WiFi security flaw lets a drone track devices through walls
WiFi's friendliness to other devices might pose a significant threat in the wrong circumstances. University of Waterloo researchers have discovered a security flaw in the networking standard that lets attackers track devices through walls. The technique identifies the location of a device within 3.3ft just by exploiting WiFi devices' automatic contact responses (even on password-protected networks) and measuring the response times. You can identify all the connected hardware in a room, and even track people's movements if they have a phone or smartwatch.
The scientists tested the exploit by modifying an off-the-shelf drone to create a flying scanning device, the Wi-Peep. The robotic aircraft sends several messages to each device as it flies around, establishing the positions of devices in each room. A thief using the drone could find vulnerable areas in a home or office by checking for the absence of security cameras and other signs that a room is monitored or occupied. It could also be used to follow a security guard, or even to help rival hotels spy on each other by gauging the number of rooms in use.
There have been attempts to exploit similar WiFi problems before, but the team says these typically require bulky and costly devices that would give away attempts. Wi-Peep only requires a small drone and about $15 US in equipment that includes two WiFi modules and a voltage regulator. An intruder could quickly scan a building without revealing their presence.
Research lead Dr. Ali Abedi is calling for changes to the WiFi standard to prevent devices from responding to "strangers." That may take years, however, and Abedi suggests that hardware makers address the issue in the meantime by introducing randomized response times. The chances of burglars using drones to map your home devices aren't high at this stage (they'd still need the know-how), but there are things developers can do to thwart these aerial spying efforts.