It's not much of a stretch to imagine that intelligence agencies have been heavily invested in this area and are far ahead of public research, given signals intelligence has basically been their bread and butter since forever. Moreover, Stuxnet was so advanced for the time that its existence stunned the world.
Keystrokes can be captured indirectly via audio analysis, electromagnetic emissions from wiring, and now RF imaging techniques looking at finger movements. Wouldn't be surprised if they can create multi-modal composite models to attain higher accuracy, or if RF imaging is able to capture lip/jaw movements these days.
The really sexy part is probably what they're able to do with fixed wing airborne platforms, where you can afford to pack ridiculously high-end sensors and local computing power on board.
It still weirds me out to think that a gimmick from 2008's The Dark Knight is more or less a reality now, or will be soon if it already isn't.
They were busy snoring when it came to 9/11. Fake WMDs, never ending wars against goat herders, snowden, not to mention 13 Russians who apparently swung an election.
If someone is busy triggering mail bombers and lunatic shooters just by targeting and upvoting their posts on social media what's all this sci-fi stuff good for? The more complex the world gets the more pointless all this superficial gimmickry looks.
Just look at the budgets thrown at these agencies. Its frankly sickening.
I full expect that our online speech from bunkers will be eventually the only thing that is hard to decrypt.
We will be tracked 24/7 by our gait and shape and facial recognition with handoffs between drones and tiny street level cameras, or perhaps to make things easier we may just be tagged eventually with a non invasive RF sensor or coating. Metadata of who you visited or interacted with will be analyzed for patterns with machine learning. Items you order will be tagged and possibly interdicted as it becomes cheaper and cheaper to do so. People won’t be able to organize anything dangerous because the state (which at that time will be 99% just AI) will already have predicted that the same way AlphaGo would predict any chess combination. Any uprising will be pre emptively quelled using pinpoint nanobots which were deposited to lie dormant in everyone’s bodies until activated. States will endure forever.
Speaking of those nanobots, once you have them in people’s bodies they can report back all your whereabouts and activities. It’s easy enough to get them in via people’s food and water supply.
The main hiccups will be in the early years as the nanobot swarms are still clumsy and may reveal themselves before they learn how to stay in an organism without getting washed out so easily and without triggering an immune response.
>Moreover, Stuxnet was so advanced for the time that its existence stunned the world.
Not technically advanced. It was using a collection of 0-day exploits to get into a PC via a USB drive. Any basic hacker could accomplish that with existing exploit tooling.
What was so advanced about it was the coordination to enable it. The collection of 0-day exploits, the knowledge of the architecture of the centrifuge, and the engineering expertise to compromise the centrifuges in a non-obvious way.
Stuxnet was incredibly simple technologically, but it was distilled down to exactly what it needed to do and delivered to just the right people by an advanced vast intelligence apparatus. It did not depend on any breakthroughs in signals, encoding, hardware, etc. I'm not suggesting they aren't capable of technological breakthroughs, but stuxnet definitely isn't an example of one.
My first job in tech as a teenager (2007 or so) was doing blueprint analysis and WiFi Access Point placement for a US Defense contractor in the Midwest.
While working on one of the buildings with some missile guidance programs, I found a small room in the center of the building that had twelve inch thick concrete walls and a thick steel door. Determined to do my job, I experimented with placing several access points near this room until I found a combination that would force enough signal to connect through those walls. I had the telecom team pull wires, a month later I threw some WAPs in my backpack and installed them.
A week later I got an email marked urgent demanding that my team turn off these access points immediately. I complied, but asked what exactly the concern was. They mentioned that by bouncing WiFi signals, a van parked in the parking lot could monitor the activity in any room they wanted.
At the time I thought they were crazy, and at times I've told this story to demonstrate how paranoid that company was. Looks like there was some real basis to their concern.
It's called an active emanation attack. Passive attacks interpret the electromagnetic signals that electronic devices naturally emanate. They try to reconstruct what the original information was. The active attacks work by doing the equivalent how you see trees at night with a flashlight: they hit the target with a signal, it is affected by what's there, it bounces back, and you get a distorted version of whatever that was. EMSEC standards, esp TEMPEST shielding, were invented to mitigate as much of that as possible. Although it's classified, there's been a number of sites talking about public and some declassified info.
I don't have the link to old site everyone in hacking community used. Here's one provider that describes it nicely plus illustrates what the products look like. They used to be way bulkier.
Here's the quote that first taught me about the risk you described:
"A STU-III is a highly sophisticated digital device; however, they suffer from a particular nasty vulnerability to strong RF signals that if not properly addressed can cause the accidental disclosure of classified information, and recovery of the keys by an eavesdropper. While the unit itself is well shielded, the power line feeding the unit may not have a clean ground (thus negating the shielding)... The best way to deal with this is to never have a cellular telephone or pager on your person when using a STU, or within a radius of at least thirty feet (in any direction) from an operational STU (even with a good ground). If the STU is being used in a SCIF or secure facility a cell phone is supposed to be an excluded item, but it is simply amazing how many government people (who know better) forget to turn off their phone before entering controlled areas and thus cause classified materials to be compromised."
These are also another piece of evidence for two claims I often make: mainstream security folks don't produce devices that are actually secure; NSA/DOD are opponents of securing American infrastructure. On the first, high-assurance security and NSA certifications for TS/SCI demanded EMSEC since they were known attacks, esp by US and Russia. Mainstream ignored them mostly for "secure" products with only a handful trying to do something.
The second claim is from fact that security agencies misled U.S. companies and individuals about these risks specifically so they could use the attacks on them if needed. Although I don't recall if current, they also refused to sell TEMPEST-certified systems outside Defense in the past. So, NSA and pals were known to keep us vulnerable on purpose long before Snowden leaks. I've been griping about and trying to raise awareness of it for some time. Examples:
BTW you don't need rocket science to find out who is back home in your neighborhood, or the other room etc. As most people carry phones in pockets/bags so it is enough to just log clients' MAC addresses in WiFi promiscuous mode and then correlate them.
By moving a wifi adapter in a 2d scan pattern, you could presumably create a virtual 2d sensor and then treat anything between you and where you are wanting to image as the diffuser.
Quite an awesome usecase would be to use this for perimeter security, like securing your house and cars. In my locality camera's are in a legal grey zone: the police applauds them for use in case of crime, but because of privacy laws you're not supposed to film other peoples houses and whereabouts. This would enable you to track movements without camera's. Software would make it easy to only give you signals when somebody or something moves on your property at night. All I would need is some machine learning to learn about rabbits, cats and foxes. Or you could have cameras that only turn on in case of movement on your property, hence triggering (I would hope) the legitimate interest provision in the GDPR.
It doesn’t matter whether you track people using a camera, ultrasound, WiFi signals or even manually by watching them from your window and keeping book about their coming and goings, what matters is that you process “their” data. So using a different technology to perform the surveillance doesn’t free you from privacy laws.
This article implies that WiFi is a privacy concern, but wouldn't any other RF signal work just as well? A bad actor could just create their own signal if you somehow protect your WiFi. That would probably be more effective anyway because they would know exactly where the signal was coming from and could choose a frequency for this application.
Of course it would. And yes, "bring your own emitter" would make things easier, but the point of using Wi-Fi is that it's already there, and you can use it passively. Any RF in reasonable range would work too, including visible light.
Cue military applications, where snipers can now kill you in the safety of your own home with a wall piercing bullet and a scope with a wifi based image overlay.
And a few years later the FBI will be using the tech to shoot people's wives after tricking them into violating some technicality of firearms law (just one example of abuse, plenty of others exist).
Then a decade or two later every patrol car will have the tech.
Trickle down effect is very real for law enforcement.
Any RF signal will work, but some work better than others. Wi-Fi is awesome for this for several reasons.
1. Having a source inside the house instead of outside is better because you lose, say, 15dB when you go through the wall; this is comparable to what a two-way mirror does to visible light. If you have to illuminate the house from outside using RF energy, you have to deal with much stronger reflections from things outside the house.
2. RF wavelengths that are too short will be badly attenuated by things like walls and doors. You can already notice this with 5GHz 802.11a Wi-Fi; if you have a few walls between you and the AP, the 2.4GHz signal usually works better. The problem gets worse at higher frequencies. (You may have noticed that many walls attenuate visible light, which is RF in the 500THz band, rather strongly.)
3. RF wavelengths that are too long provide much poorer spatial resolution. Outside the near field, your imaging resolution is limited by diffraction to about the wavelength. So you can see a person who's illuminated by the 99.5MHz emissions from your favorite heavy metal station only if their diameter is on the order of 3 m or more, and you can see their movements when they move on the order of 3 m or more. By contrast, 2.4 GHz gives you 120-mm resolution, and 5 GHz gives you 60-mm resolution. For typical humans, these are more useful.
(However, my friend Florian has done good work on passively detecting airplanes using radio illuminations from TV stations, which could be super helpful the next time the US comes to bomb your country, even if he does use Lagrange interpolation instead of B-splines like any normal person would; check it out: https://ieeexplore.ieee.org/document/8115293.)
Also! Having walls be super transparent, as they are at these longer wavelengths, is not entirely an advantage. It makes it harder to distinguish between signals from things in one building and signals from things in another.
If you want to listen to Wi-Fi signal strength changes in real time — including when someone moves around — try https://canonical.org/~kragen/sw/dev3/wifiscan.py. It depends only on Python (3 or recent 2) and PulseAudio. (MacOS hackers, consider upgrading to Linux. Apple's removal of your Esc key shows that they hate you and want you to die.)
[+] [-] rl3|7 years ago|reply
It's not much of a stretch to imagine that intelligence agencies have been heavily invested in this area and are far ahead of public research, given signals intelligence has basically been their bread and butter since forever. Moreover, Stuxnet was so advanced for the time that its existence stunned the world.
Keystrokes can be captured indirectly via audio analysis, electromagnetic emissions from wiring, and now RF imaging techniques looking at finger movements. Wouldn't be surprised if they can create multi-modal composite models to attain higher accuracy, or if RF imaging is able to capture lip/jaw movements these days.
The really sexy part is probably what they're able to do with fixed wing airborne platforms, where you can afford to pack ridiculously high-end sensors and local computing power on board.
It still weirds me out to think that a gimmick from 2008's The Dark Knight is more or less a reality now, or will be soon if it already isn't.
[+] [-] kopo|7 years ago|reply
They were busy snoring when it came to 9/11. Fake WMDs, never ending wars against goat herders, snowden, not to mention 13 Russians who apparently swung an election.
If someone is busy triggering mail bombers and lunatic shooters just by targeting and upvoting their posts on social media what's all this sci-fi stuff good for? The more complex the world gets the more pointless all this superficial gimmickry looks.
Just look at the budgets thrown at these agencies. Its frankly sickening.
[+] [-] EGreg|7 years ago|reply
We will be tracked 24/7 by our gait and shape and facial recognition with handoffs between drones and tiny street level cameras, or perhaps to make things easier we may just be tagged eventually with a non invasive RF sensor or coating. Metadata of who you visited or interacted with will be analyzed for patterns with machine learning. Items you order will be tagged and possibly interdicted as it becomes cheaper and cheaper to do so. People won’t be able to organize anything dangerous because the state (which at that time will be 99% just AI) will already have predicted that the same way AlphaGo would predict any chess combination. Any uprising will be pre emptively quelled using pinpoint nanobots which were deposited to lie dormant in everyone’s bodies until activated. States will endure forever.
Speaking of those nanobots, once you have them in people’s bodies they can report back all your whereabouts and activities. It’s easy enough to get them in via people’s food and water supply.
The main hiccups will be in the early years as the nanobot swarms are still clumsy and may reveal themselves before they learn how to stay in an organism without getting washed out so easily and without triggering an immune response.
[+] [-] ww520|7 years ago|reply
[+] [-] hueving|7 years ago|reply
Not technically advanced. It was using a collection of 0-day exploits to get into a PC via a USB drive. Any basic hacker could accomplish that with existing exploit tooling.
What was so advanced about it was the coordination to enable it. The collection of 0-day exploits, the knowledge of the architecture of the centrifuge, and the engineering expertise to compromise the centrifuges in a non-obvious way.
Stuxnet was incredibly simple technologically, but it was distilled down to exactly what it needed to do and delivered to just the right people by an advanced vast intelligence apparatus. It did not depend on any breakthroughs in signals, encoding, hardware, etc. I'm not suggesting they aren't capable of technological breakthroughs, but stuxnet definitely isn't an example of one.
[+] [-] marstr|7 years ago|reply
While working on one of the buildings with some missile guidance programs, I found a small room in the center of the building that had twelve inch thick concrete walls and a thick steel door. Determined to do my job, I experimented with placing several access points near this room until I found a combination that would force enough signal to connect through those walls. I had the telecom team pull wires, a month later I threw some WAPs in my backpack and installed them.
A week later I got an email marked urgent demanding that my team turn off these access points immediately. I complied, but asked what exactly the concern was. They mentioned that by bouncing WiFi signals, a van parked in the parking lot could monitor the activity in any room they wanted.
At the time I thought they were crazy, and at times I've told this story to demonstrate how paranoid that company was. Looks like there was some real basis to their concern.
[+] [-] nickpsecurity|7 years ago|reply
I don't have the link to old site everyone in hacking community used. Here's one provider that describes it nicely plus illustrates what the products look like. They used to be way bulkier.
http://sst.ws/what-is-tempest.php
Some more links. Elovici's lab is at the forefront of new attacks.
http://www.elastic.org/~fche/mirrors/www.cryptome.org/nsa-te...
http://tempest-inc.com/
https://en.wikipedia.org/wiki/Yuval_Elovici
Here's the quote that first taught me about the risk you described:
"A STU-III is a highly sophisticated digital device; however, they suffer from a particular nasty vulnerability to strong RF signals that if not properly addressed can cause the accidental disclosure of classified information, and recovery of the keys by an eavesdropper. While the unit itself is well shielded, the power line feeding the unit may not have a clean ground (thus negating the shielding)... The best way to deal with this is to never have a cellular telephone or pager on your person when using a STU, or within a radius of at least thirty feet (in any direction) from an operational STU (even with a good ground). If the STU is being used in a SCIF or secure facility a cell phone is supposed to be an excluded item, but it is simply amazing how many government people (who know better) forget to turn off their phone before entering controlled areas and thus cause classified materials to be compromised."
These are also another piece of evidence for two claims I often make: mainstream security folks don't produce devices that are actually secure; NSA/DOD are opponents of securing American infrastructure. On the first, high-assurance security and NSA certifications for TS/SCI demanded EMSEC since they were known attacks, esp by US and Russia. Mainstream ignored them mostly for "secure" products with only a handful trying to do something.
The second claim is from fact that security agencies misled U.S. companies and individuals about these risks specifically so they could use the attacks on them if needed. Although I don't recall if current, they also refused to sell TEMPEST-certified systems outside Defense in the past. So, NSA and pals were known to keep us vulnerable on purpose long before Snowden leaks. I've been griping about and trying to raise awareness of it for some time. Examples:
https://www.schneier.com/blog/archives/2011/08/business_week...
https://www.schneier.com/blog/archives/2014/03/friday_squid_...
[+] [-] imhoguy|7 years ago|reply
[+] [-] doikor|7 years ago|reply
[+] [-] forcer|7 years ago|reply
[+] [-] starbeast|7 years ago|reply
By moving a wifi adapter in a 2d scan pattern, you could presumably create a virtual 2d sensor and then treat anything between you and where you are wanting to image as the diffuser.
[+] [-] imhoguy|7 years ago|reply
[+] [-] fulafel|7 years ago|reply
(There has been previous research published from MIT on the same topic[1], so this was not ovious)
[1] https://www.technologyreview.com/s/415539/wireless-network-m...
[+] [-] chopin|7 years ago|reply
- https://developer.android.com/reference/android/net/wifi/Wif...
and
https://developer.android.com/reference/android/net/wifi/Sca...
which seems to give very fine grained information about WiFi strength of any network in the vicinity.
[+] [-] wjnc|7 years ago|reply
[+] [-] ThePhysicist|7 years ago|reply
[+] [-] mattmanser|7 years ago|reply
[+] [-] nakedrobot2|7 years ago|reply
[+] [-] turblety|7 years ago|reply
https://cdn0.tnwcdn.com/wp-content/blogs.dir/1/files/2015/10...
In reality a thermal camera might give better results, maybe even from further away too.
[+] [-] pdimitar|7 years ago|reply
[+] [-] foreigner|7 years ago|reply
[+] [-] TeMPOraL|7 years ago|reply
[+] [-] pasta|7 years ago|reply
So high frequency motion detection is already used in a wide range of applications.
But I think 'seeing' should be taken with a grain of salt. Yes you can detect motion behind a wall but creating an image is some steps away.
[+] [-] Tharkun|7 years ago|reply
[+] [-] dsfyu404ed|7 years ago|reply
Then a decade or two later every patrol car will have the tech.
Trickle down effect is very real for law enforcement.
[+] [-] chopin|7 years ago|reply
[+] [-] unknown|7 years ago|reply
[deleted]
[+] [-] gavinmckenzie|7 years ago|reply
[+] [-] madengr|7 years ago|reply
[deleted]
[+] [-] geggam|7 years ago|reply
[+] [-] kuroguro|7 years ago|reply
[+] [-] jonnycomputer|7 years ago|reply
[+] [-] kragen|7 years ago|reply
Any RF signal will work, but some work better than others. Wi-Fi is awesome for this for several reasons.
1. Having a source inside the house instead of outside is better because you lose, say, 15dB when you go through the wall; this is comparable to what a two-way mirror does to visible light. If you have to illuminate the house from outside using RF energy, you have to deal with much stronger reflections from things outside the house.
2. RF wavelengths that are too short will be badly attenuated by things like walls and doors. You can already notice this with 5GHz 802.11a Wi-Fi; if you have a few walls between you and the AP, the 2.4GHz signal usually works better. The problem gets worse at higher frequencies. (You may have noticed that many walls attenuate visible light, which is RF in the 500THz band, rather strongly.)
3. RF wavelengths that are too long provide much poorer spatial resolution. Outside the near field, your imaging resolution is limited by diffraction to about the wavelength. So you can see a person who's illuminated by the 99.5MHz emissions from your favorite heavy metal station only if their diameter is on the order of 3 m or more, and you can see their movements when they move on the order of 3 m or more. By contrast, 2.4 GHz gives you 120-mm resolution, and 5 GHz gives you 60-mm resolution. For typical humans, these are more useful.
(However, my friend Florian has done good work on passively detecting airplanes using radio illuminations from TV stations, which could be super helpful the next time the US comes to bomb your country, even if he does use Lagrange interpolation instead of B-splines like any normal person would; check it out: https://ieeexplore.ieee.org/document/8115293.)
Also! Having walls be super transparent, as they are at these longer wavelengths, is not entirely an advantage. It makes it harder to distinguish between signals from things in one building and signals from things in another.
If you want to listen to Wi-Fi signal strength changes in real time — including when someone moves around — try https://canonical.org/~kragen/sw/dev3/wifiscan.py. It depends only on Python (3 or recent 2) and PulseAudio. (MacOS hackers, consider upgrading to Linux. Apple's removal of your Esc key shows that they hate you and want you to die.)
[+] [-] Crespyl|7 years ago|reply
[+] [-] ww520|7 years ago|reply
[+] [-] module0000|7 years ago|reply
[+] [-] jobigoud|7 years ago|reply
[+] [-] dylanz|7 years ago|reply
[+] [-] equalunique|7 years ago|reply
[+] [-] vorpalhex|7 years ago|reply
[+] [-] rydogg|7 years ago|reply