The technology to convert wifi signals into the placement and identity of people is getting much better. Not by using their devices, just the waves bouncing of their bodies. (There’s nothing new to the pipeline as far as I can tell, we’re just starting to get into the accuracy ranges that make it easy/useful.)
there’s gotta be some way to jam the frequencies or introduce some kind of interference with other waves… right?
I mean it sounds pretty rough… and it would seem to me the real problem is they are making it sound like the problem is the existing routers. Correct me if I’m wrong, but isn’t it basically saying… someone could drop in a battery powered wifi router in your front yard and spy through your walls?
To an extent. it’s better to have it inside with you and lots of other devices around to get a good picture from the BFI.
AS bad as it sounds, you’r probably sitting next to, or carrying with you a cellphone with a unique IMEI that ties you to credit cards and social security numbers, it has an exact GPS lock available to police for the asking, and even if you turn that off, a yagi or any antenna locator could id you far better than the BFI.
They could do the same thing with a speaker playing a sound. It’s basically sonar, but the waves being measured are RF and not sound. But it being outside your home wouldn’t work that well; wifi does not penetrate wood or plaster walls very well, and won’t get through brick or metal at all. They can shape it, to go around things, but unless it’s extremely high powered, it won’t go through anything solid.
Similarly for a whole bunch of attack vectors. Reconstructing keystrokes from keyboard sounds has been demonstrated. But you need a quiet background and a close microphone. At which point you probably could have just plugged in an inconspicuous keylogger and be done with it.
You can use aluminium foil and shape it into a nice hat
Signal jamming is, broadly speaking, very illegal and also very traceable by nature.
It’s a (corrupted) router level attack, so the sensible counter is OpenWRT or rolling your own router. I doubt many cheap routers have the grunt to run this anyway.
The attacker has to be broadcasting to make the attack work. Running OpenWRT and keeping it up to date probably protects you from someone using your own router against you better than stock firmware.
But another expected scenario is an attacker with a nondescript car and a wifi router inside who can sweep the neighborhood searching thru walls for Person X.
Hmmf, nasty, but labor intensive. Is it working on backscatter ? because your devices shouldn’t be responding much (beyond ping / authentication query level).
Also, at that point they can just use whatever fits in a van, radar, IR scanners, who knows what, fucking X-rays maybe, don’t know that they’d bother with this.
Avoiding it being deployed at scale to everybody’s router might be more important.
Oh, for most usecases I can think of, there are easier ways. For example, by attacking the cellphone the person is carrying. Or watching for their gait on network cams instead of via wifi.
No phone? Hiding inside? It’s a terrrist, prol;ly