Hey Guys,

Researchers from the University of Waterloo have discovered a security flaw in WiFi that allows attackers to see and track devices (laptops, smartphones, smartwatches, etc.) through walls. The technique, which even works on password-protected networks, can locate and track a device within 3 feet of its actual location. They exploit the WiFi devices’ automatic contact system and then measure the response times to get an accurate location.

As per the research document that you can read HERE:

“The device, nicknamed Wi-Peep, can fly near a building and then use the inhabitants’ WiFi network to identify and locate all WiFi-enabled devices inside in a matter of seconds.

The Wi-Peep exploits a loophole the researchers call polite WiFi. Even if a network is password protected, smart devices will automatically respond to contact attempts from any device within range. The Wi-Peep sends several messages to a device as it flies and then measures the response time on each, enabling it to identify the device’s location within a meter.”

So, an attacker could be sitting outside your house, tracking exactly where all of your devices are. Or they could modify a drone, fly it around a bank, and see where all of the devices are and, in theory, where the security personnel are. They could also even build a schema of the interior based on WiFi devices’ location. Pretty scary. Imagine what the governments of the world have.

How do you protect yourself?

The researchers proposed a defense strategy that involves flooding the network with traffic, making it next to impossible to track a device as there is too much noise on the network, but this is something that has yet to happen. For now, if you are concerned, you could:

  • Switch to a wired network if possible so WiFi is not part of the equation.
  • Keep your devices switched off when not in use

I will keep you posted on any developments.

All the best,

Max Roberts,
Incognito Privacy Care Team.