#PASSWORD TYPING FINGERS CODE#
The attack only works on unencrypted networks, because the authors haven’t yet managed to squeeze both the CSI-grabbing code and Wi-Fi decryption code into the limited firmware space available.The attack relies on modified firmware code that is prone to crashing, which limits its usefulness.The attack only works with one model of Wi-Fi network card, which limits the range of Wi-Fi devices that can be modified for malicious purposes.The paper is mathematically rather technical: it helps if you are already familiar with techniques such as discrete wavelet transforms, dynamic time warping and machine learning.īut the bottom line, in brief, is that the researchers claim modest success in guessing PINs tapped in on mobile phones, based on Wi-Fi interference caused by the fingers doing the tapping.įortunately, the current version of the attack seems to have many limitations: …then they could focus their attention on the moments when they had the best chance of success. Their idea was that if they could get their rogue access point close enough to your phone, then the interference caused even by your fingers moving in front of the on-screen keyboard might produce detectable differences in the CSI data that they measured.Īnd if they could guess when you were about to start entering a PIN using just 10 widely spaced positions on the screen, rather than when you were busy with the more complicated business of navigating through a web form or typing words from the entire keyboard… They used specially modified firmware dowloaded into a Wi-Fi network card to create an access point that could keep track of minute variations in the underlying communication signal and correlate those changes with your typing. That’s the kind of approach that the researchers tried in this paper. You can build up a picture of what the traffic looks like in various parts of the city, and you can guess at what’s causing the various holdups.Īfter all, protesters converging on parliament cause a different pattern of disruption than a pile-up on the airport access road. Now imagine that you have a stream of real-time information about how what route each courier is taking, and how much progress each of them has made so far. When you have numerous independent delivery channnels, your throughput copes much better with localised interference, because you haven’t got all your communication eggs in one basket. In modern Wi-Fi standards, however, connections are much more complex, with each radio channel divided into many sub-channels that transmit in parallel, and multiple antennas that measure different signal paths, thus turning echoes and reflections into an advantage, not a liability.Ĭhopping your radio spectrum into lots of sub-channels is a bit like sending 20 bicycle couriers across town at the same time, each carrying a modest amount of correspondence, instead of stuffing the whole lot in a van and delivering it in one go.
If you remember the cassette tapes on which early home computer programs were stored, you’ll know that there wasn’t much CSI going on: there were typically two sound frequencies, 1200Hz and 2400Hz, and the pitch of the recording warbled between them every few milliseconds to denote zeros and ones. This CSI is short for “channel state information,” a collection of readings that describes what’s happening at the lowest level of the data link between a Wi-Fi sender, such as your laptop, and a receiver, such as as an access point.
#PASSWORD TYPING FINGERS PASSWORD#
Researchers in a team from Shanghai, Boston and Tampa recently published an temptingly titled paper about password stealing.ĭubbed When CSI Meets Public Wi-Fi: Inferring Your Mobile Phone Password via Wi-Fi Signals, the paper makes you think of Crime Scene Investigation, but that’s just a handy collision of acronyms.
0 kommentar(er)
