Best News Network

Researchers discover security loophole allowing attackers to use Wi-Fi to see through walls

Researchers discover security loophole allowing attackers to use Wi-Fi to see through walls
Overview of Wi-Peep. Credit: Proceedings of the 28th Annual International Conference on Mobile Computing And Networking (2022). DOI: 10.1145/3495243.3560530

A research team based out of the University of Waterloo has developed a drone-powered device that can use Wi-Fi networks to see through walls.

The device, nicknamed Wi-Peep, can fly near a building and then use the inhabitants’ Wi-Fi network to identify and locate all Wi-Fi-enabled devices inside in a matter of seconds.

The Wi-Peep exploits a loophole the researchers call polite Wi-Fi. Even if a network is password protected, smart devices will automatically respond to contact attempts from any device within range. The Wi-Peep sends several messages to a device as it flies and then measures the response time on each, enabling it to identify the device’s location to within a meter.

Dr. Ali Abedi, an adjunct professor of computer science at Waterloo, explains the significance of this discovery.

“The Wi-Peep devices are like lights in the visible spectrum, and the walls are like glass,” Abedi said. “Using similar technology, one could track the movements of security guards inside a bank by following the location of their phones or smartwatches. Likewise, a thief could identify the location and type of smart devices in a home, including security cameras, laptops, and smart TVs, to find a good candidate for a break-in. In addition, the device’s operation via drone means that it can be used quickly and remotely without much chance of the user being detected.”

While scientists have explored Wi-Fi security vulnerability in the past using bulky, expensive devices, the Wi-Peep is notable because of its accessibility and ease of transportation. Abedi’s team built it using a store-bought drone and $20 of easily purchased hardware.

“As soon as the Polite Wi-Fi loophole was discovered, we realized this kind of attack was possible,” Abedi said.

The team built the Wi-Peep to test their theory and quickly realized that anyone with the right expertise could easily create a similar device.

“On a fundamental level, we need to fix the Polite Wi-Fi loophole so that our devices do not respond to strangers,” Abedi said. “We hope our work will inform the design of next-generation protocols.”

In the meantime, he urges Wi-Fi chip manufacturers to introduce an artificial, randomized variation in device response time, which will make calculations like the ones the Wi-Peep uses wildly inaccurate.

The paper summarizing this research, Non-cooperative Wi-Fi localization & its privacy implications, was presented at the 28th Annual International Conference on Mobile Computing and Networking.

More information:
Ali Abedi et al, Non-cooperative wi-fi localization & its privacy implications, Proceedings of the 28th Annual International Conference on Mobile Computing And Networking (2022). DOI: 10.1145/3495243.3560530

Provided by
University of Waterloo


Citation:
Researchers discover security loophole allowing attackers to use Wi-Fi to see through walls (2022, November 3)
retrieved 3 November 2022
from https://techxplore.com/news/2022-11-loophole-wi-fi-walls.html

This document is subject to copyright. Apart from any fair dealing for the purpose of private study or research, no
part may be reproduced without the written permission. The content is provided for information purposes only.

Stay connected with us on social media platform for instant update click here to join our  Twitter, & Facebook

We are now on Telegram. Click here to join our channel (@TechiUpdate) and stay updated with the latest Technology headlines.

For all the latest Technology News Click Here 

 For the latest news and updates, follow us on Google News

Read original article here

Denial of responsibility! NewsAzi is an automatic aggregator around the global media. All the content are available free on Internet. We have just arranged it in one platform for educational purpose only. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials on our website, please contact us by email – [email protected]. The content will be deleted within 24 hours.