Hacker News new | past | comments | ask | show | jobs | submit login
Keystroke Recognition Using WiFi Signals (2015) [pdf] (sigmobile.org)
109 points by epaga on Aug 25, 2016 | hide | past | favorite | 25 comments

Some business ideas from the 2.4GHz dystopia:

* Using wifi in a movie theatre to build a Google Analytics equivalent for movie studios. Total heartbeat and respiration data for every individual "user session" across all screenings. Devices like Roku could do this too and sell the data to Netflix.

* Amazon Echo could notice your heartrate is becoming elevated due to the start of flu - Amazon stages your go-to remedies in the nearest DC and pushes appropriate ads on the site.

* In store movement tracking. Why bother with phone beacons and hassle-some devices randomising their MAC addresses when you could just power up a wifi blanket and track bodies with precision.

I guess the lab setting of the above research wouldn't apply to these situations - but I imagine with more research and some specialised equipment a movie theatre could be made conducive to this kind of tracking? Would there be legal implications? Wifi is everywhere already...

> Devices like Roku could do this too and sell the data to Netflix.

Or allow studios to block playback if more than x people are present, unless you fork over for a "broadcast" license...

While this may not happen soonish in the public sphere due to citizens' concerns about privacy, etc. it's not out of the realm of possibility that similar efforts aren't or will not happen in the private sphere (i.e. employment centers, public and private).

And, to keep it out of the public sphere it has to be kept out of the private sphere lest people get used to the ideas and let it leak into the public sphere without protest.

The final item is (almost) already a thing: http://www.cs.iit.edu/~xli/paper/Conf/Frogeye-info14.pdf

Almost like a video camera running face recognition... which almost sound like a lot easier to do.

I agree it's definitely easier to do - and obviously already happening in this context. Also billboards that use Kinect CV to record emotional response. [1]

I was just intrigued by the perceptions around this - people often have an instinctive strongly negative response to the idea of pervasive face recognition but I'm not sure they would feel as unnerved by the presence of a wifi network with this sort of "surveillance" traffic running through it. Maybe they would.

[1] http://theconversation.com/now-advertising-billboards-can-re...

You lack sense of ethics and you are mixing up what is technologically possible to do with something that is ethical to do.

Let me give you an example: technology like glass has made possible to sit behind people homes and look inside. You can even automate it with cameras. This is not done because there is no technology to allow it but because it is felt unethical.

In addition general population ignorance in something does not mean that more qualified people can not propose measures against unethical actions of small group of individuals. These measures can be then formed into another invention called law and applied by another invention called law enforcement.

Dude, "2.4GHz dystopia", he wasn't being serious. Chill out man.

Good for him, if he was not. If true then I have to tune a little my sarcasm'o'meter.

Edit: or notice more carefully important marker. I am sorry about my comment. I was wrong.

How worried should I be about this? The paper doesn't mention any mitigation strategies and kinda makes it sound like anybody with a wifi router ("Free Wifi") could get me.

I would expect this to also work on networks that the attacker does not have access to. He only needs to observe signal changes, not the actual signal, so wifi encryption should not be a factor.

My reading is that the wifi sender needs to be sending at a pretty constant rate, but maybe that's just to make testing easier.

The tests were conducted in controlled environment - real world is another thing entirely. And if you are worried about this, then you should probably shield your computer because normal PCs emit lots of data in form of electromagnetic waves. But unless you are concerned about state-sponsored three-letter agencies spying on you (individually), I don't think there is much reason for concern.

Obligatory XKCD: http://xkcd.com/538/

I agree on this point. A controlled environment is different from real world. It's not the first paper on this types of attacks: I remember one where the microphone of an iPhone was used to register the sound of keypressed on a keyboard [1] and another one where the vibrations on objects were used to infer the oral communication inside a closed room [2].

The main consideration is that it largely depends on who is your attacker. If you think about regular people, you should be fine; state-sponsored attackers know way too many techniques for you to be safe, unless you get very paranoid. Also keep in mind that these attacks (AFAIK) do not scale and are not automated, so a state attacker should be explicitly targeting you.

Finally, you should consider that modern computers and mobile phones have so many security issues that using these advanced physical-world attacks is not necessary.

[1] https://en.wikipedia.org/wiki/Acoustic_cryptanalysis [2] http://news.mit.edu/2014/algorithm-recovers-speech-from-vibr...

You could also live in a Faraday cage, but that is probably impractical.

I didn't read the whole thing, but one thing I noted was that it looks like their results are based on 'user specific training', i.e. with a model specific to one persons hands, typing patterns, etc. Generalising this will then surely be a lot more difficult.

To deploy this in a real world scenario seems implausible to me. You would need specific models for every person, laptop and router combination, as the physiology of the hands, the gestures when typing, and the location and power of the laptop's and router's antennas can all be different.

The only relevant attack could be to train on a specific target (person+laptop+location) for a given amount of time to achieve high accuracy, but to do this you already have to know what the person is typing...

i imagine people tap things like "the" quite regularly. its a simple transposition cypher.

Assuming they are continuously writing English text is quite the assumption.

i guess if we are hacking wifi, we probably know approximately which continent they are in. but even if they are typing say pinyin, theres a spacebar between each word, and three characters per word, seems like an obvious heuristic?

In a controlled environment this would work, just like any number of other theoretical attacks. In the real world you have to consider people walking through the room, user shifting their computer or tilting the screen. You also have to account for other WiFi transmissions from other devices, and probably a number of other things I can't think off right now. Plus, it would require you to make keystroke maps for all kinds of laptops, since it wouldn't work in a universal way. Every laptop would have it's own pattern.

If you have enough control over the environment and enough information about the subject to make this effective, wouldn't it be easier to simply hide a camera in the room? That said, it's a really cool idea!!! I wonder what kind of other data could be pulled from a laptop by looking at it's EM emissions.

Sounds like an updated version of van eck phreaking, however this seems to be much more easily deployed on a wider scale. I think one issue of van eck phreaking was the time it took to accomplish as well as the requirement that you had close proximity to the monitor you wanted to read from.

The motion tracking method appears to be WiFi Channel State Information (CSI) time series analysis using only a built-in WiFi NIC.

I wonder whether you could use the same technique to implement a Leap-Motion style controller without any specialized motion tracking hardware.

They still can't recognize æøå. Muhehehahaha!

Probably because none of those symbols are on a keyboard to type?

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact