Modern Wi-Fi doesn't just give you fast browsing, it also imprints some of your finger movements – swipes, passwords and PINs – onto the radio signal.
A group of researchers from the Shanghai Jaio Tong University, the University of Massachusetts at Boston, and the University of South Florida have demonstrated that analysing the radio signal can reveal private information, using just one malicious Wi-Fi hotspot.
In this paper, published by the Association of Computing Machinery, they claim covert password snooping as high as 81.7 per cent, once their system has enough training samples.
It's an attack that wouldn't work if you had a primitive Wi-Fi setup with just one antenna, because it relies on the sophisticated beam-forming implemented in Multiple-Input, Multiple-Output (MIMO) antenna configurations.
(Score: 0) by Anonymous Coward on Monday November 14 2016, @07:59PM
What's a password?
(Score: 2, Disagree) by bob_super on Monday November 14 2016, @08:22PM
Not only should you not type important passwords on any phone, but you should use Dvorak anyway.
QWERTY was designed to slow people using 10 fingers, remember?
(Score: 1, Insightful) by Anonymous Coward on Monday November 14 2016, @09:03PM
You're not advocating SSH keys? Turn in your geek card.
(Score: 4, Insightful) by edIII on Monday November 14 2016, @09:14PM
Maybe. SSH keys are just as vulnerable. I don't know about you, but when I first use a key I need to enter a ~60 character password to decrypt my SSH key before use.
Phones are intrinsically unsecured devices because they are not ours. More so than a PC (before Windows 10) because I don't need to fight tooth and nail against a manufacturer to gain an unlocked boot loader on my own fucking equipment that I fucking paid for. I don't install apps on my phone, enter calendar contacts, nothing. Just a burner line for the convenience of routing calls to me while I'm out of the office.
This method is not just useful against coffee shops and hot spots, but could very useful to perform surveillance in other areas, including corporate ones. With this technology surveying us, only biometrics alone could protect us, or your attaching a USB key with your security credentials to use on the device.
A lot more than just a password sniffer here. This is a full wireless keylogger that is more accurately recording all physical movement in the room similar to technology straight out of a Batman movie.
Technically, lunchtime is at any moment. It's just a wave function.
(Score: 3, Informative) by Atreidin on Monday November 14 2016, @09:31PM
I hope you're joking as that myth [economist.com] has been debunked [smithsonianmag.com] for a while now.
(Score: 3, Disagree) by bob_super on Monday November 14 2016, @10:40PM
It's been debunked so thoroughly that wikipedia still presents it as the leading theory, while also mentioning that other one you linked.
It might be because your links like certainty and only present the Telegraph Theory as as likely possibility, no more demonstrated by proof than the No-Jam one.
Do we have a case of Galileo vs earth-centrism, or a case of Republicans vs Global Warming? I don't know, and I just learnt something, but "debunked" to the point of "joking", this is not.
(Score: -1, Redundant) by Anonymous Coward on Tuesday November 15 2016, @02:40PM
Yes, I remember reading that myth, and I also remember reading a debunking of it.
(Score: 1) by butthurt on Monday November 14 2016, @08:43PM
It's called Shanghai Jiao Tong University not
Shanghai Jaio Tong University.
(Score: 3, Touché) by Hawkwind on Tuesday November 15 2016, @12:16AM
I think you meant 上海交通大学