hngopher.com

       [HN Gopher] CSI-MURDER: Prevent WiFi CSI from being used to surv...
       ___________________________________________________________________
        
       CSI-MURDER: Prevent WiFi CSI from being used to survey environment
        
       Author : adulau
       Score  : 53 points
       Date   : 2021-02-07 10:10 UTC (1 days ago)
        
 (HTM) web link (ans.unibs.it)
 (TXT) w3m dump (ans.unibs.it)
        
       | lultimouomo wrote:
       | The title is editorialized - which makes sense, since the
       | original is only "CSI-MURDER" - but it completely mistates the
       | content of the page.
       | 
       | CSI-MURDER is a way to prevent localizing people/objects with
       | WiFi.
        
       | bjt2n3904 wrote:
       | This paper looks really clever, and I'd like to read it. Just a
       | thought about something that jumped off the page at me on a once-
       | over:
       | 
       | > Imagine someone wants to illegally track the position (and
       | implicitely the time spent) by someone into a laboratory [...]
       | 
       | The legality of analyzing WiFi frames is a bit orthogonal to
       | this. Analyzing these packets (in my book) is fair game. It's no
       | different than youtube-dl -- if you send me the data, you can't
       | forbid me from saving it for personal use, or analyzing it.
       | 
       | If you transmit something, and don't want it to be analyzed, the
       | data must be end-to-end encrypted. I don't like the idea of
       | "protecting" such data with a law that says, "this data is
       | illegal to look at".
        
         | anigbrowl wrote:
         | As a practical matter (and referencing EU law as this paper
         | seems to), you can analyze it all you like but you can't act
         | upon it.
        
         | rck wrote:
         | It's probably legal in most of the US, but almost certainly
         | runs afoul of the GDPR in the EU. Location data is personal
         | data, and companies can't (in the EU and maybe CA) and
         | shouldn't (everywhere) collect it without your consent. People
         | should use crypto because they shouldn't trust the laws to
         | work. But that doesn't mean we shouldn't have laws constraining
         | personal data collection.
        
       | zamadatix wrote:
       | The project claims to achieve this "without hampering the
       | communication performance" yet reports (at the very end of the
       | paper) of absolutely destroying quality (particularly on RX 1)
       | even with only using single spatial stream testing and leaves
       | this problem to "The theoretical analysis of the properties of a
       | randomizing filter that preserve this property and also obfuscate
       | location is part of the future work of our research teams."
       | 
       | I don't think it's that surprising to see you can murder CSI by
       | murdering the communication capability CSI was supposed to add,
       | any interesting results would seem to come from future research
       | if ever.
        
       | Gys wrote:
       | It refers to a github repo, but that is non-existing. A murder
       | victim?
        
         | kraemate wrote:
         | It's in the paper: https://github.com/seemoo-lab/csicloak
        
       | azinman2 wrote:
       | Opposite to this project, I'm interested in obtaining CSI from
       | cheap devices. But many vendors don't expose this info
       | (classically most papers use a very specific intel nic). Is there
       | a cheap/popular nic, say usb based that can work with a raspberry
       | pi, that exposes it reliably?
        
         | toomuchtodo wrote:
         | https://rgu-repository.worktribe.com/preview/966796/FORBES%2...
        
           | mleonhard wrote:
           | That is a link to a PDF of this paper:
           | 
           | FORBES, G., MASSIE, S. and CRAW, S. 2020. Wifi-based human
           | activity recognition using Raspberry Pi. In Alamaniotis, M.
           | and Pan, S. (eds.) Proceedings of Institute of Electrical and
           | Electronics Engineers (IEEE) 32nd Tools with artificial
           | intelligence international conference 2020 (ICTAI 2020), 9-11
           | Nov 2020, [virtual conference]. Piscataway: IEEE [online],
           | pages 722-730. Available from:
           | https://doi.org/10.1109/ICTAI50040.2020.00115
        
             | toomuchtodo wrote:
             | Didn't note the similarities with a cursory glance and saw
             | hardware was indicated in the PDF that appeared to meet OPs
             | requirements. Sorry about that.
        
       | mleonhard wrote:
       | Another way to prevent snooping is to prevent access to the
       | signals. Many devices contain metal mesh shielding to absorb
       | radio emissions [0]. For example, microwave ovens have a mesh
       | window that passes visible light (~500 nm) but not microwave
       | heating radiation (~100mm).
       | 
       | How can one insulate a building against RF leakage?
       | 
       | [0] https://en.wikipedia.org/wiki/Electromagnetic_shielding
        
       | myWindoonn wrote:
       | It is interesting how this is in tension with our desire to not
       | pollute [0]. On one hand, we want to only use as much
       | radio/light/etc. as necessary to communicate and live our lives;
       | on the other hand, we don't want to be easily isolated from each
       | other simply by obviously not having any light around us.
       | 
       | [0] https://en.wikipedia.org/wiki/Radio_spectrum_pollution
        
       ___________________________________________________________________
       (page generated 2021-02-08 23:02 UTC)