Researchers Issue Warning About using WiFi Routers as Surveillance Tech
An Anonymous Coward writes:
Researchers Identify People Through Ordinary Wi-Fi Routers With 99.5% AccuracyResearchers at the Karlsruhe Institute of Technology (KIT) in Germany say ordinary WiFi networks can be used to identify people with an eerie amount of accuracy.
In a study, the researchers describe using beamforming feedback information (BFI) and machine learning models to identify people walking within a network's range. The team found that this BFI-based technique was able to infer a person's identity with 99.5% accuracy. They presented their findings at the ACM's Conference on Computer and Communications Security last November.
Arthur T Knackerbracket writes:
The system, called BFId, requires no specialized hardware, no access to the target Wi-Fi network, and works even if the person being tracked isn't carrying a wireless device. The team tested the attack on 197 participants, the largest dataset ever used in Wi-Fi-based identification works, and plans to present its findings at the ACM Conference on Computer and Communications Security (CCS) in Taipei.
BFId exploits a different data source: beamforming feedback information (BFI). Introduced in Wi-Fi 5 (802.11ac), beamforming allows access points to steer transmissions toward specific clients. To do this, connected devices periodically measure the wireless channel and send compressed feedback back to the router, which is then broadcast unencrypted on the MAC layer, meaning any Wi-Fi adapter set to monitor mode can capture it passively.
A single eavesdropping device can record BFI from every client on a network simultaneously, capturing multiple perspectives of any person in the area. CSI-based attacks, by contrast, only capture one perspective per malicious node.
The researchers found that BFI substantially outperformed CSI in identification accuracy despite being a lossy, lower-resolution derivative of CSI data. On the same 170-person subset, BFI achieved 99.5% accuracy compared to 82.4% for CSI. The paper attributes this to BFI's compression acting as a form of noise filtering, and to higher spatial resolution, with each BFI data point containing 740 features versus 212 for CSI.
The team tested several potential mitigations, such as reducing the frequency of beamforming reports, which had minimal effect on BFI accuracy, even at heavily degraded sample rates. Encrypting BFI transmissions would require changes to the Wi-Fi standard and could break backward compatibility with existing devices.
"The technology is powerful, but at the same time entails risks to our fundamental rights, especially to privacy," Professor Thorsten Strufe from KASTEL, KIT's cybersecurity institute, said in a press release published on Science Daily.
The researchers noted that IEEE published the 802.11bf amendment in 2025, which formally standardizes Wi-Fi sensing for applications like presence detection and environment monitoring. The team argues the standard lacks adequate privacy protections and is calling for safeguards to be added before Wi-Fi sensing becomes widely deployed.
Original Submission #1 Original Submission #2
Read more of this story at SoylentNews.