Researchers Build Creepy Drones That Can ‘See’ Other Wi-Fi Devices Through Walls
A pair of researchers at the University of Waterloo and the University of Illinois have created what they call “Wi-Peep,” a system that uses the data in Wi-Fi networks to locate devices behind closed doors. Wi-Peep itself consists of a low-cost ESP8266 Wi-Fi microchip, an ESP32 Wi-Fi and Bluetooth microcontroller, a microSD module, and a voltage regulator. The researchers attached these to a lightweight drone—an unnecessary but convenient addition that enhances their creepy project’s mobility.
Using what the researchers refer to as a “location-revealing privacy attack,” Wi-Peep exploits security gaps in the local access network protocol known as IEEE 802.11. Because wireless devices are typically made to accept connection requests (known as “contact attempts”) from other devices in close proximity, Wi-Peep can use Time-of-Flight (ToF) signals to ping a device it has no business attempting contact with. Wi-Peep can then use the resulting feedback to approximate the distance between itself and the target device.
How does Wi-Peep know what type of device it’s “seeing?” A device’s attributes are discoverable through its media access control (MAC) address, which is used to uniquely identify each device on a network. By gaining hold of a target device’s MAC address, Wi-Peep can help confirm whether an item is indeed the smart TV, tablet, smart home assistant, or another device it’s suspected to be.
The researchers, who specialize in computer science and the Internet of Things (IoT), are well aware that Wi-Peep and similar technologies can be wielded with malicious intent. In a presentation at MobiCom 2022, they expressed concern that bad actors could use Wi-Peep to track the locations of security guards in a bank or of unwitting families inside a residence.
But devices like Wi-Peep could have even broader privacy implications. Police officers—some of whom have made it clear they’re not above falsifying warrant information to invade people’s homes—could use the tech to conduct home and vehicle searches without people’s knowledge or consent. Insurance companies could use it to sneakily verify applications and claims, abusive exes could use it to control or spy on their former partners, and burglars could locate valuable electronics before strategizing a break-in.
Wi-Peep is a demonstration of the dire need for improved network protocol protections, as the researchers noted at MobiCom 2022. Whatever follows IEEE 802.11—a protocol known for its data interception loopholes—should be tougher to compromise than its predecessor. That is, unless we want people monitoring our home devices from the outside.
Continue reading
Google Uncovers iPhone Exploit That Can Steal Data Over Wi-Fi
According to Ian Beer of Google's Project Zero security team, the flaw allowed him to steal photos from any iPhone just by pointing a Wi-Fi antenna at it.
How to Boost Your Wi-Fi Speed by Choosing the Right Channel
Some channels in Wi-Fi routers are indeed much faster — but that doesn't mean you should go ahead and change them. Read on to find out more about interference and the massive difference between 2.4GHz and 5GHz Wi-Fi.
How to Boost Your Wi-Fi Speed by Choosing the Right Channel
Some channels in Wi-Fi routers are indeed much faster — but that doesn't mean you should go ahead and change them. Read on to find out more about interference and the massive difference between 2.4GHz and 5GHz Wi-Fi.
Netgear Has the First Quad-Band Wi-Fi 6E Mesh Router, but it Costs $1,500
Mesh routers are all the rage right now. Google, Amazon, Asus, Linksys, and many others have their own dual or tri-band mesh setups. Netgear says it has something new—the world's first quad-band Wi-Fi 6E system.