[HN Gopher] WiFi Routers Used to Produce 3D Images of Humans ___________________________________________________________________ WiFi Routers Used to Produce 3D Images of Humans Author : bubblehack3r Score : 199 points Date : 2023-01-22 18:44 UTC (4 hours ago) (HTM) web link (vpnoverview.com) (TXT) w3m dump (vpnoverview.com) | HeckFeck wrote: | It wouldn't surprise me if the three letter agencies were already | utilising this. | t433 wrote: | They are tapped into millions of routers worldwide. | ben_w wrote: | I doubt it. If they want to see you though a wall, they will | use an overpriced custom radar solution, not consumer | electronics with COTS software. | bubblehack3r wrote: | Link directly to the research paper: https://vpnoverview.com/wp- | content/uploads/2301.00250.pdf | [deleted] | [deleted] | tecleandor wrote: | Seems like they've remove the PDF from the article. | | You can get the original PDF from Arxiv : | https://arxiv.org/abs/2301.00250 | olivierlacan wrote: | You may be working with people who, at the beginning of their | careers, worked on exciting and challenging projects as junior | engineers for U.S. defense contractors to either detect the | precise location of specific Wi-Fi clients. | | Ask them when they realized that their work was extensible to any | radio frequency client (cell, Bluetooth) and used for targetting | missile strikes. I can guarantee you know at least a few people | in the industry who did. | | Just because we can doesn't mean we should. This story reeks of | DoD funded research which somehow gets whitewashed as "cool new | tech thing!" on tech blogs when it should really be sending | chills down your collective spines. | | This capability may be fringe and nation-state controlled for a | few years, then it will inevitably fall into the hands of large | and well-funded criminal organizations, abusive spouses, and of | course overfunded trigger happy SWAT teams -- who will still | manage to get their court order addresses wrong and kill innocent | people and pets over a no-knock warrant. | | All this triggers in me is the irrespressible urge to get | technologists to finally get it through their thick skulls that | what we do _does_ kill people exactly like doctors. We 've just | refuse to take responsibility for it when any other industry | would have seriously discussed ethics board and licensure at this | point. No matter how complicated such an effort would be. | [deleted] | golergka wrote: | > their work was extensible to any radio frequency client | (cell, Bluetooth) and used for targetting missile strikes | | Good. I didn't work on such tech, but I would be excited and | proud to, if I was working for a country like US, which I | believe in. | nigerian1981 wrote: | Proud of the tens of thousands of Iraqi civilians killed by | the US? | serverholic wrote: | I've noticed a distinct lack of caring regarding social | responsibility in the tech industry even though we are some of | the most privileged workers in the entire labor force. | nobody9999 wrote: | >I've noticed a distinct lack of caring regarding social | responsibility in the tech industry even though we are some | of the most privileged workers in the entire labor force. | | I'd posit that "lack of caring" in the tech industry is, at | least in part, _because_ (not "even though") "we are some of | the most privileged workers in the entire labor force." | | It's hubris, greed and a lack of empathy society at large and | for other humans. | | There definitely _are_ folks who do care. But when such folks | speak out, they are usually ignored or derided for "tilting | at windmills" because "privacy no longer exists" and "there's | money to be made" and other weak-sauce rationalizations. | | And the hoi polloi mostly don't understand the issues, and | just like having "free" services, not realizing they're | putting their data, privacy and online (and increasingly | offline, with cameras everywhere, spying "IOT" devices, brisk | business for data brokers, etc.) personages in the hands of | (at least based on their behavior) sociopathic tech bros | whose only interest is in maximizing revenue -- and today | that's accomplished through "targeted advertising." | | Which doesn't really work, but advertisers (and political | operatives, some law "enforcement" agencies, stalkers and | other scum) are willing to pay top dollar for such data. | | Until the incentives are the right way round, that's not | going to change. | | I'd love to paint a picture of benevolent tech | workers/managers/founders who have society's and the | individual's best interests at heart. | | But (with apologies to Quentin Tarantino), that shit ain't | the truth. The truth is the hoi polloi are the weak. And | we're the tyranny of evil men. | steele wrote: | Yet another reason to avoid Xfinity hardware. | deno wrote: | The photo in article is some random stock image and has nothing | to do with the research paper[1]. | | [1] https://vpnoverview.com/wp-content/uploads/2301.00250.pdf | lynndotpy wrote: | Oh wow. Notably, Figures 7 and 8 (on pages 7 and 10, | respectively) are _better_ resolved than the stock photo. | | Figure 8 shows a variety of "failure cases," but even these | failure cases are surprisingly accurate estimations! | ghostpepper wrote: | Is that link broken for anyone else? Redirects back to the top | level page for me | thedrexster wrote: | Try https://arxiv.org/pdf/2301.00250.pdf -- looks like they | removed the original PDF from the linked article. | [deleted] | [deleted] | jeffbee wrote: | "Meat interferes with photons" must be among the least-surprising | research outcomes of all time. | anigbrowl wrote: | _This proof-of-concept would be a breakthrough for healthcare, | security, gaming (VR), and a host of other industries._ | | /facepalm | | They do acknowledge the privacy concerns but go to make (imho) | pie-in-the-sky arguments like 'this will enhance privacy because | security cameras won't be as necessary in public spaces. | Journalism doesn't pay much, so maybe this is some naively | idealistic person's first writing job. I once believed that | adding public comments on news websites would elevate the | standard of public discourse and I mentally kick myself on the | regular for the time I spent promoting this idea back in the | 1990s. | | The researchers offering the same ideas in the paper don't have | such an excuse; they're creating an entire new class of | surveillance technology and pretending that this will somehow | enhance privacy, which flies in the face of all experience and | research on the topic. The technicals result are outstanding and | I'm very impressed by them, as well as the exposition and | direction of research. The potential applications are numerous | and exciting to my inner geek. | | But I'm also worried. The existing limitations will fall sooner | than expected, and it will be productized while the ethicists are | still drafting their arguments (at which point they'll shift to | asking for donations to counter the latest threat). Semi- | seriously considering repainting the inside of my house to make a | faraday cage by mixing copper paint in the underlayer. | [deleted] | transpute wrote: | _> Semi-seriously considering repainting the inside of my house | to make a faraday cage by mixing copper paint in the | underlayer._ | | EMF reduction case study with conductive paint, | https://www.zokazola.com/emf_reduction.html | azinman2 wrote: | The thing is, almost all technology is a double edged sword. | That doesn't do much to alleviate the responsibility of those | who do it to understand the ethics of the world, but usually | that's beyond our ability. I'm sure few working on consumer | drones in the beginning anticipated their use on the battle | field. | | The internet itself is a great example of how much benefit can | come from access to knowledge, as well as the ability to how | limitless (mis)knowledge can be simultaneously used to destroy | societies. | | Ultimately bad actors will do bad things regardless with | whatever they have access to. Of course new bad things can come | along, but what metric should we use to decide whether an idea | is worth perusing? Who should make the cost benefit analysis, | when the reality 20 years down the road is often unknowable | (bad and good)? | phpisthebest wrote: | >>Semi-seriously considering repainting | | So they have Blackboard paint, how long before PPG or Sherwin | Williams creates Faraday Paint... | yazzku wrote: | > In addition, they protect individuals' privacy and the required | equipment can be bought at a reasonable price. | | To argue that this protects people's privacy (versus cameras in | public spaces) is certainly a very odd take. | | I'd be more curious to know what are legitimate use cases of this | and who funded the research. | LarryMullins wrote: | It's kind of like the way they renamed the Department of War to | the Department of Defense. | thewebcount wrote: | [flagged] | Ultimatt wrote: | "WiFi Routers Estimates 3D Pose of Humans in Modelled | Reconstruction" as an actual non bullshit title. The paper being | a more concise "DensePose from WiFi". | version_five wrote: | A variation of this was used in "The Dark Night", and you'll | recall that Morgan Freeman quit over the ethical implications. | transpute wrote: | _> This proof-of-concept would be a breakthrough for healthcare, | security, gaming (VR), and a host of other industries._ | | Similar capability is scheduled for new consumer routers in 2024 | via Wi-Fi 7 Sensing / IEEE 802.11bf. Hundreds of previous papers | include terms like these: human-to-human | interaction recognition device-free human activity | recognition occupant activity recognition in smart offices | emotion sensing via wireless channel data CSI learning for | gait biometric sensing sleep monitoring from afar | human breath status via commodity wifi device-free crowd | sensing | | Earlier discussion: https://news.ycombinator.com/item?id=34423395 | | Sample code exists for ESP32 WROOM, https://wrlab.github.io/Wi- | ESP/ and Intel 5300, | https://dhalperi.github.io/linux-80211n-csitool/ | arkadiyt wrote: | > Earlier discussion: | https://news.ycombinator.com/item?id=34423395 | | The top comment [0] on this has: | | > Counter-measures: | https://news.ycombinator.com/item?id=27121918#27133079 | | but I don't understand the setup here. If you have the | capability to run custom firmware on your router then don't you | not need this countermeasure, since you can be confident your | router isn't doing this wireframing anyway? Or is it saying | that a passive bystander who is not connected to your network | can infer the wireframes as well? That seems unlikely to me? | | [0]: https://news.ycombinator.com/item?id=34424242 | transpute wrote: | _> passive bystander who is not connected to your network can | infer the wireframes as well?_ | | A bystander can use their own router (2.4Ghz passes through | most walls) to make inferences about human activity inside | your building. | arkadiyt wrote: | Then the countermeasure does nothing since you can't run | your firmware on their router? | avree wrote: | Correct, this 'countermeasure' is for a fantasy world in | which it's easier to compromise your router than set up a | couple clients and a router nearby. | | Also, realistically, wi-fi isn't the boogeyman here, even | though the person you're replying to has been doom- | posting about it for years - UWB and various other tech | is going to make detecting location and movement from RF | frequency fairly trivial. | transpute wrote: | _> compromise your router_ | | No compromise needed. This was one research project | looking at the current world where your existing router | is happily beaming location information out of your home, | which can be read by an attacker with a passive receiver. | If an attacker is forced to use their own transmitter, | that can potentially be detected. | | _> wi-fi isn 't the bogeyman here_ | | Wi-Fi is the lowest cost modern application of ancient | doppler imaging radar that has been around for decades. | There is code for ESP32 devices, | https://wrlab.github.io/Wi-ESP/. Many years ago, through- | the-wall surveillance was primarily used by military and | law enforcement with devices costing thousands of | dollars. How many people are aware that the capability is | now available for $20? | transpute wrote: | This was just one tiny EU research project with limited | funding, which was focused only on passive attacks, e.g. | a receiver with custom firmware can make inferences from | _existing_ Wi-Fi routers. Their research was looking for | a way to modify the default behavior of Wi-Fi | transmitters to reduce leakage of location information. | If this was the default behavior (e.g. via some | combination of IEEE standard and regulation), then active | attackers could be easily identified. | | https://ans.unibs.it/projects/csi-murder/ | | _> this paper addressed passive attacks, where the | attacker controls only a receiver, but exploits the | normal Wi-Fi traffic. In this case, the only useful | traffic for the attacker comes from transmitters that are | perfectly fixed and whose position is well known and | stable, so that the NN can be trained in advance, thus | the obfuscator needs to be installed only in APs or | similar 'infrastructure' devices. Active attacks, where | the attacker controls both the transmitter and the | receiver are another very interesting research area, | where, however, privacy protection cannot be based on | randomization at the transmitter._ | | More research and funding is needed. | rhn_mk1 wrote: | It seems that it's for installing on a station device I | guess? | [deleted] | [deleted] | giantg2 wrote: | Sounds like phrases out of _1984_. | walrus01 wrote: | > Similar capability is scheduled for new consumer routers in | 2024 via Wi-Fi 7 Sensing / IEEE 802.11bf. | | Reminds me somewhat of a joke I recently saw posted somewhere | in social media by a greybeard Unix sysadmin. In a discussion | related new consumer grade IOT technology. | | "The newest piece of technology I have in my house is an HP | Laserjet 4, and I keep a revolver ready to shoot it if it ever | makes an unexpected noise" | | On a more serious note, however, I see a real serious problem | with having consumer/residential wifi routers that can attempt | to track people or movement around a house _and_ have the | default-on, built in capability to make themselves centrally | manageable by some form of persistent internet-based | connection-over-TLS link to their manufacturer. Same general | ideas as Meraki or other. | | Who wants to bet that the manufacturers of these things leave | this capability turned on by default AND submitting data | through its "cloud management" feature persistently for as long | as the device is powered on and has a viable default | route/gateway to the internet? | | Who wants to bet that in 5-7 years we're seeing problems with | these things submitting data sets of peoples' movement around a | house into some database run by a vendor that then suffers a | major data breach? | neilv wrote: | That joke is one of the all-time top /r/ProgrammerHumor | posts: | | https://old.reddit.com/r/ProgrammerHumor/comments/aloi5v/pro. | .. | avree wrote: | Even pre-WiFi 7, there are companies such as Cognitive who | allow you to detect motion (as well as occupant activity, | etc.). I implemented such a system at my previous company which | sold Wi-Fi. | transpute wrote: | Yes, some vendors have shipped their own implementations. | There's also custom firmware for some radios. But | standardization will bring scale and ubiquity to non- | technical users. Are millions of city occupants ready for | transparent walls, floors and ceilings? Are businesses ready | for remote keystroke detection? | Gigachad wrote: | I guess the future is RF blocking walls. Might even be a | good thing since It'll allow for less congested airwaves | for yourself. | transpute wrote: | Maybe something like this foil-backed gypsum board, | https://www.goldbondbuilding.com/products/drywall- | panels/foi... | | RF/sound blocking drywall for SCIFs costs a small | fortune, | https://www.quietrock.com/products/quietrock-530rf | azinman2 wrote: | I suggest the opposite - it will enable many exciting | smart home possibilities which in some could seriously | reduce HVAC energy needs beyond what's possible today. | walrus01 wrote: | > there are companies such as Cognitive | | It's my understanding that there have been companies trying | to sell solutions like this for people-tracking indoors for | supermarkets/grocery stores, shopping malls, large department | stores for at least 7-8 years now. | | (edit: Stuff like RF beacons built into shopping cart | handles, right? Since the shopping carts are centrally | owned/managed/controlled and with unique serial numbers, and | _mostly_ don 't get stolen or leave the property.) | avree wrote: | Your understanding is correct, but most of those were based | on iBeacons/NFC/other tech and not Wi-Fi. | nly wrote: | Can we use this sort of processing power and analysis to figure | out how to get better signal coverage in a property instead? | bastardoperator wrote: | Are you interested in joining our human mesh network? For the | price of 420.69 we offer a wearable necklace with a raspberry | pi attached to it and a green solar panel t-shirt to ensure | power/uptime. Become the internet now! Restriction may apply, | sorry not available in Hawaii or Alaska. | smeej wrote: | DDGing "Faraday wallpaper"... | captainkrtek wrote: | Pretty cool. Semi-related but reminds me of this research from | MIT on seeing around corners: | | https://youtu.be/JWDocXPy-iQ | themaninthedark wrote: | We have radar capable satellites we use to bounce a signal off | the ground, through a hanger door and then reconstruct the | image to discern what is hidden there. | | https://www.youtube.com/watch?v=ztR9mdJ1YWU | | https://www.youtube.com/watch?v=u2bUKEi9It4 | | https://www.youtube.com/watch?v=dOoCltqtJR8 | 404mm wrote: | Yes! And seeing through a keyhole! https://youtu.be/Veo27qhrI20 | birdyrooster wrote: | I spend so much time thinking about this as an entrepreneur and | whenever I talk use cases people seem to not care. | giantg2 wrote: | They can also do this without the laser by detecting shadows | from existing light sources that aren't visible to the naked | eye. | varenc wrote: | Wow that video was short, informative, and very cool in a retro | sort of way. Thanks. | mr-pink wrote: | i'd like to understand wtf my upstairs neighbor is doing. can | this help me? | fy20 wrote: | I read "used to" in the title in the past tense form. For a | moment I was wondering why they no longer produce 3D images. | vlovich123 wrote: | https://m.youtube.com/watch?v=mHLAe3RyMDk | mabbo wrote: | I came here to bring the exact same joke. Rest in peace, | Mitch. | brycedriesenga wrote: | The code was lost eons ago, sadly :'( | can16358p wrote: | The more unexpected discoveries we find, the more I think how | many more capabilities of everyday devices are "hiding" in | plainsight that would surprise us. | fnordpiglet wrote: | This is why I put tape over my Wi-Fi router | WithinReason wrote: | I guess wearing a tin foil hat might be useful too | ThePowerOfFuet wrote: | > * * * | | Why do you post this? It doesn't add to anything. | slimsag wrote: | Really putting the router in an aluminum enclosure/Faraday | cage if you can is the only way to prevent this. Then just | use the lan ports on the device, but also make sure the LAN | cables are shielded because it could be using them as | antennas given how compromised wifi router firmwares usually | are. | LarryMullins wrote: | You have to shield your home from your neighbor's emitters | too. And from the police radar surveillance van sitting in | the street in front of your house. | rl3 wrote: | > _... And from the police radar surveillance van sitting | in the street in front of your house._ | | Nothing a kind note and an order of small-batch artisan | donuts can't solve. | PaulWaldman wrote: | >Then just use the lan ports on the device, but also make | sure the LAN cables are shielded because it could be using | them as antennas given how compromised wifi router | firmwares usually are. | | Those shielded Ethernet cables better be properly grounded. | eric__cartman wrote: | I prefer to wear a tin foil suit thank you. | konfusinomicon wrote: | only electrical tape will work though. it's the only one that | actually blocks electrons | zxcvbn4038 wrote: | I would really like to see a practical open source implementation | of this so people can start looking for ways to defeat it. | Otherwise you know the police are going to abuse this. | LarryMullins wrote: | Short of lining your walls with foil, how could you defeat it | _legally_? Jamming isn 't legal. | | We need new legislation to ban this, without a law enforcement | exemption. I don't have high hopes. | Gigachad wrote: | Lining the exterior walls doesn't sound all that hard for a | new build. Just lay the RF blocking sheet down before the | drywall. People love those RF blocking wallets that have | dubious value, a "privacy wall" upgrade from builders would | probably sell well. | kccqzy wrote: | They can sell it as improving Wi-Fi in your own home too, | even if you trust neighbors not to pull some shenanigans, | since your Wi-Fi network won't be subject to interference | from neighboring networks. | giantg2 wrote: | I would take a wild guess that it wouldn't be jamming, but | some sort of network configuration. Maybe something like | extra access points with specific geometry, higher power | exterior APs than interior APs, or random beam forming or | reflections. | | Jamming could still be an option. Most devices are required | to accept any interference from other lawful devices. So in | theory, you could find legal ways of jamming. | | https://www.zdnet.com/article/how-to-jam-your-neighbors- | wi-f... | iam-TJ wrote: | "Jamming" is legal in as much as any device that operates in | the ISM[0] bands must accept interference - so in the 2.4GHz | example, microwave ovens, baby monitors, TV relays, remote | door monitors, wireless alarm systems etc., all operate in | the same band and will interfere with WiFi that is close by | (since they use a different modulation). | | [0] https://en.wikipedia.org/wiki/ISM_radio_band | kccqzy wrote: | And in college I remember a professor or a TA demonstrated | jamming by operating a modified microwave oven while | running iperf or something similar on a nearby Wi-Fi | network. | azinman2 wrote: | It's not some "radio gun" you can just point at a house - you | need a very calibrated setup purpose built for each space. This | would be very obvious and would require access to inside to do | the calibrations. | | There are far more obvious ways to know if someone is home, | from thermal sensors, looking in windows and knocking on doors, | or park outside and just watch. | | Further if the police want to know if you're home, it'd already | game over. ___________________________________________________________________ (page generated 2023-01-22 23:00 UTC)