This was just one tiny EU research project with limited funding, which was focused only on passive attacks, e.g. a receiver with custom firmware can make inferences from existing Wi-Fi routers. Their research was looking for a way to modify the default behavior of Wi-Fi transmitters to reduce leakage of location information. If this was the default behavior (e.g. via some combination of IEEE standard and regulation), then active attackers could be easily identified.
> this paper addressed passive attacks, where the attacker controls only a receiver, but exploits the normal Wi-Fi traffic. In this case, the only useful traffic for the attacker comes from transmitters that are perfectly fixed and whose position is well known and stable, so that the NN can be trained in advance, thus the obfuscator needs to be installed only in APs or similar ‘infrastructure’ devices. Active attacks, where the attacker controls both the transmitter and the receiver are another very interesting research area, where, however, privacy protection cannot be based on randomization at the transmitter.
Correct, this 'countermeasure' is for a fantasy world in which it's easier to compromise your router than set up a couple clients and a router nearby.
Also, realistically, wi-fi isn't the boogeyman here, even though the person you're replying to has been doom-posting about it for years - UWB and various other tech is going to make detecting location and movement from RF frequency fairly trivial.
No compromise needed. This was one research project looking at the current world where your existing router is happily beaming location information out of your home, which can be read by an attacker with a passive receiver. If an attacker is forced to use their own transmitter, that can potentially be detected.
> wi-fi isn't the bogeyman here
Wi-Fi is the lowest cost modern application of ancient doppler imaging radar that has been around for decades. There is code for ESP32 devices, https://wrlab.github.io/Wi-ESP/. Many years ago, through-the-wall surveillance was primarily used by military and law enforcement with devices costing thousands of dollars. How many people are aware that the capability is now available for $20?
I'm not sure that's accurate. The article suggests they used three routers, and mention 'interference'. I think you'd perhaps need to be more than a 'bystander' to be able to set up a triangle of WiFi routers around someone's home.
Not impossible, of course, but by that point, no longer really a 'bystander'.
> wireless sensing systems .. mostly rely on models that were pre-trained on a fixed set of known activities, thus they can only classify a limited number of human poses or movements .. our system uses signal processing techniques to separate the Wi-Fi signals reflected from each moving limb and track the trajectory of each limb .. Winect could track free-form human activities with centimeter-level accuracy in a variety of challenging environments and scenarios.
> WDHS systems involve three primary sensing task types. The first type, behavior recognition .. second type is movement tracking .. The third type, user identification, leverages the unique features in behaviors to identify who performs the movements .. we believe that more context-aware multi-modal systems will be proposed to handle the complex sensing tasks in real life.
Good shout. I checked the actual paper (here: https://arxiv.org/pdf/2301.00250.pdf, link in the article is broken), and seems you would need multiple routers:
> [...] three WiFi transmitters and three aligned receivers [...]. It should be noted that many WiFi routers, such as TP-Link AC1750, come with 3 antennas, so our method only requires 2 of these routers.
So basically, one on each side of the subject, one to transmit the signal, the other to receive, and then you can work out the interference pattern. It may be possible to do the same with the transmitters and receivers on the same physical device by measuring the reflected signal, but that doesn't seem to be what they were testing.
It seems that the person needs to be between the transmitter and receiver, so I'm not even sure if triangulation would work, although figure 2 implies that you need the 'line of sight' between the routers to be blocked (three 'transmitter' routers and three 'receiver' routers).
> (three 'transmitter' routers and three 'receiver' routers).
Three Tx antennas and three Rx antennas.
You need 3 of them to make a 3d point, otherwise you would have 2d/1d only. Even 1cm difference between antennas placement is more than enough.
> It seems that the person needs to be between the transmitter and receiver
You receive the direct signal earlier than the reflected one. If you find a way to capture both/only reflections then you can do it without LoS and consequently from only one device (though you would still need at least 3 Tx/Rx pairs.)
Yes, this can be done with a custom client monitoring existing routers today.
A bystander can also use their own router (2.4Ghz passes through most walls) to make inferences about human activity inside your building.