Yet another privacy nightmare begins: Routers sensing our physical motion through our houses

Here it is: https://www.multivu.com/players/English/8441051-linksys-aware-motion-sensing-mesh-wifi/

Oh my.

4 Likes

Indeed. I recently bought a turris router which is based on openwrt.

4 Likes

Good lord! :open_mouth:

I don’t understand the big deal, unless there’s some nightmare potential I’m not seeing. The neighbor across the parking lot can tell when/where I’m moving about my apartment with no technology.

What if I get my hands on exploit for this router, and get a data for a several thousands flats? I’d know the hours when someone is inside and moving. Then I can plan a robbery. And I need not be your neighbor, which makes it less probable that I’d get caught.

Not that I would. I have better means of earning a living.

2 Likes

You can watch the windows and driveway/parking lot and get that information. Granted, not as much nor as quickly, but it makes no difference to the victim.

It makes quite a huge difference. Going outside and looking at windows is more difficult than watching tv, drinking beer and waiting for a script your kid wrote to spew out a list of possible unguarded houses. More people a likely to do the latter. You get exposed an order of magnitued more. Also, cameras won’t catch the would be thief going around a neighbourhood seemingly without purpose. But let’s put aside outright criminals and switch to something as horrible but less obvious:

Suppose I run an insurance company. I’d buy the ‘moving around apartment’ data and derive from it the likelihood that you would get an heart attack or a stroke. And if I deemed the risk too high, your insurance agreement would get more expensive, or cancelled.

And if you would go to the competition, they’d do the exact same thing to you.

4 Likes

I feel like I need to hash out the pros/cons get to the bottom of this potential threat. Yeah, sure, seems potential for something, but devil is in the details. Feel free to chime in.

Btw. this tech was demoed years ago, so wifi-radar is not new.

Pros:

  • From home security perspective it’s like radar, sees through walls, so has good cover.
  • In general, such tech could be better than having cameras: less information is transferred of precise nature. Less invasive.
  • Especially in a chaotic situation and large buildings, this could be used to scan for people to evacuate (caveat: disabled and unconscious, so not perfect)
  • Does need more than one device to work well, so limited useability by design (offers some protection from misuse)
  • If you trust any other “smart” home device and cloud, this seems to be on par security wise.

Cons:

  • Cannot be limited to one apartment: sees neighbors movement as well - cover may be too good. How about a virtual recreation of you having sex - acted out by 3D stick figures that have your face (or worse).
  • It’s unclear to me (or maybe I didn’t dig deep enough) how accurate the 3D mapping of A) house and B) people/moving objects is. Is it somehow only a location and not all the movements (afaik, humans are big enough to be recognizable shapes)? Some activities people do not want to show. It’s also potentially a biometric marker that’s recorded (gait for instance).
  • From movements a lot can be inferred (which is not accurate and can cause damage because of flawed analysis and resulting untrue data), like medical conditions, habits - constant monitoring gives plenty of datapoints (want to get a bigger medical or insurance bill because you seem to go standing near a window indicating you are a smoker or because you spend X amount of time on your sofa, or constant judgement because you do not spend arbitrary amount of time in the kitchen).
  • Cloud storage, data transferred off site to a company. Possibility to sell said data (see above). Verifiable data control an issue (would be a different thing, if data was local only and accessible by user only directly there by very secure manner).

Those were quick thoughts. Security, home security and privacy have different viewpoints that need mitigating (or marketing). Something I missed?

2 Likes

Funny story from the cold war: The CIA had similar lapse, as their divisions - as the story goes - had their car parking assigned as blocks. So, one look (directly by low level emloyee or satellite) would tell which divisions or groups were hard at work… Just goes to show, it scales.

Let’s not give Facebook any ideas, all right? :grimacing:

2 Likes

Facebook already knows about rule 34.

1 Like

You can probably do a lot, but you can already legally by cell phone data of several thousand allegedly anonymized users and see where they are. If you know just one or two locations where people have been, you can ten infer who is which dot. I think it was NYT, WP or one of the other big print papers that demoed that with Trump and his Secret Service.

Just one more reason not to have the phone in your pocket (or your clothes on), or taking selfies (or watching videos at the same time - each their own) when doing it, as the accelometer (to witch FB likely has access to) can be used to get a sense of your… rhythm.
Talking about music here! :drum: :innocent:

2 Likes

The motion sensing feature of this router is a paid service, paid via a monthly subscription.

I have a router that offers paid monthly subscription services for features that typically come free and would be free in my router, if not for the sheer greed of the router manufacturer. I never relent. We don’t want any router companies to ever get the idea that they can actually charge subscription fees for software/firmware features that are easily accessible via dd-wrt or that are a next logical step in features that the open source community can implement without requiring anyone to pay a subscription fee. I see this the same one would see extra fees to use your own car. ‘Oh, you want to drive freeway speeds. That will cost you an extra $50 per month. Oh, you want the door locks to work electronically instead of only manually. That feature will cost you another $10 per month. How fast do you want the windows to roll down? Pricing starts at one full minute to go up or down. Full speed up and down will cost you another $20 per month’. This crap never ends after it gets started. You need to kill the demand the first time they ask for a recurring fee or for any fee for something that should be included.

I just bought a second router of the same model that I have been using for a few years now. After I safely get dd-wrt installed to it and my network working with it and the new open source firmware on it, I plan to flash the old router with the same firmware. When I configured my existing router out of the box, I felt like I was selling my sole by inputting my e-mail address and going through the e-mail verification process as a required step to get the router to work at all. How dare they require that for their f-ing commodity product that I paid for and now own. There was no warning on the package or website about that requirement. If we don’t push back, some day all routers will have this requirement and if they can, they’ll charge you for each computer in your network that connects to it. This may sound crazy. But think again. Who would have thought in 1990 that the most popular consumer computing products in the world would deny you root access and charge you for things that should be free?

5 Likes

I see your point, @Dwaff, though I dunno if we agree on the amount of concern it causes, but then again that could just be me not having to worry about that sort of thing.

@JR-Fi, your cons seem to assume this WiFi can map the inside of the house to some degree, but all I saw was motion sensing. Do you know something I don’t?

Ay, somewhere in the back of my mind I had this info… See these articles(it says the accuracy is “centimeter level”) on house mapping. The drone one is more scary, I guess, but there are legitimate good applications too (and as I wrote a while back, the gap between L5 and a legitimite tricorder - one of the requirement in my mind is that it can be used as a radar/3dmapper).

And this “wifi camera” hackerproject is cool!

Btw. Wifi heat mapping is not the same thing, but as far as I can tell, it’s on the same branch of things, just applied differently. And I was going to write, it’s a bummer that I haven’t found a linux app, BUT apparently there may be an opensource version now. Making L5 a very convenient wireless network mapper, if someone can get it to work.

Congratulations, you would become Santa Claus!

(He knows when you are sleeping, he knows when you’re awake …)

they would simply penalize you for how much you’re sleeping in a 24h period each day … :sweat_smile:
i wonder if the system could tell if you’re just lying in bed or reading a book while in bed … 5G can already do this using some kind of sonar method for bouncing the signal-pulse around solid objects … can’t remember where i’ve seen this 3D simulation online though …

about sex … snooping to see if we wear the mask during this “social-distancing-recommendations” … reserved for the future when everybody is in mandatory house-arrest on a global scale … save the planet and all that …

Eh, this is kinda apples and oranges. “Consumer wifi router that can sense motion” is a far cry from “specialized antennae that can use wifi frequencies to see shapes through walls.” That hackerproject seems to me to demonstrate that a wifi router does not have the processing power to do the latter anyway.

This is like arguing that one should be wary of laser pointers because lasers can be used to pick up sound from window vibrations. That’s true, but also not applicable to this particular product (the laser pointer). In the same way, I don’t see what the big deal is about a motion-sensing router (I haven’t forgotten your insurance argument @Dwaff, but while the router could see whether or not one was moving about one’s residence, it can’t see that it’s you moving about your residence or not. If there’s more than one person living there, the data has no value in this context. I also don’t think a primary motive to not rob someone is “I can’t be bothered to case the joint.”).

1 Like

Line from the Beatles “Back in the USSR”:

“Honey, disconnect the phone.”