[HN Gopher] Xfinity using WiFi signals in your house to detect m...
___________________________________________________________________
Xfinity using WiFi signals in your house to detect motion
Author : bearsyankees
Score : 165 points
Date : 2025-06-30 19:03 UTC (3 hours ago)
(HTM) web link (www.xfinity.com)
(TXT) w3m dump (www.xfinity.com)
| jacobgkau wrote:
| > Subject to applicable law, Comcast may disclose information
| generated by your WiFi Motion to third parties without further
| notice to you in connection with any law enforcement
| investigation or proceeding, any dispute to which Comcast is a
| party, or pursuant to a court order or subpoena.
|
| Sounds like, at least in some limited circumstances (using the
| provided WiFi AP, having this feature turned on, etc), ISPs are
| going to be able to tell law enforcement/courts whether anyone
| was home at a certain time or not.
| 57473m3n7Fur7h3 wrote:
| And also how many people are currently in the house, right at
| this moment. Maybe even which rooms of the house those people
| are in.
| schiffern wrote:
| WiFi can also be used to detect heartrate and breathing,
| which can leak additional ad-targeting information related to
| activity, arousal, or agitation.
|
| https://www.mdpi.com/1424-8220/24/7/2111
| josho wrote:
| The solution here shouldn't be technical; it should be legal.
|
| If we rely on the technical path, Comcast can achieve the same
| by how many active IPv6 addresses are in use. Even if you
| aren't using your phone, the device is going to be constantly
| pinging services like email, and your ISP can use that to piece
| together how many people are at home.
|
| If we rely on legal protection, then not only Comcast, but all
| ISPs will be prohibited from spying on their customers. Ideally
| the legislation would be more broad and stop other forms of
| commercial/government surveillance, but I can't imagine a world
| where Congress could actually achieve something that widely
| helpful for regular citizens.
| dylan604 wrote:
| What if I left my device at home?
| aspenmayer wrote:
| With enough signals, gait recognition for example is
| possible, and those same signals could be corroborated with
| presence or absence of concomitant device signals to
| determine if your device is moving with your person, and if
| not, to then flag this for enhanced monitoring if evasion
| is suspected.
| landl0rd wrote:
| The point is every single thing I own should be "on my
| side". My car should not store my location history. My
| wifi router should not track presence and movement. My
| printer should not add any watermarks or telltale dots.
| My stuff should actively make it difficult or impossible
| for hackers, advertisers, or law enforcement to recover
| any useful information.
|
| This means, respectively: ensure personal info is stored
| securely so hackers can recover little. Don't transmit
| info to remote servers to limit what advertisers get. And
| just store as little as possible in the first place
| because this is the legal means to have little to
| subpoena or discover.
|
| Useful info, when absolutely necessary, should be locked
| behind a password, as constitutional rights preclude law
| enforcement from making someone disclose it.
| aspenmayer wrote:
| This is magical thinking, because it's using the legal
| system to solve a technical and social problem. It's
| probably possible to create standards that don't leak PII
| and other forms of metadata that are unique. That is
| probably the only solution going forward to reduce
| possible interdiction by extralegal third parties.
| However, Comcast can only be enjoined from doing this
| legally, and will likely not do anything that isn't
| implemented by standards bodies, such as WiFi standards.
| The fact that these capabilities are available to Comcast
| corporate is because OEMs that make set top cable
| receivers and combination cable modem WiFi routers
| provide these capabilities. I'm not sure if these
| features are standard or require a special order. Once
| Comcast has the data, it is available to law enforcement
| via the Third Party Doctrine, which isn't going away
| anytime soon.
| dylan604 wrote:
| These companies are so big now, and more importantly
| their lobbyists are, that it is unlikely any regulations
| would ever come that would limit their abilities to make
| money off of your PII.
| aspenmayer wrote:
| All these already existing dragnets make oldies like the
| Clipper Chip seem like a weekend hackathon project.
|
| The irony is that all of these metadata leaks and
| correlation attacks etc were theoretical at the time
| these technologies were created and developed, unless
| you're NSA level compute power, both human and silicon.
| Now, any script kid has enough info to try to build an
| array of SDRs to do the same thing, and no one will care
| when they do besides the feds who cry foul about their
| turf being stepped on by plebeians. The public will never
| care because their eyes will already have glazed over
| once you mention MAC addresses and SSIDs.
| maxerickson wrote:
| You seem to think that it would be impossible to instruct
| Comcast to implement on/off for the feature? That's the
| sort of thing that the legal system is for.
| aspenmayer wrote:
| I don't think that this would be likely to pass Congress.
| Even if it were, if Comcast failed to uphold its
| obligations due to receiving a National Security Letter
| (NSL) then they would be hamstrung, unable to comply and
| unable to protest publically.
|
| It's almost a legal impossibility and would be a bad move
| geopolitically to give up this full take capability and
| it is not happening. It's wishful thinking to believe
| otherwise.
|
| https://en.wikipedia.org/wiki/Room_641A
| dylan604 wrote:
| when I'm at home, my device is just sitting on the desk.
| rarely is it in my actual hand being carried with me.
| also i'm old, so i don't have it in my hand while sitting
| on the couch or in bed either. that's why my laptop is
| for. something with a real keyboard and screen and not
| something that's going to give me scoliosis for hunching
| over to read all the damn time
| baggachipz wrote:
| > I can't imagine a world where Congress could actually
| achieve something that widely helpful for regular citizens.
|
| "Best we can do is letting all the AI companies hoover up
| your data too"
| timewizard wrote:
| It doesn't require IPv6. The modem is just as aware of all
| the private IPv4 addresses on your network as well as all the
| public IPv6 ones.
|
| Unless you put your own gateway (layer 3 switch, wifi ap,
| linux router) in front of it.
| frollogaston wrote:
| That would require Comcast to have access to your router,
| or more precisely, the NAT.
| nemomarx wrote:
| Comcast sells a router gateway combination device that's
| probably required for this motion sensing anyway. If you
| have that they could already check device counts and in
| fact their Xfinity app lists connected devices in detail.
| timewizard wrote:
| For most people their Comcast modem _is_ their router.
| frollogaston wrote:
| The point of the comment about ipv6 is that if you don't
| use a Comcast modem/router or they're prohibited by law
| from snooping on that, Comcast can still sorta understand
| the number of users from the outside by looking at your
| ipv6 addresses.
| timewizard wrote:
| I understand they can do traffic analytics but with
| privacy extensions and the proliferation of IoT devices I
| don't think that level of analysis is going to be very
| fine. Probably just enough to bin houses into different
| size groups.
|
| There are a multitude of pre-existing ways of achieving
| the same result. One would be simply looking at the ft^2
| listed on the public tax documents for the given address.
|
| So I was really assuming any useful analysis would
| require them to be the actual man in the middle by owning
| and controlling your router. In which case address family
| does not matter.
| Yeri wrote:
| From my understanding it tracks signal strength between two
| points (gateway and printer for example).
|
| Putting your phone in airplane mode doesn't make it think
| you have left the house.
|
| > If you'd like to prevent your pet's movement from causing
| motion notifications, you can exclude pet motion in your
| WiFi Motion settings by turning on the Exclude Small Pets
| feature. > Motion is detected based on the amount of signal
| disruption taking place between the Xfinity Gateway and
| your selected WiFi-connected devices, so motion from small
| pets (around 40 pounds or less) can be filtered out while
| keeping you notified of large movements more likely to be
| caused by humans.
| Aurornis wrote:
| > The solution here shouldn't be technical; it should be
| legal.
|
| The parent commenter was highlighting that law enforcement
| can compel them to provide the data.
|
| The customer has to opt-in to WiFi motion sensing to have the
| data tracked. If you see something appear in an app, you
| should assume law enforcement can compel the company to
| provide that data. It's not really a surprise.
|
| > If we rely on legal protection, then not only Comcast, but
| all ISPs will be prohibited from spying on their customers.
|
| To be clear, the headline on HN is editorialized. The linked
| article is instructions for opting in to WiFi motion sensing
| and going through the setup and calibration. It's a feature
| they provide for customers to enable and use for themselves.
| tehwebguy wrote:
| > The customer has to opt-in to WiFi motion sensing to have
| the data tracked.
|
| Not for long, there's money to be made by adding this to
| the cops' customer lookup portal.
| frollogaston wrote:
| Ipv6? I ain't enabling that anyway
| oliwarner wrote:
| > The solution here shouldn't be technical; it should be
| legal
|
| Technical solutions tend to last longer. Legal solutions have
| a habit of being ignored when they become inconvenient.
|
| The legal _default_ should be that collecting this sort of
| data should always be illegal without informed consent and
| never used beyond the remit of that consent. As inconvenient
| as it sometimes is, the world needs GDPR.
| armchairhacker wrote:
| > The solution here shouldn't be technical; it should be
| legal.
|
| I disagree. Solutions should be technical whenever possible,
| because in practice, laws tend to be abused and/or not
| enforced. Laws also need resources and cooperation to be
| enforced, and some laws are hard to enforce without creating
| backdoors or compromising other rights.
|
| "ISPs will be prohibited from spying on their customers"
| doesn't mean ISPs won't spy on their customers.
| hamhock666 wrote:
| > ... I can't imagine a world where Congress could actually
| achieve something that widely helpful for regular citizens.
|
| The solution is to not use the internet if you care about
| your privacy.
| kevin_thibedeau wrote:
| We are now treating foreign students with suspicion when
| they don't have a satisfactory internet footprint. Only a
| matter of time until that gets turned against the
| citizenry. Submit to surveillance capitalism or go to jail
| you deviant.
| timewizard wrote:
| You can turn the customer AP off; however, the Comcast Customer
| Shared WiFi is always on. This is true even for Comcast
| Business accounts. You're expected to be a hotspot for their
| other customers.
|
| Which is one of the main reasons I bought my own modem.
| jhowison wrote:
| You can turn off the shared hotspot:
| https://www.xfinity.com/support/articles/disable-xfinity-
| wif...
| snarf21 wrote:
| Curious: What about adding a small battery powered WiFi device
| to your dogs collar? Would that look like a person moving
| around the house? What about a WiFi controlled mini drone that
| flew around you house?
|
| [Note: this should be illegal]
| Aurornis wrote:
| A much easier alternative is to not enable the feature on
| your router.
|
| It's an opt-in feature. If you don't set it up, they aren't
| generating the home/away chart like shown in the article.
| vel0city wrote:
| This technology doesn't rely on you actually having a WiFi
| device on you. It can detect presence/motion by changes to
| the standing waves of the EM propagation throughout the room.
|
| As the salty water meatbags move from room to room we change
| how the reflections and scattering patterns of 2.4 and 5GHz
| waves move. Studying these changes and some calibration, you
| can even determine small changes (like is the person on the
| left side of the room breathing, are they standing or prone,
| etc).
| vel0city wrote:
| This technology doesn't rely on you actually having a WiFi
| device on you. It can detect presence/motion by changes to
| the standing waves of the EM propagation throughout the room.
|
| As the salty water meatbags move from room to room we change
| how the reflections and scattering patterns of 2.4 and 5GHz
| waves move. Studying these changes and some calibration, you
| can even determine small changes (like is the person on the
| left side of the room breathing, are they standing or prone,
| etc).
|
| In their docs, they show using the WiFi connection from a
| printer to determine motion sensing and have the option to
| exclude pets.
| Yeri wrote:
| It doesn't require a WiFi device to work.
|
| > If you'd like to prevent your pet's movement from causing
| motion notifications, you can exclude pet motion in your WiFi
| Motion settings by turning on the Exclude Small Pets feature.
| > Motion is detected based on the amount of signal disruption
| taking place between the Xfinity Gateway and your selected
| WiFi-connected devices, so motion from small pets (around 40
| pounds or less) can be filtered out while keeping you
| notified of large movements more likely to be caused by
| humans.
| yborg wrote:
| I remember reading this paper when it came out, didn't think it
| would be commercializable, and here we are.
|
| https://dl.acm.org/doi/10.1145/2486001.2486039
| hopelite wrote:
| I have a sneaky suspicion this is not something that
| Xfinity/Comcast just woke up one day and thought they should
| implement. This has all the hallmarks of the treasonous
| surveillance state injecting itself to instrumentalize
| corporations to claim they're not violating the supreme law
| called the Constitution if they simply make others commit the
| treasonous crimes against the people.
|
| Because we all know, of course, the Constitution only applies
| to the federal government, right? If mega-corporation USA Inc
| uses its shell company Comcast to violate the Supreme law of
| the land in a treasonous manner, then you are of course SOL asa
| mere citizen since they aren't the federal government and the
| Constitution does not apply to them.
|
| In case it want clear, that was sarcasm.
| schiffern wrote:
| I miss the old days when this would come off like a crazy
| rant, rather than being _the evening news_.
|
| In case people missed it:
|
| https://theconversation.com/from-help-to-harm-how-the-
| govern...
|
| https://www.eff.org/deeplinks/2023/07/even-government-
| thinks...
|
| https://www.politico.com/news/magazine/2024/02/28/government.
| ..
| sojsurf wrote:
| I was just reading up on wifi 7 today. It sounds like the
| spec was designed with WIFI sensing in mind.
| Tijdreiziger wrote:
| That's speculation. In the article, you can see that it's
| meant as a pseudo-alarm system. It's plausible that someone
| at Comcast thought this is a value-add. (Netgear already
| offered this as a feature on their routers, it's not a novel
| concept.)
|
| Even within tech circles, lots of people aren't worried about
| privacy and even have indoor cameras in their homes.
| andy_xor_andrew wrote:
| Yeah, it's bizarre.
|
| Normally the pathway for this kind of thing would be:
|
| 1. theorized
|
| 2. proven in a research lab
|
| 3. not feasible in real-world use (fizzles and dies)
|
| if you're _lucky_ the path is like
|
| 1. theorized
|
| 2. proven in a research lab
|
| 3. actually somewhat feasible in real-world use!
|
| 4. startups / researchers split off to attempt to market it
| (fizzles and dies)
|
| the fact that this ended up going from research paper to
| "Comcast can tell if I'm home based on my body's physical
| interaction with wifi waves" is absolutely wild
| transpute wrote:
| _> the fact that this ended up going from research paper to
| "Comcast can tell if I'm home based on my body's physical
| interaction with wifi waves" is absolutely wild_
|
| The 15-year path was roughly: 1. bespoke
| military use (see+shoot through wall) 2. bespoke law-
| enforcement use (occupancy, activity) 3. public
| research papers by MIT and others 4. open firmware for
| Intel modems 5. 1000+ research papers using open
| firmware 6. bespoke offensive/criminal/state malware
| 7. bespoke commercial niche implementations 8. IEEE
| standardization (802.11bf) 9. (very few) open-source
| countermeasures 10. ISP routers implementing draft IEEE
| standard 11. (upcoming) many new WiFi 7+ devices with
| Sensing features
|
| https://www.technologyreview.com/2024/02/27/1088154/wifi-
| sen...
|
| _> There is one area that the IEEE is not working on, at
| least not directly: privacy and security.. IEEE fellow and
| member of the Wi-Fi sensing task group.. the goal is to focus
| on "at least get the sensing measurements done." He says that
| the committee did discuss privacy and security: "Some
| individuals have raised concerns, including myself." But they
| decided that while those concerns do need to be addressed,
| they are not within the committee's mandate._
| nomel wrote:
| It's not too crazy, if you're familiar with comms systems.
|
| The ability to do this is a _necessity_ for a comm system
| working in a reflective environment: cancel out the
| reflections with an adaptive filter, residual is now a high-
| pass result of the motion. It 's the same concept that makes
| your cell location data so profitable, and how 10G ethernet
| is possible over copper, with the hybrid front end cancelling
| reflections from kinks in the cable (and why physical
| wiggling the cable will cause packet CRC errors). It's, quite
| literally, "already there" for almost every modern MIMO
| system, just maybe not exposed for use.
| chimeracoder wrote:
| One takeaway from this is that there's a strong privacy case for
| disabling the built-in wireless network from your ISP-provided
| modem/router and using your own, to reduce the number of ways
| that your ISP can surveil you.
| chatmasta wrote:
| That's always a good idea, but they'll still be able to tell
| when someone is home because the outbound internet traffic will
| increase.
|
| And don't forget to set your DNS to a non-ISP resolver.
| calvinmorrison wrote:
| So you need fake upstream downstream traffic, put your router
| in a lead box, use DNS over https, and then all that for
| nothing because the Amazon router was backdoored by the NSA
| too
| chimeracoder wrote:
| > That's always a good idea, but they'll still be able to
| tell when someone is home because the outbound internet
| traffic will increase.
|
| Sure, but not necessarily _who_ is home, since they won 't
| have the MAC address of your device(s) connecting.
|
| Also, traffic volumes are a lot noisier of signals than you
| might think, given how much automated and background stuff we
| have these days.
| sneak wrote:
| SNI is not encrypted.
|
| You need a box downstream of your ISP devices that encrypts
| all traffic out over a VPN. This is what I do.
| jeffbee wrote:
| This is piled on top of the existing strong case for all
| Comcast wifi equipment being hot garbage. If some confluence of
| poor regulations has led you to being stuck with Comcast, the
| least you can do for yourself is get your own DOCSIS modem and
| routers and access points that you control.
| ghurtado wrote:
| Even better, don't use the Comcast router at all. It's a rip
| off anyway
| jayd16 wrote:
| Don't they hand out combination modem/routers? What's a
| cheaper alternative?
| reanimus wrote:
| Buy your own DOCSIS modem, opt out of renting theirs. It'll
| pay for itself after a few billing cycles (the modem rental
| fee is $15 per month)
| gia_ferrari wrote:
| If you're on a cheaper lower speed subscription, you can
| often find compatible modems at thrift stores for a
| couple dollars. People upgrade to faster tiers and unload
| their old perfectly serviceable equipment good for a
| couple hundred megabits - fine for most needs.
| jayd16 wrote:
| Wow, what a deal. Last I looked it was $5/mo. Spectrum
| doesn't give you any discount at all.
|
| Still I thought a good DOCSIS 3.1 modem would be a few
| hundred.
| ac29 wrote:
| I did this recently and found out Comcast considers some
| security feature that runs only on their hardware to be
| part of the bundle they sold us.
|
| So, bringing your own modem gets rid of the rental fee,
| but requires moving to a different plan without the
| security feature bundled. This is of course more
| expensive, almost entirely negating the savings of
| bringing your own network equipment (I think our net
| savings is $5/month, which means its going to be a couple
| years to pay back the modem cost).
| tripdout wrote:
| If it lets you. I think Bell modem+router+AP devices always
| broadcast a TV network with no way of disabling it whether you
| have TV service or not.
| anonymousab wrote:
| That's what a good-ol' Faraday cage is for.
| gia_ferrari wrote:
| Or unplugging the internal antennas. Only on equipment you
| own, of course.
| o11c wrote:
| My home ISP's cell router (because no other internet reaches
| our area anymore) has almost no configurable settings (just
| wifi name/password/hidden), and actively _forbids_ you from
| disabling wifi even though I only use it through the wired
| connection.
|
| (And what limited configurability it provides is only through
| the app, which requires you to agree to their "molest your
| privacy policy". I had been content with just not installing
| the app , but my threat model hadn't considered this new
| development ...)
| EvanAnderson wrote:
| I don't want my ISP doing this to me, but it sounds like
| something pretty cool to do myself. Does anybody know what the
| current state of "self-hosting" this kind of functionality is?
| 0cf8612b2e1e wrote:
| I am also super interested for the personal use case. What is
| the resolution? Can I track my cat through the house? See when
| they go to the feeder? Count my own bathroom visits?
| Aurornis wrote:
| > What is the resolution? Can I track my cat through the
| house? See when they go to the feeder? Count my own bathroom
| visits?
|
| None of the above.
|
| The setup process has you select 3 reference devices. You
| should pick the devices so that your normal motion areas are
| between the device and the router.
|
| The router then watches the WiFi signals from those devices.
| If they fluctuate more than baseline, it's assumed that
| something is moving around in the area.
|
| It's a threshold detection that can serve as a crude motion
| sensor for home/away purposes.
| 0cf8612b2e1e wrote:
| Nuts. Less interesting than the claims of monitoring heart
| rate, but still potentially some applications "for free" if
| it just needs to analyze signal strength from devices I
| already have. Theoretically could put it directly onto my
| OpenWRT router and make it available from there.
| HeavenFox wrote:
| For home / away purposes it's easier to just detect if your
| phone is connected to the network. I built something like
| that before by shipping the log from my UniFi controller to
| a RPi and listen for events where my phone's MAC address
| connect or disconnnect.
| sneak wrote:
| Just get cameras and local storage/processing for them. No need
| for elaborate Wi-Fi presence detection hacks.
| VariousPrograms wrote:
| One more reason not to use an ISP router, although in this case
| most of us are at minimum carrying around GPS homing beacons in
| our pocket so the carriers already know where we are.
| OptionOfT wrote:
| And now we also know the reason why they give away unlimited
| data for free when you use their router, but not when you want
| to use your own router.
| ajcp wrote:
| I can turn off the WiFi on my ISPs (Cox) router. I just have
| it port-forward everything into my own wifi-router where I
| manage it from there.
| femiagbabiaka wrote:
| Xfinity won't give folks in certain locales (maybe everywhere in
| the US?) unlimited bandwidth unless they use their modem/router.
| This seems like a good reason that practice should be illegal.
| reaperducer wrote:
| I use a cellular connection for my internet, but my apartment
| building is wired with Xfinity, and probably 90% of people use
| it.
|
| Naturally, there is no way for me to opt out of this.
| BarryMilo wrote:
| Time to make your apartment a faraday cage!
| Tijdreiziger wrote:
| RF-blocking paint exists.
| kube-system wrote:
| And contrary to popular belief, neither it nor a faraday
| cage blocks RF. They _attenuate_ it, to varying degrees.
| bikenaga wrote:
| Does your apartment lease require that you use Comcast's
| hardware? When I signed up for Xfinity years ago I wanted to
| use my own hardware (NetGear cable modem, Buffalo Airstation
| with DD-WRT). I forget now whether I had to walk through the
| activation over the phone with a tech - I vaguely recall
| having to provide some information about the modem, which was
| one of the models listed as supported on their use-your-own-
| hardware web page - but the whole thing was easy.
|
| Other people have mentioned that not using Comcast's stuff
| means that certain features won't be available, but I don't
| care. I don't have huge bandwidth needs, for instance.
| afruitpie wrote:
| As far as I'm aware, Xfinity fiber customers have to use the
| provided "Xfinity Wi-Fi Gateway" and cannot enable bridge mode.
|
| If anyone knows a way around this, please share! I want to
| connect my Xfinity ONT directly to my UniFi router.
| 0cf8612b2e1e wrote:
| In that situation, I would put the vendor modem in a
| microwave or other impromptu faraday cage to prevent the
| leakage. Remove/isolate the antennas as best as possible.
| Saris wrote:
| Can also open it up and disconnect the wifi antennas, or
| cut the traces if they're on the PCB.
| 0cf8612b2e1e wrote:
| Those vendor modems are rentals and expected to be
| returned in working order. Would you likely get away with
| it? Sure, nobody is paying techs to diagnose why the WiFi
| is failing for unit #367326, but cutting traces is
| definitely crossing some lines.
| mixdup wrote:
| They have changed this policy with their new plans released
| last week. You no longer have to use their equipment to get
| unlimited data
| dylan604 wrote:
| So use their router, but connect your own to it. Then turn off
| the WiFi in their equipment
| femiagbabiaka wrote:
| I'm doing the first bit, but I can't turn off the wifi --
| only stop broadcasting my "personal" network. And actually,
| as I went in to make sure that was the case, I saw that
| broadcasting of my personal network had been forcibly turned
| back on. Lovely!
| dylan604 wrote:
| If you don't broadcast your SSID, then how can device
| manufactures have hyper accurate location services
| available when GPS is not? You're not participating in the
| system! Hell, as much money as theGoogs gives to be the
| default search to various companies, would they not be
| willing to pay ISPs to keep that option on? I'm just
| throwing ideas out that I know nothing about, but I don't
| see why they would be opposed to the concept.
| femiagbabiaka wrote:
| This is an old article, but still accurate. By default
| every Xfinity router also advertises Xfinity's public
| wifi offering: https://money.cnn.com/2014/06/16/technolog
| y/security/comcast.... Now if you turn that off then
| what? Not sure, but I trust Xfinity and their lawyers to
| find a way :)
| nandomrumber wrote:
| Doesn't turning off SSID broadcast result in devices that
| have the wifi network saved repeatedly broadcast a
| request for the AP to identify itself in an effort to
| establish a connection?
| dylan604 wrote:
| I'm not sure I follow. Why would a network known to the
| device not be connected to the network? If you never
| connected your device to their wifi and only connected to
| your wifi connected via ethernet, why would it even know
| to make a request? If you're not actively connecting to
| the WiFi in your house, why not just "forget network"?
| Seems like a strange hypothetical, but aren't they all?
| nullc wrote:
| They do that already... sum of all privacy losses.
|
| Any time you go out in public your devices are crying out
| looking for your home AP. If someone can figure out which
| are you, e.g. by seeing you multiple times in different
| places they can then go look up where you live based on
| your home's SSID broadcasts.
| dawnerd wrote:
| Put the thing in a faraday box.
| nick__m wrote:
| If you cannot disable it and you don't trust the wifi but
| need the service, wrap the isp provided box it in aluminum
| foil and ground that foil ( no need to try to solder on the
| foil, an alligator clip is more practical), the wifi will
| still be on but it will be completely blind. Just make sure
| it doesn't overheat.
| femiagbabiaka wrote:
| These are the comments I come to HN for.
| m463 wrote:
| I was thinking about this with respect to the new uncomplicated
| no-contract service with no caps they started offering:
|
| https://www.slashdot.org/story/25/06/26/2124252/comcasts-new...
|
| Apparently you can get 1/2gbit ethernet only modems without
| wifi. You don't save any money over using their equipment.
| zeta0134 wrote:
| This practice, and fear of the exact sort of nonsense in this
| article, plus wanting to keep my wifi bandwidth free for the
| network I actually connect to, is why I'm still on AT&T DSL in
| my area, at 50 mbps. Comcast is available at up to gigabit, and
| they can keep it.
| harles wrote:
| AT&T is pretty bad in its own way. They snoop DNS and to sell
| your info (including physical address) to advertisers - even
| if you switch your DNS providers. They used to had a paid opt
| out (~$20/mo IIRC) but I don't see that option anymore.
| jklinger410 wrote:
| I had a conspiracy theorist tell me one time this is why they
| removed all the lead paint. It never quite made sense that kids
| were actually eating lead chips.
|
| I know lead is bad for you, maybe a coincidence.
| linsomniac wrote:
| >It never quite made sense that kids were actually eating lead
| chips
|
| You know that lead tastes sweet, right?
| meepmorp wrote:
| Apart from what the sibling poster said about lead (II acetate)
| having a sweet taste, little kids will put literally anything
| in their mouths. You ain't lived till you had to get dog shit
| out of a baby's mouth.
| Aurornis wrote:
| Even old lead paint didn't have a lot of lead in it. A thin
| layer of lead paint with <1% lead does nearly nothing for WiFi
| signals.
|
| We use lead for shielding ionizing radiation like gamma rays,
| but even that uses a lot more lead than you'd find in paint.
|
| Not all "radiation" is the same thing.
| rancar2 wrote:
| This reminds of an MIT-licensed library that was Vibe-coded and
| released three weeks ago. The source is available here:
| https://github.com/ruvnet/wifi-densepose
| Havoc wrote:
| Thought I could integrate that into home assistant...till I got
| to the 78% GPU utilization part. Bit heavy for 24/7
| transpute wrote:
| Sensing is (sadly) part of Wi-Fi 7. If you have a recent Intel,
| AMD or Qualcomm device from the past few years, it's likely
| physically capable of detecting human presence and/or activity
| (e.g. breathing rate). It can also be done with $20 ESP32 devices
| + OSS firmware and _possibly_ with compromised radio basebands.
| heywoods wrote:
| This whole WiFi motion sensing is totally new to me. If anyone
| else is in the same boat reading this here are some details I
| found.
|
| https://g.co/gemini/share/87f17617ca29
|
| The interesting bits from the search are below. --- Wi-Fi 7
| (802.11be), also known as Extremely High Throughput (EHT),
| brings significant advancements that are highly beneficial for
| Wi-Fi sensing applications, including motion detection, and can
| potentially offer a higher degree of accuracy and more advanced
| capabilities compared to Wi-Fi 6E. While Xfinity's Wi-Fi Motion
| currently relies on XB7 (Wi-Fi 6) and XB8 (Wi-Fi 6E) gateways,
| future iterations or third-party solutions built on Wi-Fi 7
| would leverage its new features. Here's how Wi-Fi 7 enhances
| motion detection and sensing: Key Wi-Fi 7 Features Relevant to
| Sensing: * Ultra-wide 320 MHz Channels: * Impact on Sensing:
| Wi-Fi 7 supports channel widths up to 320 MHz, exclusively in
| the 6 GHz band (twice the maximum width of Wi-Fi 6E). Wider
| channels mean more subcarriers in the OFDM signal. This
| translates to much richer and higher-resolution Channel State
| Information (CSI). More data points in the CSI allow for finer-
| grained detection of signal perturbations caused by motion,
| potentially leading to: * More precise localization: Better
| ability to pinpoint where motion is occurring. * Detection of
| more subtle movements: Including micro-motions like breathing
| or heartbeats (as seen in advanced research). * Improved
| filtering: Better differentiation between human motion, pets,
| or environmental noise. * Multi-Link Operation (MLO): * Impact
| on Sensing: MLO allows devices to transmit and receive data
| simultaneously across multiple frequency bands (2.4 GHz, 5 GHz,
| and 6 GHz) or channels within the same band. * Benefits for
| Sensing: * Increased Robustness: If one link experiences
| interference or fades, sensing can continue on another link,
| improving reliability. * Enhanced Coverage and Accuracy: By
| aggregating data from multiple links, the system gets a more
| comprehensive view of the signal environment, leading to better
| motion detection coverage and accuracy, especially in complex
| environments. * Potential for 3D Sensing: Combining information
| from multiple links and bands could facilitate more
| sophisticated 3D tracking of objects or people. * 4096-QAM
| (Quadrature Amplitude Modulation): * Impact on Sensing: 4K QAM
| allows each symbol to carry more bits of data (12 bits compared
| to 10 bits in Wi-Fi 6/6E's 1024-QAM). While primarily for
| throughput, higher-order modulation requires incredibly clean
| and stable signals. * Benefits for Sensing: The underlying
| ability of Wi-Fi 7 to maintain such high modulation rates
| implies a network that is extremely sensitive to signal
| integrity. This sensitivity can be leveraged for sensing, as
| even tiny changes in the environment (due to motion) would
| cause discernible shifts in the highly modulated signal,
| potentially making detection more precise. * Improved MU-MIMO
| (Multi-User Multiple Input Multiple Output) and Increased
| Spatial Streams: * Impact on Sensing: Wi-Fi 7 increases the
| number of spatial streams (up to 16x16 MU-MIMO compared to 8x8
| in Wi-Fi 6/6E). * Benefits for Sensing: More spatial streams
| mean more diverse signal paths are being transmitted and
| received. This provides even richer and more redundant CSI
| data, which is invaluable for robust and accurate sensing,
| particularly for distinguishing multiple targets or for fine-
| grained motion analysis. * Spectrum Puncturing and Multi-RU
| Allocation: * Impact on Sensing: These features allow for more
| flexible and efficient use of spectrum, even in the presence of
| interference. * Benefits for Sensing: By intelligently avoiding
| interfered portions of a wide channel, the system can maintain
| cleaner CSI data from the usable subcarriers, ensuring more
| consistent sensing performance in noisy environments. * Lower
| Latency: * Impact on Sensing: Wi-Fi 7 significantly reduces
| latency. * Benefits for Sensing: Lower latency means faster
| processing and reporting of motion events. This is crucial for
| real-time applications like security alerts, fall detection, or
| gesture recognition where immediate response is critical.
| Applications and Potential Accuracy of Wi-Fi 7 for Sensing:
| With these advancements, Wi-Fi 7 has the potential to push Wi-
| Fi sensing beyond simple presence detection to more
| sophisticated applications: * Highly Accurate Presence and
| Motion Detection: More reliable detection of human presence
| (even stationary) and movement within a defined area. * Precise
| Localization and Tracking: Better ability to identify the exact
| position of a person or object and track their movement paths
| within a space. * Gesture Recognition: Potential for
| recognizing specific human gestures for control applications
| (e.g., smart home controls without touch). * Biometric Sensing:
| More accurate detection of subtle physiological signals like
| breathing patterns and heart rate, which has applications in
| elder care, sleep monitoring, and health tracking, all without
| wearable devices. * People Counting: Improved ability to
| accurately count the number of people in a room. * Enhanced
| Security: More robust detection of intruders and fewer false
| alarms compared to earlier Wi-Fi sensing iterations. While the
| "degree of accuracy" is hard to quantify with a single number
| (as it depends on the specific implementation, algorithms, and
| environment), Wi-Fi 7's core features provide a much stronger
| foundation for building highly accurate, reliable, and advanced
| Wi-Fi sensing solutions compared to Wi-Fi 6/6E. It moves Wi-Fi
| sensing closer to the capabilities of dedicated radar or mmWave
| sensors in certain contexts, while leveraging existing Wi-Fi
| infrastructure.
| exabrial wrote:
| Yeah, disable that wifi on an device not controlled by you
| damascus wrote:
| If they make the firmware there's no guarantee they aren't
| still doing it just without a broadcast SSID going along with
| it.
| 0xbadcafebee wrote:
| I'm sure people will want to make it seem like Comcast is doing
| something evil here, but they're not:
|
| > Comcast does not monitor the motion and/or notifications
| generated by the service.
|
| > This feature is currently only available for select Xfinity
| Internet customers as part of an early access preview.
|
| > WiFi Motion is off by default.
|
| Features like this at Comcast are typically one or two engineers
| on a random team coming up with a cool idea, testing it out, and
| if it works, they ask if they can roll it out en-masse. If it's
| just a software or server/backend thing and it doesn't have any
| negative impact, it gets accepted. Despite their terrible
| customer service and business practices, they do some cool stuff
| sometimes. They also release a fair bit of home-grown stuff as
| open source, which is expensive and time-consuming, but [they
| hope] it attracts engineers.
| unit_circle wrote:
| It's all well and good until the MBAs get a hold of it...
| Technology doesn't exist in a vacuum.
| Aurornis wrote:
| In case anyone is skimming the headline and comments: It's not
| enabled by default. This is an optional feature that you have to
| find, turn on, and then select up to 3 WiFi devices to use as
| reference signals:
|
| > Activating the feature
|
| > WiFi Motion is off by default. To activate the feature, perform
| the following steps:
|
| The actual title of the article is "Using WiFi Motion in the
| Xfinity app".
| jml7c5 wrote:
| The term for this sort of thing is "WiFi sensing". Relevant HN
| thread from 2021 ("The next big Wi-Fi standard is for sensing,
| not communication (2021)"):
| https://news.ycombinator.com/item?id=29901587
|
| As far as I can tell, devices were already on the market when
| that thread was made. 802.11bf was standardization to help along
| interoperability and future products.
| lulzury wrote:
| Does wrapping their modem in foil work at defeating this thing in
| any meaningful way? I have my own router.
| transpute wrote:
| ISP routers should have an admin option to disable WiFi.
|
| Grounded fine copper mesh can attenuate RF and maintain
| cooling.
| sneak wrote:
| Probably. Even better would be opening it up and grounding the
| antenna.
| johnklos wrote:
| I've been telling people for ages to not trust ISP provided
| hardware. Notice the vague language here which means they reserve
| the right to share private information for _anything_ that might
| be called an investigation, or for any dispute which includes
| them (didn 't pay your bill?), or a subpoena.
| Subject to applicable law, Comcast may disclose information
| generated by your WiFi Motion to third parties without further
| notice to you in connection with any law enforcement
| investigation or proceeding, any dispute to which Comcast is a
| party, or pursuant to a court order or subpoena.
|
| Plus, sharing isn't limited to a court or law enforcemnt agency -
| they reserve the right to share information with any third party.
|
| This is scary, particularly considering how the current
| administration wants to weaponize everything they possibly can.
| jrockway wrote:
| This is a neat feature when it's your own device that you
| control, but not so great when they "disclose information
| generated by WiFi Motion to third parties without further notice
| to you."
|
| I wanted to talk about how responsible WiFi router software
| authors can make things local-only (and I've done that in the
| past; no way to get this information even if I wanted it). But
| this is always temporary when "they" can push an update to your
| router at any time. One day the software is trustworthy, they
| next day it's not, via intentional removal of privacy features or
| by virtue of a dumb bug that you probably should have written a
| unit test for. Comcast is getting attention for saying they're
| doing this, but anyone who pushes firmware updates to your WiFi
| router can do this tomorrow if they feel like it. A strong
| argument in favor of "maybe I'll just run NixOS on an Orange Pi
| as my router", because at least you get the final say in what
| code runs.
| sneak wrote:
| What is the escalation path for replacing or removing the corrupt
| public utility commissions that allow these fraudulent and
| unethical monopolists to continue operating?
|
| We have endless cases of Comcast and others criminally abusing
| their granted monopoly and the PUCs simply allowing them to run
| roughshod over consumers.
|
| How do we fix it?
| jl6 wrote:
| The race is on to find the cheapest/easiest decoy that can
| simulate such motion (because if everything is moving, then
| nothing is moving). A tube man in every corner?
| transpute wrote:
| The race is already on for biometric fingerprinting via WiFi
| Sensing, e.g. via heart rate.
| smallerize wrote:
| This is actually a feature of the Plume wifi mesh devices.
| https://support.plume.com/s/article/Sense-Live-View?language...
| It's also available from any other ISP that uses them, or if you
| buy your own Plume device and a subscription. It's been there for
| years. https://arstechnica.com/gadgets/2020/03/from-wi-fi-to-spy-
| fi...
| transpute wrote:
| https://staceyoniot.com/the-next-big-wi-fi-standard-is-for-s...
|
| _> The IEEE plans to take the concepts for Wi-Fi sensing from
| the proprietary system built by Cognitive (which has been
| licensed to Qualcomm and also Plume) and create a standard
| interface for how the chips calculate interference that
| determines where in space an object is._
|
| Other firmware sensing capability:
| https://www.cognitivesystems.com/caregiver/ -
| Activity Tracking: Detects movement patterns to identify
| changes in daily routines to spot health concerns -
| Sleep Monitoring: Tracks sleep duration, wake times and
| nighttime interruptions to assess sleep quality - Anomaly
| Detection: Establishes household baseline to proactively
| identify unusual patterns & changes in activity
| theturtle wrote:
| ...and promising to give it to cops.
|
| Turn that thing off.
| amazingman wrote:
| Put your cable modem in bridge mode and use your own WiFi.
|
| I used to recommend using your own cable modem as well, but these
| days you have to use the Xfinity modem to avoid overages if
| you're in a market with data caps.
|
| Comcast has a stellar network operations unit, but their business
| operations are creepy and exploitative.
| pyuser583 wrote:
| It's creepy there is an Exclude Small Pets mode.
| Squeeeez wrote:
| People here claiming "stick the ISP modem in a microwave oven,
| put on a tin foil hat and use your own device" -- do you truly,
| 100% trust that nobody but you has access to said "own" device?
| transpute wrote:
| Start by implementing AP per-client authentication for Wi-Fi
| client devices.
| notepad0x90 wrote:
| Worth mentioning that unlike some ISPS Xfinity does let you use
| your own DOCSIS modems, which is the ideal way of using an ISP.
| ISP provided gateway's WIFI is not ideal for privacy, security
| and performance.
|
| Comcast in general has a long history of snooping around and
| messing with users' traffic. Not that the alternatives are much
| better. Regular folks are screwed on this matter.
|
| But perhaps for HNers setting up your own trusted WIFI AP and
| routing it (and all other traffic) through an internet gateway
| that routes your traffic over a secure channel (whatever that is
| for you, Tor, VPN services, VPN over your own cloud/vps,etc..) is
| ideal. It goes without saying, your DNS traffic should also not
| be visible to the ISPs.
|
| Keep in mind that they sell all this data (including the motion
| data) not just to law enforcement but to arbitrary well-paying
| data brokers and other clients.
| abuani wrote:
| I really wish Xfinity focused on providing a reliable service
| instead of building out next gen surveillance machines
___________________________________________________________________
(page generated 2025-06-30 23:00 UTC)