back to article Your body reveals your password by interfering with Wi-Fi

Modern Wi-Fi doesn't just give you fast browsing, it also imprints some of your finger movements – swipes, passwords and PINs – onto the radio signal. A group of researchers from the Shanghai Jaio Tong University, the University of Massachusetts at Boston, and the University of South Florida have demonstrated that analysing …

Silver badge

I'm not saying this is BS...

...but I'd want to hear a lot more about the specific setup and geometry they were using before assuming it isn't.

13
0
Silver badge

Re: I'm not saying this is BS...

Speaking as an RF engineer, it sounds perfectly plausible to me. Though I suspect they need the phone to be relatively still for it to work.

Another way to defeat it is to not use public WiFi.

13
2
Silver badge

Re: I'm not saying this is BS...

Not BS, but not a problem, either. Lab only, near as I can tell. Too much signal variation in the wild for these kind of measurements. Gut feeling; I'm prepared to be shown to be incorrect.

10
0
Silver badge

Re: I'm not saying this is BS...

Not BS, but likely to be a minor security problem in the wild compared to other issues with WIFI. I would not be surprised that effective range for this attack is relatively short. Also, it may be easily defeated by various measures that could be implemented.

1
0
Silver badge
Devil

Re: I'm not saying this is BS...

800 packets per second - that is fairly high pps. It looks like flooding the channel (more or less).

1. I do not see why they are using ICMP - that is daft - the target may notice. They just need to flood the airwaves with something - if they are in control of the AP they can encode it to another client key (even a non-existent one) and just shovel it out to get the relevant flood rate.

2. 800pps depending on packet sizes (what are they trying does not become clear from the article) looks like flooding the channel.

The attack looks plausible though - a MIMO with some good software is almost like a phased array radar :)

1
1
Anonymous Coward

Re: beamforming

"a MIMO with some good software is almost like a phased array radar :)"

Indeed, though the MIMO's a bit cheaper.

At least one cellular base station vendor was looking at using the same kind of phase-variation beam-forming techniques a couple of decades ago. Then the parent company went TITSUP and I don't know if it ever came to fruition.

Meanwhile the overall group's pensioners (tens of thousands of them in the UK - rather more than the twenty thousand or so affected by the BHS pension fiasco) still don't know whether their promised pensions will ever come to fruition, but the paperpushers involved have paid themselves a couple of billion dollars in the meantime.

E.g.

http://pwc.blogs.com/press_room/2016/10/nortel-pension-scheme-settlement-announced.html

(except it's not really announced and confirmed yet, more paperpushing is required)

http://www.forbes.com/sites/danielfisher/2016/04/05/nortel-bankruptcy-fees-approach-2-billion-as-court-hears-arguments-over-assets/#26b409f1e055

0
0
Silver badge

Re: I'm not saying this is BS...

Easy, just get corroboration from CERN who will be able to tell you how hard each key was pressed and presumably also whether the table has a wobbly leg, as they seem to have inadvertently built a new type of seismometer.

5
0

Randomised keypads

That's a lovely idea for me. I'm dyslexic and only remember numbers by patterns.

Changing the layout would effectively lock me out completely.

I have enough problems when I have to use a number I have worked out on a PC keypad on a phone as it is :(

9
5
Bronze badge

Re: Randomised keypads

This is a brilliant idea! Randomize the keyboard and use a position-sensitive authentication instead!

Using position-sensitive authentication with a randomized keyboard, the ascii values will be different for every keyboard you use, thus feeding random values to keyloggers (and-over the sholder snoopers).

I don't know why we didn';t think of this before.

0
0
Silver badge
FAIL

Re: Randomised keypads

Sooo what your saying is as my kid is also severely dyslexic, I better stop reading and writing, it might be considered unfair on him.

Also remember if you see somebody in a wheelchair lie down and shuffle about to get where your going..........

It would only be unfair on you if it was the only option available and was forced you to use it.

4
3
Silver badge

Re: Randomised keypads

@Chloe Cresswell

How would you fair if the numbers were to be replaced with icons? Instead of 1,2,3,4, your 'password' could be 'smiley', 'rabbit', 'hat', 'football'. Or maybe 'up-arrow', 'asterisk', 'backslash', 'plus-sign'?

2
0
Silver badge

Changing the layout would effectively lock me out completely.
Blind people too so probably illegal. Dunno about immoral and fattening...

6
3
Silver badge
Coat

I thought blind people would be using voice control these days anyway? Is the problem of detecting blind people using smartphone screens a bit like this:-

https://www.youtube.com/watch?v=L7L3iSZsNpY

0
0
Silver badge

It would be interesting...

... to know why I'm downvoted for advocating web accessibility. Australia at least has the Disability Discrimination Act 1992 and the UN Convention on the Rights of Persons with Disabilities states that, “… information intended for the general public to persons with disabilities in accessible formats and technologies appropriate to different kinds of disabilities in a timely manner and without additional cost”.

The convention also urges, “…private entities that provide services to the general public, including through the internet, to provide information and services in accessible and usable formats for persons with disabilities.”

Quite why some web designers have a hate-on for the less abled escapes me.

11
1

Re: It would be interesting...

I'm not sure the quoted text is the best way of expressing the point. To me, those bits are open to quite a lot of interpretation.

I'm all for equal access, but if it's a choice between, for example, a static on-screen keyboard providing less secure access for all, or a randomized on-screen keyboard that adds additional security for 99% of customers but requires the setup/running of a telephone service (thereby meeting those Act quotes) then I'm not sure which side I'd fall.

2
0
Silver badge

Re: It would be interesting...

I imagine the number of people affected by this vuln is going to be quite small. In return the "cure" would affect 100% of the visually impaired. In fact the cure is actively deceptive, so adding insult to injury as it were. I seem to remember ever so may of us commentards being angry that MS decided the red button with an X on it was equivalent to the OK button.

6
0
Silver badge
Mushroom

Re: It would be interesting...

"Quite why some web designers have a hate-on for the less abled escapes me."

Quite why some web designers have a hate-on for everyone who has who has the misfortune to have to use their fugly clunky state-of-the art adslinging crap infested cutting edge pos websites ....

There - FIFY.

7
0

Re: It would be interesting...

I'm all for equal access, but if it's a choice between, for example, a static on-screen keyboard providing less secure access for all, or a randomized on-screen keyboard that adds additional security for 99% of customers but requires the setup/running of a telephone service (thereby meeting those Act quotes) then I'm not sure which side I'd fall.

I'm not for equal access, at all. In fact, fuck equal access. I want it how I want it. Of course, the same goes for everyone else, as each of us has our own preferences, tastes, and values. This is why it's not really about equal access, but consumer choice. If enough people want voice control, then someone will figure out a way to meet that demand. If enough people only want the interface to consist of wrinkly butt cheeks, someone will figure out how to make that work. It's the producer incentives and consumer demands that are important, not equality.

P.S. Please, for the love of all things holy, do NOT produce a phone interface consisting of wrinkly butt cheeks.

0
1
WTF?

Re: It would be interesting...

It's also impressive that every time I post something that others find objectionable, I find my global downvote total rising. Glad to see that most of us aren't such massive, immature douchebags. I really don't care about downvotes, but who really gets their kicks from downvoting posts from months ago? Pfft.

0
1
Silver badge
WTF?

In the average Starbucks

where all the hipsters are typing away on their precious iDevices, I would guess that the sheer number of key presses would make any analysis of want any one of them is doing almost impossible.

(not that they would ever be doing anything important)

Who'd a thought that Apple users would get safety in numbers. Clearly the WTF moment for this Monday morning.

2
0
Silver badge

Re: In the average Starbucks

where all the hipsters are typing away on their precious iDevices, I would guess
you only need to decipher one and you've got the lot. They wouldn't dare deviate from what everyone else is doing...

5
1
Anonymous Coward

Beware also....

Silent drones with long range camera lenses pointing at your screen

Hypnotism to extract your password

Sensors impanted in your arms capturing tendon movements to map out your finger placements remotely

Hijacking your visual cortex with an implant to convert optical signals into radio waves

Above are about the same level of real world risk.

I'd be more worried about the ease with which malware makes it onto your phone and the amount of telemetry Android and IOS shares with their creators and the spooks.

10
0

Re: Beware also....

And where do you stand on worms which can exploit holes in home wifi routers to keylog a whole house and send the results back to their CnC server?

In fact, where do you stand on extrapolation in general?

0
2

Re: Beware also....

Haha - awesome. Two thumbs down from people who find it hard to connect "This exploit has just been discovered" with "Oh shit, a hacking group has commoditised the exploit, unleashed it on every IoT device and are hiring it out to any kiddie scripter that can pay"

...which are two of the most often written articles on the Register...

0
0

It'll confuse the hell out of them when I'm playing my Theremin.

9
0

I think you would have to start with the phone perfectly aligned and clamped in a jig.

0
0
Silver badge
Pint

"...phone perfectly aligned and clamped in a jig..."

You're describing how they test a phone's SAR "...for RF safety...". If the phone under test moves even a mm, the repirted results can change dramatically. So they carefully align the phone under test in a precisely aligned jig. Thus indicating that the entire SAR test concept is randomized rubbish. But those involved are too thick to realize.

They also reportedly achieve far sub-wavelength hotspots (in the test head), a result worthy of a Nobel Prize. Semiconductor manufacturers would love such focusing technology.

0
0
Silver badge
Pint

"small phase differences"

"...MIMO uses the small phase differences between antennas to reinforce signals..."

I'm not sure that I agree with your use of the word 'small'.

0
0
Anonymous Coward

TEMPEST ?

Anyone remember that ?

3
0
Silver badge

Out of interest

Do you still get phones using their headsets as an extra antenna to improve reception? I confess I stopped paying attention long ago.

If so, surely that would confuse this?

0
0
Silver badge

Re: Out of interest

Usually that's for the radio. That's why devices that support FM Radio don't work without a headphone plugged in, even if you're sending the sound via Bluetooth.

0
0
Silver badge
Coat

Obligatory

Obligatory XKCD

1
0
Silver badge

Re: Obligatory

But what if the objective is to get the password without the user knowing you're doing it, since that alone can trip alarms you don't want tripped?

1
0

Windtalker?

Windtalkers was the name give to the US Army's Native Americans who were used as radio operators in WWII. Their Navaho (I think that was the main language used) was totally impenetrable to anyone (ie Japanese and German) who might be listening in.

1
0
Boffin

Continuum

has no one seen the (granted) fictional TV serious Continuum? in at least one episode they used mapping of radio waves (cellular IIRC) to be able to look inside a building and even to go back and see what had happened previously... this idea came from somewhere... like the Dick Tracey comics with their communication watches (hello apple watch)...

the show came out in 2012 and stars the (beautiful) Rachel Nichols as an enforcement officer in 2077 that gets thrown back in time when some criminals escape using an experimental device...

http://www.imdb.com/title/tt1954347/

0
0
Anonymous Coward

"given enough training samples" = we need the user and his phone to sit in the exact configuration we want to snoop out for half an hour and continously repeat the key press patterns we are feeding him

yea absolute BS

0
0

The IP Bill

Not only in Public WiFi but since The Investigatory Powers Bill has been passed by both Houses of Parliament. Once it receives Royal Assent it will become law, we really need to worry about privacy. I think its time to get encrypted with a VPN, may be PureVPN or Ivacy will be the best

0
0

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Forums

Biting the hand that feeds IT © 1998–2017