A research team from the University of Waterloo has created a drone device that can see through walls using Wi-Fi networks. The device, called Wi-Peep, can fly close to a building and then use occupants’ Wi-Fi networks to quickly detect and locate Wi-Fi-enabled devices inside.
Wi-Peep exploits a loophole that researchers call polite WiFi. Even if the network is password protected, smart devices will automatically respond to attempts to communicate with any device within range. Wi-Peep sends multiple messages to the device during flight and then measures the response time for each, ensuring the device is within one meter.
A professor of computer science at Waterloo, Dr. Ali Abedi explains the significance of this discovery.
“Wi-Peep devices are like light in the visible spectrum, and walls are like glass,” Abedi said. Said. “Using such technology, security guards can track their movements inside the bank, track the location of their phones or smart watches. Similarly, a thief can locate smart devices in the home, including security cameras, laptops and smart TVs, in order to find a good candidate to break in. “In addition, the device’s drone operation means it can be used quickly and remotely without the user having a chance to be detected.”
While in the past scientists have investigated Wi-Fi vulnerabilities using bulky, expensive devices, Wi-Peep is known for its affordability and portability. Abedi’s team built it using a store-bought drone and hardware that can be easily purchased for $20.
“As soon as the Polite WiFi vulnerability was discovered, we realized that this type of attack was possible,” Abedi said.
The team created Wi-Peep to test their theory and quickly realized that anyone with the right expertise could easily make a similar device.
“At a fundamental level, we need to fix the Polite WiFi vulnerability so our devices don’t respond to strangers,” Abedi said. “We hope our work will help develop next-generation protocols.”
Meanwhile, it’s calling on WiFi chip manufacturers to introduce artificial, random variations in device response times, such as those used by Wi-Peep, that would make calculations wildly inaccurate. Source