Researchers have developed a drone-powered device that can use Wi-Fi networks to identify and locate the electronic devices of residents
Traditional devices to explore Wi-Fi security vulnerabilities are bulky and expensive. Therefore, a research team from the University of Waterloo has developed a drone-powered device named ‘Wi-Peep’ that can fly near a building and utilize the Wi-Fi network of residents to identify and locate all Wi-Fi-enabled devices inside in a matter of seconds. The team built it using a store-bought drone and $20 of easily purchased hardware.
The Wi-Peep makes use of a loophole, researchers call it polite Wi-Fi. Even if a network is password protected, the smart devices will automatically respond to contact attempts from any device within range. While flying, Wi-Peep sends numerous messages to every device to measure the response time on each, enabling it to identify the device’s location within a meter.
“The Wi-Peep devices are like lights in the visible spectrum, and the walls are like glass,” Dr. Ali Abedi, an adjunct professor of computer science at Waterloo. “Using similar technology, one could track the movements of security guards inside a bank by following the location of their phones or smartwatches. Likewise, a thief could identify the location and type of smart devices in a home, including security cameras, laptops, and smart TVs, to find a good candidate for a break-in. In addition, the device’s operation via drone means that it can be used quickly and remotely without much chance of the user being detected.”
“On a fundamental level, we need to fix the Polite Wi-Fi loophole so that our devices do not respond to strangers,” Abedi said. “We hope our work will inform the design of next-generation protocols.”
Further, the researchers urge Wi-Fi chip manufacturers to implement an artificial, randomized variation in device response time, which will make calculations like the ones the Wi-Peep uses wildly inaccurate.
Click here for the Published Research Paper