Slashdot reader Bruce66423 writes: A German court this week sentenced a member of the Red Army Faction — a far-left terrorist organisation that operated in West Germany in the 1970s and 1980s — to jail. [67-year-old Daniela Klettewas was sentenced to 13 years for armed robberies, according to the Guardian, and "she also faces trial for alleged involvement in three attacks in 1990 and 1994: a failed bombing in front of a bank, a shooting at the US embassy in Bonn and a 1993 bombing at a prison.".] She had remained hidden for decades, and the German police hadn't deployed facial recognition software to catch her. But according to the article a journalist did, to good effect.
Is the ban on the police using it a good thing? Is it good that a journalist was able to track her down using it?
If you were paranoid about digital tracking before, you might want to think twice about reading any further.
New research out of Germany’s Karlsruhe Institute of Technology found that the types of Wi-Fi routers we all have in our homes come with a major privacy vulnerability that can be used to identify any human body that comes within their range.
The study, flagged by Gizmodo, used machine learning systems to identify individuals with an accuracy rate of 99.5 percent. To do so, the researchers exploited a vulnerability in a process known as beamforming feedback information (BFI), which was introduced to allow routers to focus Wi-Fi signals on connected devices, as opposed to the older approach, which is to blanket an entire area in coverage.
While BFI is great for network connectivity, it has a major downsides for privacy. For starters, devices connected to a router using beamforming need to send constant feedback in order to be found. As routers send out and receive network feedback, the signal is inevitably impacted by real world factors like pets, walls, and people.
That gap, between the signals routers expect to receive and the distorted feedback they actually get, allowed researchers to extrapolate the identities of 161 individual participants based on BFI data which inadvertently mapped their physical characteristics. Even when individuals changed their gait or carried objects like backpacks and crates, the system registered an accuracy rate between 50 to 60 percent, the KIT team wrote.
“This works similar to a normal camera, the difference being that in our case, radio waves instead of light waves are used for the recognition,” study coauthors Thorsten Strufe said in a press release.
Making matters worse is the fact that this data is basically wide open for anyone to grab — not only is that feedback data unencrypted, it can also be accessed without ever connecting directly to the router.
“We have shown robust identity inference with common-of-the-shelf hardware which is already in widespread adoption in many homes and public areas,” the team wrote in their paper. “With this hardware making its way into millions of homes, the privacy concerns are severe.”
The KIT findings contrast to other Wi-Fi tracking systems, like one developed by researchers at the Sapienza University of Rome. That method, called “WhoFi,” uses channel state information, which is much harder to access on consumer hardware, but can still identify people through walls with an alarmingly high accuracy rate.
That WhoFi study made a point to highlight the anonymity factor: the idea that the sensing system can detect people’s presence, but not identify them. The KIT team refutes that framing outright, arguing that Wi-Fi-sensing technology poses major privacy risks regardless.
“While there maybe legitimate use-cases, we explicitly consider identity inference via Wi-Fi sensing a privacy attack,” they write. “This view reflects the serious risks associated with the ubiquity of Wi-Fi networks, their ability to sense through walls and in non-line-of-sight scenarios, and the fact that this would likely happen without explicit consent.”
While more research will be needed, the researchers don’t mince words about the implications of their initial findings. In their conclusion, the KIT team writes that regulators and companies moving to standardize Wi-Fi sensing should “strongly consider adding effective privacy protection,” or else “abandon beamforming entirely.”
These days, it’s nearly impossible to traverse the web without leaving some trace of your activity. That’s thanks to a panopticon of cookies, keystroke loggers, fingerprinting, tracking pixels, and probably some other horrors that haven’t even come to light. Maybe that sounds paranoid, but it’s exactly what researchers in Austria uncovered in bombshell new cybersecurity research.
According to the recently released paper, first spotted by Ars Technica, researchers have uncovered a type of no-interaction attack that websites can easily run to access data stored in your computer.
It’s called FROST, which stands for “fingerprinting remotely using OPFS-based SSD timing.” It’s a mouthful for sure, but it basically allows malicious websites to spy on your computer activity, all without installing any software or tricking you into clicking sketchy email links.
Per the researchers, it works by taking advantage of your computer’s solid state drive (SSD), the internal storage devices which have largely taken over from magnetic hard drives on the consumer market. Whenever you visit a site, your computer’s SSD starts buzzing with activity, allowing webpages to store temporary files for your browsing pleasure.
FROST attacks take advantage of this by creating a massive file — we’re talking several gigabytes — which functionally blocks your computer from moving what it sees as temporary web data out of the SSD. While that mammoth file is being processed, however, the malicious website is able to probe the timing of incoming data from other sites, generating data which can then be analyzed through a machine learning model to predict what else you’re doing online.
While “predict” suggests the attacker is guessing, the FROST method is scary good at identifying what a victim’s doing on their computer. Researchers write that by using this technique, their machine learning model was able to predict which sites a user would access with an accuracy rate of 88.95 percent, and could accurately predict accessed applications 95.83 percent of the time.
Worse, the whole thing works regardless of what browser you use — because it works through your SSD, an attacker can theoretically track your web browsing on Firefox based on a website accessed via Google Chrome. Researchers only experimented with the technique on Mac and Linux devices, but caveated that Windows devices are not immune.
“In principle, it would be possible to train a model on any system activity that reliably generates SSD accesses,” the study’s lead author, Hannes Weissteiner, told Ars.
While FROST represents the kind of vulnerability that probably needs to be patched by web developers, Ars notes that you can mitigate the risks by closing website tabs as soon as you’re done with them. It isn’t much, but it could prevent you from becoming the next victim of a scary new kind of cyberattack.
Imagine this scenario: your algorithm has pulled up a background YouTube video, or maybe a podcast. Unbeknownst to you, hackers have embedded inaudible sounds in it, designed to hijack your smart speaker or phone’s AI assistant — meaning the cybercriminals can now access your private photos, bank accounts, or any other personal information you’ve hooked up to your AI system.
It sounds like an also-ran episode of “Black Mirror,” but it’s exactly what researchers have shown is possible in new research being presented this week at the IEEE Symposium on Security and Privacy.
Basically, a team of researchers in China and Singapore found that they can construct “adversarial audio,” completely undetectable to the human ear, that tricks voice AI models into doing things they shouldn’t. Then it’s a breeze to hide it in innocent-sounding audio — a song, a movie, or anything else that unsuspecting targets might play in the background — and lay in wait for users to accidentally compromise their digital lives.
“It takes just half an hour to train this signal, and then, because this signal is context-agnostic, you can use it to attack the target model whenever you want, no matter what the user says,” lead author Meng Chen, a PhD candidate at China’s Zhejiang University, told IEEESpectrum of the work. “These single-point defenses struggle to resist our attack because we found it’s very hard for these models to distinguish the normal user intent and our adversary attack.”
One catch, at least for now: the technique required the hackers to have access to the full weights of the AI model they’re targeting, meaning they were only able to attack open source models. But because many commercial AI systems are built on open source models, that meant that their exploit was effective against mainstream products by Microsoft and Mistral.
Mistral didn’t respond to IEEE‘s request for comment, but Microsoft issued a statement that should probably give anyone pause before connecting any important information whatsoever to one of the company’s voice AI models.
“We appreciate the researchers’ work to advance understanding of this type of technique,” it read. “This study evaluates model resilience through controlled, direct interactions with the model itself, which helps inform our approach to building model resiliency. In practice, AI models are often integrated into user applications, and we offer developers tools and guidance they can use to implement additional layers of protection that help safeguard users.”
If you’ve been running headfirst into verification prompts seemingly everywhere you go online, you aren’t alone.
Whether you’re jumping through hoops to satisfy a CAPTCHA or checking boxes to verify your identity, these brief interruptions are becoming hard to ignore. The reason behind it? Look no further than AI. As Swinburne University of Technology computer science professor Yang Xiang writes for The Conversation, the sheer number of AI bots on the internet is now reason enough for some websites to require verification. On top of this, the public has become acutely aware of developers using their data to train their bots, and that fear is growing.
Previous research has already found that AI bots shouldn’t be trained with any old data. In fact, using brain rot material — think of the last low-effort meme you saw — can decrease an AI model’s contextual understanding and reasoning skills. For this reason, developers are deploying more AI crawlers to gather the realistic information they need for training purposes, inundating innocent sites with non-human traffic.
Compounding the problem, AI is rapidly becoming clever enough to outsmart traditional CAPTCHAs. Alarming footage recently captured a ChatGPT Agent casually clicking a “I am not a robot” button. That’s why you’re seeing so many grueling image CAPTCHAs that ask you to identify buses and handbags, but AI is increasingly able to solve those too. Fingerprint recognition and voice patterns are tempting, but they raise a slew of questions about privacy and biometrics; in an era when flawed facial recognition software is still resulting in false convictions, it may be hard to convince skeptics that the tech is the key to future user verification.
In other words, the whole thing is a festering mess — and if there’s one core takeaway, it’s that the internet doesn’t belong exclusively to humans anymore.
Like data centers, automatic license plate readers (ALPRs) are incredibly unpopular with voters around the US. Plenty of local politicians are taking the hint, choosing to cancel controversial surveillance contracts with the granddad of ALPR companies, Flock Safety.
In the tiny town of Bandera, Texas, however, one petty tyrant on the city council took personal offense after his fellow politicians voted 3-2 to immediately end their contract with Flock earlier this month. After voting, the dissenting councilmember, identified by 404 Media as Jeff Flowers, immediately went on the offensive, threatening to outlaw virtually all forms of modern technology and take the town “back to 1880.”
“For months, I have listened to the outcry regarding [ALPR] technology,” he scathed. “I have seen the eyerolls, and I’ve even been met with ‘Nazi rhetoric,’ the dangerous claim that believing in accountability and community safety is somehow equivalent to totalitarianism. Comparing a neighbor’s desire for a safe street to a dark chapter of history is a classic case of comparing apples to oranges; it is a distraction used to avoid the reality of the threats our town faces today.”
“Since the Council has decided we are the ‘Free State of Bandera,’ a place where the ‘rights’ of a car thief or human trafficker to remain anonymous apparently outweigh the right of a resident to protect their property and the safety of their family, then we must go all the way,” Flowers continued his rant.
“To ensure our historic County Seat becomes the most ‘traditional’ sanctuary in Texas, I have requested… a total ban on all cellular and GPS-capable devices for all operations within city limits,” the councilman raged. “If we are to be truly ‘private,’ we must leave our smartphones at the city line.”
Continuing his childish crashout, Flowers also proposed a ban on all commercial and residential security cameras, as well as a “total total termination of all internet services and electronic record-keeping.”
“We are going back to 1880, paper ledgers and cash only,” he seethed.
Back in February, Flowers moderated a town hall meeting exclusively meant to discuss the Flock contract, which brought eight ALPRs into the one-horse town. During another February meeting, Flowers accused opponents of the private surveillance company of having something to hide, saying “I believe personally that guilty people act defensively.”
“If you don’t have anything to hide, then it shouldn’t be a problem,” he carried on. “I also believe when you are in a public space, your privacy kind of goes out the window because you are in essence in a public place.”
The US military has long known that cheap fixes could stop location data from exposing its troops. It adopted almost none—and now says adversaries are using the data to target soldiers during a war.
Login
