Sunday, November 13, 2016

Cellphone hack: wifi can read your keystrokes.

This is getting very interesting. In a new paper, some guy has used wifi signals like radar to track finger movements on a cellphone screen.

Because the user's finger moves across the smartphone when he types text, his hand alters CSI properties for the phone's outgoing WiFi signals, which the attacker can collect and log on the rogue access point... By performing basic signal analysis and signal processing, an attacker can separate desired portions of the CSI signal and guess with an average accuracy of 68.3% the characters a user has typed... but it can be improved the more the user types and the more data the attacker collects.

Research paper here.

That's getting pretty good as imaging goes. You can use that level of resolution for a really cheap radar set. Spot squirrels in the back yard, maybe?

The Phantom

p.s. Your phone is insecure as shit. Don't do -anything- involving money, banking or cheating on your girlfriend with a phone in the same room. Stick the damn thing in a steel box.

Update! Reader Secret Sam writes:

" ...this is a hidden secret, you can do this (if close enough to a person) on any electrical device by intercepting the IF frequency most common channels depending what band the phone runs on."

From the Wiki link: 

In communications and electronic engineering, an intermediate frequency (IF) is a frequency to which a carrier wave is shifted as an intermediate step in transmission or reception.[1] The intermediate frequency is created by mixing the carrier signal with a local oscillator signal in a process called heterodyning, resulting in a signal at the difference or beat frequency. Intermediate frequencies are used in superheterodyne radio receivers, in which an incoming signal is shifted to an IF for amplification before final detection is done.
Conversion to an intermediate frequency is useful for several reasons. When several stages of filters are used, they can all be set to a fixed frequency, which makes them easier to build and to tune. Lower frequency transistors generally have higher gains so fewer stages are required. It's easier to make sharply selective filters at lower fixed frequencies.
That password on your phone is mostly cosmetic, my friends.

No comments: