9

On a password generator website I came across the following claim among a list of security tips:

If there are WIFI routers in your home, then it's possible to know the passwords you typed (in your neighbor's house) by detecting the gestures of your fingers and hands, since the WIFI signal they received will change when you move your fingers and hands.

Is this accurate? Do hand movements alter a WiFi signal, and if so, is the change measurable and usable in practice to estimate which keys have been pressed?

user2390246
  • 201
  • 1
  • 4
  • 6
    Some of that advice is very dated, some of it is exceedingly paranoid, and some of it is just terrible. I see they recommend salted SHA hashes for storing passwords, they recommend against using a browser's built-in password manager, and they recommend changing passwords every 10 weeks. Without actually doing any research, I'd say you're right to be skeptical. That being said, it [_might_ be feasible](http://www.sciencemag.org/news/2017/04/stray-wi-fi-signals-could-let-spies-see-inside-closed-rooms), though I doubt it would have the resolution or update frequency required. – AndrolGenhald Sep 13 '18 at 15:40
  • 5
    Fascinating. From my robotics and wifi-mapping days, my intuition is that you'd need a very specific scenario to pull this off (laptop's wifi antenna under or very close to your keyboard, attacker has planted a high-precision electromagnetic sensor (ie better than a generic network card) in close proximity to your computer, etc. I would be surprised if this is a bigger risk than sniffing the EM from your keyboard's BUS to the motherboard, or similar attacks. – Mike Ounsworth Sep 13 '18 at 15:42
  • @AndrolGenhald Thanks for the article link, very interesting. It looks as if that information could be used to build a good answer, if you wanted to. – user2390246 Sep 13 '18 at 15:49

1 Answers1

9

The advice, while based on the fact that 2.4 GHz WiFi behaves like radar (in fact, their frequencies are similar), does not mention that there are other, easier ways for a local physical attacker to detect the actual keystrokes being entered. An attacker close enough to pull this off could use the simpler, easier, and more accurate technique called acoustic keyboard eavesdropping. This attack involves using a very sensitive microphone to pick up the unique sounds made by each key on a keyboard as it is hit and using that signal to reconstruct, with high accuracy, what keys were actually pressed.

If they could not do that, then they could use Van Eck phreaking, a technique often referred to by the codename TEMPEST, to eavesdrop on the electromagnetic signals emanating from the keyboard, usually signals coming from the microcontroller or cable from many tens of meters away. This technique can be done on both PS2 and USB keyboards. There are keyboards immune to this, but they are expensive and specialty devices that are not easy for a consumer to obtain.

However, it's important to point out that 2.4 GHz WiFi, even when used as radar, has very poor spacial resolution. After all, the wavelength is 12.5 cm. This means it would take a lot of clever tricks to use it to analyze something as small as a finger. Even if that could not be pulled off, the simple fact is that an attacker near enough to try such an attack has better ways to get your keystrokes.

Glorfindel
  • 2,235
  • 6
  • 18
  • 30
forest
  • 64,616
  • 20
  • 206
  • 257