi-Peep is notable because of its accessibility and ease of transportation. Abedi’s team built it using a store-bought drone and $20 of easily purchased hardware.
“As soon as the Polite WiFi loophole was discovered, we realized this kind of attack was possible,” Abedi said.
The team built the Wi-Peep to test their theory and quickly realized that anyone with the right expertise could easily create a similar device.
“On a fundamental level, we need to fix the Polite WiFi loophole so that our devices do not respond to strangers,” Abedi said. “We hope our work will inform the design of next-generation protocols.”
In the meantime, he urges WiFi chip manufacturers to introduce an artificial, randomized variation in device response time, which will make calculations like the ones the Wi-Peep uses wildly inaccurate.
Reference:
“Non-cooperative wi-fi localization & its privacy implications” by Ali Abedi and Deepak Vasisht, October 2022, The 28th Annual International Conference on Mobile Computing and Networking (ACM MobiCom 22).
DOI: 10.1145/3495243.3560530
My dishwasher is spying on me!....................
Excuse me. What?
A Wifi wave can walk through walls. Listened for, it cannot be heard; looked for, it cannot be seen; felt, it cannot be touched...
My d/w takes about 30 min and is only hooked up to the hot water.
It is a few decades old....
If your home is practically carpeted with such devices, what does it tell you?
Mine is only a couple of years old, made by LG, and it has WiFi for some odd reason.......................
We have LG everything, washer, dryer, Refrigerator, Stove, microwave and dishwasher.
They are ganging up on us!..................
Sounds like a soon to be government spy tool.
“....it has WiFi for some odd reason...”
Can you communicate with little Rocket Man using the connection?
We need little flash memory cards we can pull out of any devise to disconnect them from the internet.
Snooping data loggers for the owner’s use.
.
Make sure your Rhumba gets the VAX.
I wish my wife was that young...
Soon, we’ll have to live with no expectation of privacy anywhere.
How old is this news? Who’s been hibernating?
I think a tinfoil hat for your iphone might be a good idea.
/s
Dang...better get started losing that 30 pounds.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.