Unexpected ways the technology gets intrusive

Written on 10 January 2017, 09:27pm

Tagged with: , , , , ,

Just a quick, did-you-know type of post written because the technology below is way to cool not to share 🙂

1. Did you know that the wi-fi routers can be used to identify faces, recognize keys that you type or read lips?

Researchers from the Northwestern Polytechnical University in China used WiFi signals to identify people. This identification was made based on the shape of people that was read as radio waves bounced back and forth, as well as by the specific way in which people moved. The success ratio was 88.9% to 94.5% in a domestic environment. One potential application is that of having a super custom-made smart home which adjusts lighting, temperature and even music based on the person(s) gait walking through the room. Or you can just use it to spy.
A system developed at the University of Berkeley uses distortions and reflections in Wi-Fi signals made by moving mouths to essentially lip-read. This setup was used to tell which words a single person was speaking with 91 percent accuracy. The accuracy was 74 percent when three people were speaking at the same time.

Recent literature advances Wi-Fi signals to “see” people’s motions and locations. This paper asks the following question: Can Wi-Fi “hear” our talks? We present WiHear, which enables Wi-Fi signals to “hear” our talks without deploying any devices. To achieve this, WiHear needs to detect and analyze fine-grained radio reflections from mouth movements. Since Wi-Fi signals do not require line-of-sight, WiHear can “hear” people talks within the radio range. We implement WiHear on both USRP N210 platform and commercial Wi-Fi infrastructure. Results show that within our pre-defined vocabulary, WiHear can achieve detection accuracy of 91 percent on average for single individual speaking no more than six words and up to 74 percent for no more than three people talking simultaneously. Moreover, the detection accuracy can be further improved by deploying multiple receivers from different angles.

2. Did you know that you it is possible to remotely link a computer with a mobile device without the user knowing?

Even if the Internet user is using Tor, he can still end up by having his anonymous session linked to his mobile device.

The attack that the research team put together relies on tricking a Tor user into accessing a web page that contains ads that emit ultrasounds or accessing a page that contains hidden JavaScript code that forces the browser to emit the ultrasounds via the HTML5 Audio API.
If the Tor user has his phone somewhere nearby and if certain types of apps are on his phone, then his mobile device will ping back one or more advertisers with details about his device, so the advertiser can build an advertising profile on the user, linking his computer with his phone.

It’s true, there are a lot of IFs: if the user is tricked into accessing the web page, if the user has his phone nearby and if certain type of apps are installed on his phone, if the phone is using Android, etc. But in theory it’s possible, and I have mixed feelings about this being exciting or creepy.

How exactly does this work?

The mobile phone must have an app installed that has embedded one of the many advertising SDKs that include support for uXDT.
uXDT – ultrasound cross-device tracking – relies on advertisers hiding ultrasounds in their ads. When some ad code runs on a computer, it emits ultrasounds that get picked up by the microphone of nearby devices. These second-stage devices, who silently listen in the background, will interpret these ultrasounds, which contain hidden instructions, telling them to ping back to the advertiser’s server with details about that device. #

Image source: slideshare

Leave a response