MIT Demos Wi-Fi That's So High-Tech It Doesn't Need a Password

An anonymous reader shares an article on MIC: Researchers at the Massachusetts Institute of Technology want to change how we connect to Wi-Fi. To avoid the cumbersome network login process, a team has come up with a way to grant computers access to a Wi-Fi network based on their proximity to a router. Applied practically, that means you could walk into a cafe and your device would automatically connect to a network -- no annoying password necessary. The same could be true for a home network. When your friends come over, they could immediately be granted access to your Wi-Fi. The paper (PDF), sadly, doesn't offer details on the security aspect. Security researchers advise that one should be careful when connecting to a public Wi-Fi. Say you forget to turn off Wi-Fi on your device, and you walk into a cafe. Your phone will automatically establish a connection with this supposed network. If the network is compromised, plenty of devices will be exposed to attack.

Cool

It's like every open access point ever. Range-limited authentication. Great work MIT. Patent that shit.

Re:Cool

[xxxJonBoyxxx]

This is why certain people shouldn't read SlashDot on...April Fools Day.

(In fact, I'm only here today to watch and comment on the OVER-reaction of people who don't realize what SlashDot becomes on April 1.)

Re:Cool

[Wycliffe]

This is why certain people shouldn't read SlashDot on...April Fools Day.

(In fact, I'm only here today to watch and comment on the OVER-reaction of people who don't realize what SlashDot becomes on April 1.)

Sadly, this was first posted yesterday and appears to possibly not be an April Fool's joke.

Re:Cool

[JustAnotherOldGuy]

I have mod points, but using them on April Fools day seems like shooting blanks at the Moon- pointless and/or meaningless.

Which, now that I think of it, makes me wonder if my mod points are actually real or not....

Ah well, perhaps it's best to wait a few days until all the posts about solar-powered slippers and helium-filled paperweights have ceased being posted.

Re:Cool

[MindStalker]

Honestly, I think the idea of being able to specify and exact perimeter does make sense in some cases. Essentially it means "if you can get inside this door, you can access the wifi".
A fun application of this could be having internet and no internet rooms so people A more practical example might be for conferences or conventions where you what to provide free wifi to your guest.

Re:Cool

I would hope they would not use range as a determination for access, could be spoofed by high gain antennas.
Better would be a measurement of time to respond to a ping.

Re:Cool

I have mod points

No one fucking cares.

Re:Cool

So that's how all those porn torrents were downloaded to my IP your honor.

Re:Cool

[phantomfive]

This one is actually pretty good.....instead of being an out-right lie, it seems like something that could be plausible.......and then suddenly you realize not only is it plausible, it's the original configuration for wifi, and you were trolled in a completely different way than what you expected.

In other words, you have to actually think or understand the technology to see why it's a lie.

Re: Cool

[AvitarX]

I've always wondered why I can't to passwordless, but encrypted Wi-Fi.

I can do it with a credit card.

It shouldn't be that hard to do, at least for phones where you can side channel a trusted cert over mobile do avoid MITM.

Re:Cool

[PPH]

This is why certain people shouldn't read SlashDot

Read it? I barely parse the subject line before formulating a response.

Re:Cool

[GuB-42]

It looks like serious research.
The paper is actually about localizing Wi-Fi users with a single access point. The rest is just potential applications.

Re:Cool

No one fucking cares that you wish to express that no one fucking cares.

Re: Cool

There are proposed standards for it, but I think there is a lack of interest in the industry. WISPr is one such standard I think.

Re:Cool

I expect the variability of response times is too great for that to be reliable.

Re:Cool

[Bengie]

My wifi might have a 200' range, but being able to say only authenticate if within 20' is still useful. Before you "whoosh", I did understand the joke :-)

Re:Cool

[ClickOnThis]

My wifi might have a 11001000' range, but being able to say only authenticate if within 10100' is still useful.

FTFY. Happy April 1. Love, Slashdot.

Re:Cool

[beanpoppa]

It doesn't have to be consistent. A person beyond distance x would NEVER be able to respond within a specified time-frame. We are talking about latency measurements on the scale of nanoseconds, which could certainly be done in hardware, if not software. If I measure the response time to someone and determine that the minimum response time of a beacon is 50ns, then I can be assured that they are not more than (about) 26 feet away.

Re:Cool

[dcooper_db9]

When I first checked Slashdot this morning they hadn't vandalized the site yet. I actually thought new ownership might bring an end to this. Slashdot on April Fools is like listening to a 30 year old telling knock-knock jokes.

Re:Cool

[KGIII]

No... I care.

You might think I'm kidding but I do care. Why? Meh, it's interesting and I like interesting things. It's well worded, well reasoned, and that they've got mod points is the reason for their post.

So, no... I care. Thus you, you are still wrong. And, obviously, they care. That's at least two people who care. I bet there are more people who care, perhaps not a lot nor caring a lot, so you're probably even more wrong. Why you'd post such obviously wrong things is beyond me. It's obvious that they care, or they'd have not posted it. Right there you should know that your statement is false.

You also care, or you'd have not taken the time to post that. You care enough to demonstrate it by posting about it. If you didn't care, you'd not say anything. But, instead, you care - even if it's just a little and you only care enough to express that you don't care, you do - in fact, care.

Today's not your day for being witty, insightful, or correct.

Re:Cool

[Noughmad]

Slashdot, much like the language it was originally written in (Perl), is write-only.

Re: Cool

I normally get ready to fire of a few insults before even looking at the subject.

Re: Cool

[TechyImmigrant]

I've always wondered why I can't to passwordless, but encrypted Wi-Fi.

I can do it with a credit card.

It shouldn't be that hard to do, at least for phones where you can side channel a trusted cert over mobile do avoid MITM.

Because without some arrangement beforehand (establishing trust in a cert signer, establishing a key etc) MITM is always possible, and on a wireless connection, trivial.

What should be possible but generally isn't, is SSH style session continuation, where you're vulnerable in the initial session where you agree on the other end you're connecting to being the other end, but keys are stored and provided you were not MITMed the first time, subsequent sessions will use the keys and you will be ok from there on. This is practical, doesn't require passwords or certs or PKI and while it isn't perfect, it raises the bar quite a bit.

Re: Cool

[AvitarX]

Also, I think they should be able to side channel certs over mobile, for at least as much security as SSL.

That wouldn't work for laptops, but would for phones.

Another way would be to allow the cert to be checked post authentication over the internet, you could use SSL to check the cert, and see if it's properly signed or was a MITM (I assume this would work because you can't (in theory) MITM SSL). There's no reason the initial connection needs to be secure, it can be open, and then verified before it is trusted and used past authentication (this would require internet WiFi, and not LAN only).

It surprises me that it hasn't been developed, as companies that are setting up mobile hotspots have a vested interest in this I'd think (and Xfinity is hardly a small corp).

Re:Cool

There's a subject now?

Re:Cool

No one fucking cares that you wish to express that no one fucking cares.

I care but i don't fuck

Passwords not needed?

Because who wants a network to be secure these days? Secure networks sound like encryption, and we all know who uses encryption. Terrorists.

Re:Passwords not needed?

I've heard that the terrorists are using an encryption method called "plain text."

Just like open networks?

[danbob999]

Applied practically, that means you could walk into a cafe and your device would automatically connect to a network -- no annoying password necessary

Why would a cafe need a password? Are those leeching in front of the cafe to get WiFi without buying anything a real problem? And if it is, aren't they smart enough to walk in to get the password and walk out again without buying anything?

Re:Just like open networks?

[Joe_Dragon]

Some places make you buy something to get the code or you need to ask.

Some hotels are like that there is a basic code that may or may not change and it's a cheap and easy way to keep non guests off.

Re:Just like open networks?

Only a fool would think it's necessary.

Re:Just like open networks?

Those people are called "authors," and they hang around all day leeching not only the WiFi, but also taking up a whole table for the day for the price of a single cup of (albeit overpriced) coffee.

Re:Just like open networks?

[Coisiche]

And it doesn't really cater for buildings with multiple occupancy; the people outside your premises walls may not get access but people on the floor above or the floor below are going to be nearer.

What's that line in Star Trek II? Something like "Khan may be remarkably intelligent but his tactics seem to be exhibiting two dimensional thinking".

Re: Just like open networks?

[AvitarX]

Security, you encrypt the connections and don't allow clients to talk.

Re:Just like open networks?

[phishybongwaters]

Because of something magical. WIFI blocking building material and paint. No, this isn't a joke, yes you can buy the paint right now. It blocks wifi signals, so they can't get in (clean room) and they can't get out (secure). I know of approximately zero people and zero enterprises actually using this, but the technology is there. And I'd be willing to use it in my home for a few reasons. 1) to block my annoying neighbors from even ATTEMPTING to get into my network. 2) to create interference free rooms, where my signal is not fighting your signals and channels. A cafe could, for instance, use this and for the most part stop you from accessing the AP from outside. It's not going to be 100%, you aren't painting your windows of course, but it will degrade the signal enough to make it a pain in the ass to try to leech it.

Re:Just like open networks?

[danbob999]

Is it worth it to piss off your customers with passwords? How many non-customers do they avoid because of that? What is the impact on the bandwidth?

Re:Just like open networks?

[MobileTatsu-NJG]

Security. It protects fools, children, and ships named Enterprise.

Re:Just like open networks?

[Joe_Dragon]

well don't drop the soap when one of your non customers does some CP over your link and you are the one doing the hard time.

Re:Just like open networks?

Sadly, the paint only comes in two fairly similar tones of hot pink. It also smells faintly of urine but you can barely tell unless it's a hot day outside.

Re:Just like open networks?

[mattventura]

I don't think it's a huge burden. First-time customers would have to put in the password, but it's not like they're going to say "oh, you're making me put in a password for the wifi? I'll go eat somewhere else". Non-first-timers would already have the password saved.

Re:Just like open networks?

[ClickOnThis]

Good luck with that. Building materials and paint that block WiFi probably would also block cell-phone service. I doubt the café clientèle will go for that.

Re:Just like open networks?

Why would a cafe need a password? Are those leeching in front of the cafe to get WiFi without buying anything a real problem? And if it is, aren't they smart enough to walk in to get the password and walk out again without buying anything?

Our yarn store provides open WiFi. No password. And two comfy chairs with a plug strip and USB chargers next to them. Bored husbands can sit there all day with the interwebs while their wives umm and ah over worsted vs. fingering weight.

Gay guys never come in as a couple. They knit though. So no WiFi for them.

Gay women always come in as a couple, then spend longer because there are two of them arguing over yarn selections.

Re:Just like open networks?

[TechyImmigrant]

Blocking the WiFi is good. Reduced inter cell interference.
But what blocks the WiFi also blocks the cell phone.

Re:Just like open networks?

[Wycliffe]

I don't think it's a huge burden. First-time customers would have to put in the password, but it's not like they're going to say "oh, you're making me put in a password for the wifi? I'll go eat somewhere else". Non-first-timers would already have the password saved.

But if you don't change the password at least semi-regularly then it's trivial for the password to be leaked to those same non-customers. The most secure (and annoying) system is where the password is on your receipt and is specific to you. There is a coffeeshop in my town that does that and also has it expire after 1 hour. No idea if it meets their business goals or not but they somehow manage to still have one of the slowest connections in town so I rarely go there.

Re:Just like open networks?

Our yarn store provides open WiFi. No password. And two comfy chairs with a plug strip and USB chargers next to them. [...] while their wives umm and ah over worsted vs. fingering weight.

Why you naughty, Naughty Dirty Girl.

A series of pringles can antennas

Relying on latency is a great idea. It'll always work in crowded spectrum environments, yessiree.

April fools or is someone just lazy

Connecting to a "secure" wi-fi based on proximity is probably not the best idea for most situations. Most Wi-fi that is open to the public doesn't use a password anyways making the "difficulty" of connecting to it moot, and in situations where you do want security it creates a major vulnerability (all someone has to do is get close enough to the router). Sounds like a "solution" looking for a problem that doesn't really exist.

Re:April fools or is someone just lazy

[omnichad]

Open wifi does not use encryption. It's surprising that no standard has developed for this, but when you connect to an open wifi network, you are subject to possibly having your traffic sniffed.

Yes, you should be using secure protocols whenever possible (HTTPS), but it's an entire layer of security missing.

Re:April fools or is someone just lazy

[phishybongwaters]

open wifi could use encryption, it's merely a matter of key exchanges. Typically this is done by connecting to the open, unsecure, AP first and pull down the certificate for the encrypted network, then you either get redirected to that network, or manually connect.

Re:April fools or is someone just lazy

I'll admit that my knowledge of the inner working of Wi-fi router security is somewhat limited, but does having a password protected router (even if wireless isolation is available/activated) provide any additional security when everyone is using the same passphrase? I've always assumed that everyone on a single secured Wi-Fi was using the same encryption key. If each user is somehow provided a separate encryption key (despite using the same passphrase) it's an issue for manufacturers to expand that separate key per user methodology to users who use no passphrase as well if they aren't doing it already.

Re:April fools or is someone just lazy

[sims+2]

True but you really aren't any better off using public wifi with a publicly posted key as long as someone else still has that same key they can still see your traffic.

So yes I suppose it could keep people that have never been inside your business and are unable to google "business name wifi password" from using your wifi.

Sure windows won't complain that its unsecured. But it's wrong.

Lets say you have a box that takes a password to open.
Then you write the password on the lid of the box.

Wouldn't it have been easier just to not put the lock on it in the first place?

Re:April fools or is someone just lazy

its counterproductive to think of wifi link layer encryption as providing security.

end to end is the only meaningful approach

wifi access control is really only useful for resource management, to stop random people from
eating up all your bits.

'wifi security' is misdirecting people from thinking about real security

Re:April fools or is someone just lazy

[omnichad]

Each device on a WPA2 network has their own private keys with the AP and use that for passing data.

https://en.wikipedia.org/wiki/...

So you actually have to capture the handshake to have any real chance of capturing the data. Which isn't to say it's not possible, but it is not as simple as having the password.

Re:April fools or is someone just lazy

[mattventura]

As I understand it, WPA wouldn't allow clients to decode other clients' packets, even if they know the key for initially connecting. Thus, you could just designate a password (even "password") for open networks to give people encryption yet still be open. In the meantime, you could just name your network PASSWORD_IS_xyz.

Re: April fools or is someone just lazy

Then, when the ap and the client ate negotiating the session key, anyone would trivially be able to pull a MitM

Re:April fools or is someone just lazy

[sims+2]

Your right its not quite that easy but it is still pretty simple.

From 2014 http://www.howtogeek.com/20433...

Wireshark had the capability to do it back then. If you want to prevent it the only option still considered secure against it is wpa2 enterprise which actually does give each device its own key.

Re:April fools or is someone just lazy

[TechyImmigrant]

Open wifi does not use encryption. It's surprising that no standard has developed for this, but when you connect to an open wifi network, you are subject to possibly having your traffic sniffed.

Yes, you should be using secure protocols whenever possible (HTTPS), but it's an entire layer of security missing.

When you use secure WiFi with AES-CCM encryption using keys established with RSA, the AP conveniently decrypts your wireless traffic and passes it onto the internet in plaintext form. 802.11 security is necessary for controlling access, but not sufficient for privacy.

Re:April fools or is someone just lazy

[omnichad]

No, it's not sufficient for privacy. Did you read my second sentence? I already addressed that.

It doesn't just control access, it encrypts all traffic in a way that's at least slightly more than trivial (i.e. you have to also sniff the handshake) to crack. If you must use HTTP, it's far more likely to be intercepted on a LAN rather than on the WAN, NSA excepted.

What could possibly go wrong?

[JustBoo]

What could possibly go wrong? Okay, this is the Aprils Fools joke article. Right? Right. Even MIT isn't that stupid.

Dumb

[chill]

I thought maybe this was a way to establish a WPA-secure connection without user input, based off proximity.

No, this is open access authentication based off location. Yawn. Set you AP to "low power" and centralize it in the building, then remove all authentication.

If they had figured out a way to initiate a key exchange based on proximity, then I'd possibly be impressed. Maybe with the password being exchanged with human inaudible sound and triggered by proximity.

Wifi always on

[The-Ixian]

Date on TFA is 3/31 so I am assuming this is not a joke.

I just don't like the idea of my device connecting to any hotspot that it may come close enough to.

I am already annoyed that my MAC address is being harvested if I happen to forget to turn off the wifi before I leave the house.

If my device automatically connects to a hotspot who knows what kind of MITM mischief could happen if some background app's protocol is vulnerable when it phones home for whatever.

Re:Wifi always on

[Archangel+Michael]

MAC addresses are now world wide routable, using IPV6. Its actually part of the Spec.

There are ways around this, that are also built into the spec, but just wanted people to know.

Re:Wifi always on

[sims+2]

Encrypt your home wifi don't connect to any unencrypted network or network with a publicly known key.

To setup a MITM wifi you would need to know a wifi name (And key if set) the device will auto connect to. Try "Linksys" most devices have connected to one of those at some point.

Even if your network name happens to be "Linksys"
If your AP has a key set the MITM AP would have to have the same network key.

This is why if your network name is the same as an open network or another encrypted network you will be unable to connect without removing your profile.

Uniquely encrypt each connection you idiots

2016 and they're still confusing and conflating authentication/authorisation with encryption? Despite all we know about intelligence agency slurping?

There is -no- reason at all that a hotspot couldn't generate a unique key for every single connected client, that would prevent snooping. If they're pushing for a new protocol at least fix this oversight of WiFi first.

Re:Uniquely encrypt each connection you idiots

[sims+2]

Would be nice.

Device isolation and each device given its own encryption key for the router.

Should have been done years ago.

Re:Uniquely encrypt each connection you idiots

[TechyImmigrant]

Would be nice.

Device isolation and each device given its own encryption key for the router.

Should have been done years ago.

You mean like the EAP+4 way handshake that was put in the spec years ago providing pairwise keys for every STA-AP pair?

Re:Uniquely encrypt each connection you idiots

[sims+2]

Yes your right 802.11x can actually do that.
Not sure if you can set it up without requiring login tho.

Now that just leaves me wondering why I've never seen one setup in the wild.

Might be a good project for this weekend.

Re:Uniquely encrypt each connection you idiots

[TechyImmigrant]

You can. It's just a royal pain in the arse setting up RADIUS servers and configuring EAP methods and settings certs or whatever other credential is required by the EAP method,

This is morass of complexity in security systems that in order to be secure need to be as simple as possible.

Brilliant!

[Andurian]

That's brilliant! Thank God I live in a sphere!

Re:Brilliant!

[ihtoit]

ON a sphere. ON a sphere. Or are you a Hobbit?

'Supposed' network?

What is this, Chewbacca security?

Re:'Supposed' network?

[I4ko]

If the wifi range is 2 meters, the baseball bat security works quite well.

Re:'Supposed' network?

[KGIII]

I used to tell people that:

"I have Chewy Chewbaccason's Disease. I grow hair out of weird places all over my body and when I talk it comes out roowwrrrooowwrraaaa."

Yes, yes I did drink a lot back then.

3% Fail

[Tablizer]

TFA: "It works with 97% accuracy"

So hackers only have to try about 30 places on average to get in.

Re:3% Fail

[Wycliffe]

TFA: "It works with 97% accuracy"

So hackers only have to try about 30 places on average to get in.

It says 97% accuracy within the building and 10 inch resolution so if that 3% failure rate was double or even triple then that's still accurate to less than 3 feet which would be plenty accurate enough. Honestly, I'm just guessing and 97% accuracy is almost meaningless in this context. It would be much better to say "accurate to 10 inches +/- 5 inches" or something along those lines or "works reliably 97% of the time and 3% of the time someone inside the building can't connect" which would be the other likely failure mode.

Longer range? Use RFC 2549

https://tools.ietf.org/html/rf...

Best part is that this enhancement will run of peanuts and popcorn. Worst part is a potential denial of service mentioned by Tom Lehrer.

https://en.wikipedia.org/wiki/...

What decade are these guys from?

What they are suggesting is everyone making their wifi open, the "FREE" ones already are except they have an annoying login page or "accept the terms" page you must go through first, but your phone has already joined the network because it knows it.

If my friends come over, they can blimmin well login to the free xfinitywifi thats enabled on my home router.

Public Hotspot software

[craighansen]

This kind of application desperately needs to include hotspot software that does a VPN over SSL or TLS (https security layer, relying on PKI). An ideal platform for doing this would be for email providers to add VPN for internet access alongside the SSL/TLS links they already operate for IMAP/POP3/SMTP, as it provides for some level of user authentication and traceability. There's also existing standalone VPN hotspots, but incorporating VPN into email would help make VPN ubiquitous.

Re:Public Hotspot software

[TechyImmigrant]

>https security layer, relying on PKI

Right, because that's shown to be so secure with the thousands of perfectly run CAs.

April fool's

[aglider]

I call it "open network"

Well...

[EmeraldBot]

I'm guessing this is an April Fool's story, because even if the signal is encrypted, there's no authentication factor to it, all you have to do is get in range. Furthermore, range boosters become a serious weakness; slip a tiny one in a corner or something, and BOOM! Instant security breach. I will say though, this was a pretty good one - not nearly so obvious as previous years.

Re:Well...

[mpoulton]

I think I'm wasting a post due to the April 1 chaos today, but everyone seems to be missing the point here. This is real, and it's not just an open network. And it's not vulnerable to range boosters - it's fundamentally undefeatable range-based authentication. The system uses time-of-flight of the signal to measure the distance from access point to user much like radar. Some wifi hardware already does this, but doesn't use that information for authentication purposes. For example, Ubiquiti's AirOS devices provide an actual range measurement but with much lower resolution since they are intended for long-range links. This is just an improvement in accuracy combined with the use of measured range data for authentication. It's very clever.

Re:Well...

[TechyImmigrant]

I think I'm wasting a post due to the April 1 chaos today, but everyone seems to be missing the point here. This is real, and it's not just an open network. And it's not vulnerable to range boosters - it's fundamentally undefeatable range-based authentication. The system uses time-of-flight of the signal to measure the distance from access point to user much like radar. Some wifi hardware already does this, but doesn't use that information for authentication purposes. For example, Ubiquiti's AirOS devices provide an actual range measurement but with much lower resolution since they are intended for long-range links. This is just an improvement in accuracy combined with the use of measured range data for authentication. It's very clever.

So violate the IFS spec a little and appear to be closer than you are.

The real paper is actually interesting.

They basically came up with a way to do location triangulation on a single consumer-grade (MIMO) access point using the multiple antennas.

Re:The real paper is actually interesting.

Haven't they been doing something similar for years (though the accuracy can sometimes be less than stellar), I've seen several laptops/apps that had "WiFi radar" which gives you an idea of the direction/distance of other WiFi devices.

Re:The real paper is actually interesting.

Yes, I should have qualified the statement more like: They basically came up with a way to do better[*] location triangulation on a single consumer-grade (MIMO) access point using the multiple antennas. [*] decimeter precision with a single comodity hardware device

Android Automation FTW

[GTRacer]

Say you forget to turn off Wi-Fi on your device, and you walk into a cafe[...]

This is one of the two reasons I have my phone set to disable WiFi as soon as I leave my house. I don't have to worry about my phone trying to connect to every open AP it comes across.

The other reason I auto-disable WiFi is to minimize store tracking which seeks to ID me when I enter their building.

Proximity is not relative to signal strength

Just a sec, let me set up a repeater -- you know like how you can just signal boost those fancy cars signals so that their keys respond to the ping from far away and the vehicle unlocks itself? Yeah, same thing, but with routers.

Why use public wifi?

[meadow]

Don't know if this is an April Fools article or not, but with Net Neutrality no mobile carrier is allowed to restrict tethering on any mobile device nor charge a fee for it, so I don't see why anyone actually needs public wifi anymore.

Re:Why use public wifi?

[Wycliffe]

Don't know if this is an April Fools article or not, but with Net Neutrality no mobile carrier is allowed to restrict tethering on any mobile device nor charge a fee for it, so I don't see why anyone actually needs public wifi anymore.

In my experience, most of the time, public wifi is still faster than tethering. It's also usually free and unlimited compared to the expensive per gig pricing of tethering.

Better than the average /. post

Well written summary, technical information, subtle humour.
How sad is it when the April fools day post is better than 99% of the other posts that appear here.

Strictly does nothing for in-band security

This does nothing for in-band security. Basically anyone in the same cafe or router range could sniff and hack you as much as with passwords. The main thing it does is Geofence the WiFi router. So you must be in a given physical proximity to get into the router at all - even being in the street outside would be blocked. However emissions still occur so you could still promiscuously intercept any WiFi connected device. You just can't perform a man-in-the-middle or other crack without being inside the GeoFence.