Because we all know, of course, the Constitution only applies to the federal government, right? If mega-corporation USA Inc uses its shell company Comcast to violate the Supreme law of the land in a treasonous manner, then you are of course SOL asa mere citizen since they aren’t the federal government and the Constitution does not apply to them.
In case it want clear, that was sarcasm.
In case people missed it:
https://theconversation.com/from-help-to-harm-how-the-govern...
https://www.eff.org/deeplinks/2023/07/even-government-thinks...
https://www.politico.com/news/magazine/2024/02/28/government...
Even within tech circles, lots of people aren’t worried about privacy and even have indoor cameras in their homes.
Normally the pathway for this kind of thing would be:
1. theorized
2. proven in a research lab
3. not feasible in real-world use (fizzles and dies)
if you're lucky the path is like
1. theorized
2. proven in a research lab
3. actually somewhat feasible in real-world use!
4. startups / researchers split off to attempt to market it (fizzles and dies)
the fact that this ended up going from research paper to "Comcast can tell if I'm home based on my body's physical interaction with wifi waves" is absolutely wild
The 15-year path was roughly:
1. bespoke military use (see+shoot through wall)
2. bespoke law-enforcement use (occupancy, activity)
3. public research papers by MIT and others
4. open firmware for Intel modems
5. 1000+ research papers using open firmware
6. bespoke offensive/criminal/state malware
7. bespoke commercial niche implementations
8. IEEE standardization (802.11bf)
9. (very few) open-source countermeasures
10. ISP routers implementing draft IEEE standard
11. (upcoming) many new WiFi 7+ devices with Sensing features
> There is one area that the IEEE is not working on, at least not directly: privacy and security.. IEEE fellow and member of the Wi-Fi sensing task group.. the goal is to focus on “at least get the sensing measurements done.” He says that the committee did discuss privacy and security: “Some individuals have raised concerns, including myself.” But they decided that while those concerns do need to be addressed, they are not within the committee’s mandate.
The ability to do this is a necessity for a comm system working in a reflective environment: cancel out the reflections with an adaptive filter, residual is now a high-pass result of the motion. It's the same concept that makes your cell location data so profitable, and how 10G ethernet is possible over copper, with the hybrid front end cancelling reflections from kinks in the cable (and why physical wiggling the cable will cause packet CRC errors). It's, quite literally, "already there" for almost every modern MIMO system, just maybe not exposed for use.
And don’t forget to set your DNS to a non-ISP resolver.
Sure, but not necessarily who is home, since they won't have the MAC address of your device(s) connecting.
Also, traffic volumes are a lot noisier of signals than you might think, given how much automated and background stuff we have these days.
You need a box downstream of your ISP devices that encrypts all traffic out over a VPN. This is what I do.
Still I thought a good DOCSIS 3.1 modem would be a few hundred.
So, bringing your own modem gets rid of the rental fee, but requires moving to a different plan without the security feature bundled. This is of course more expensive, almost entirely negating the savings of bringing your own network equipment (I think our net savings is $5/month, which means its going to be a couple years to pay back the modem cost).
(And what limited configurability it provides is only through the app, which requires you to agree to their "molest your privacy policy". I had been content with just not installing the app , but my threat model hadn't considered this new development ...)
None of the above.
The setup process has you select 3 reference devices. You should pick the devices so that your normal motion areas are between the device and the router.
The router then watches the WiFi signals from those devices. If they fluctuate more than baseline, it's assumed that something is moving around in the area.
It's a threshold detection that can serve as a crude motion sensor for home/away purposes.
Naturally, there is no way for me to opt out of this.
Other people have mentioned that not using Comcast's stuff means that certain features won't be available, but I don't care. I don't have huge bandwidth needs, for instance.
If anyone knows a way around this, please share! I want to connect my Xfinity ONT directly to my UniFi router.
Any time you go out in public your devices are crying out looking for your home AP. If someone can figure out which are you, e.g. by seeing you multiple times in different places they can then go look up where you live based on your home's SSID broadcasts.
https://www.slashdot.org/story/25/06/26/2124252/comcasts-new...
Apparently you can get 1/2gbit ethernet only modems without wifi. You don't save any money over using their equipment.
I know lead is bad for you, maybe a coincidence.
You know that lead tastes sweet, right?
We use lead for shielding ionizing radiation like gamma rays, but even that uses a lot more lead than you'd find in paint.
Not all "radiation" is the same thing.
https://g.co/gemini/share/87f17617ca29
The interesting bits from the search are below. —- Wi-Fi 7 (802.11be), also known as Extremely High Throughput (EHT), brings significant advancements that are highly beneficial for Wi-Fi sensing applications, including motion detection, and can potentially offer a higher degree of accuracy and more advanced capabilities compared to Wi-Fi 6E. While Xfinity's Wi-Fi Motion currently relies on XB7 (Wi-Fi 6) and XB8 (Wi-Fi 6E) gateways, future iterations or third-party solutions built on Wi-Fi 7 would leverage its new features. Here's how Wi-Fi 7 enhances motion detection and sensing: Key Wi-Fi 7 Features Relevant to Sensing: * Ultra-wide 320 MHz Channels: * Impact on Sensing: Wi-Fi 7 supports channel widths up to 320 MHz, exclusively in the 6 GHz band (twice the maximum width of Wi-Fi 6E). Wider channels mean more subcarriers in the OFDM signal. This translates to much richer and higher-resolution Channel State Information (CSI). More data points in the CSI allow for finer-grained detection of signal perturbations caused by motion, potentially leading to: * More precise localization: Better ability to pinpoint where motion is occurring. * Detection of more subtle movements: Including micro-motions like breathing or heartbeats (as seen in advanced research). * Improved filtering: Better differentiation between human motion, pets, or environmental noise. * Multi-Link Operation (MLO): * Impact on Sensing: MLO allows devices to transmit and receive data simultaneously across multiple frequency bands (2.4 GHz, 5 GHz, and 6 GHz) or channels within the same band. * Benefits for Sensing: * Increased Robustness: If one link experiences interference or fades, sensing can continue on another link, improving reliability. * Enhanced Coverage and Accuracy: By aggregating data from multiple links, the system gets a more comprehensive view of the signal environment, leading to better motion detection coverage and accuracy, especially in complex environments. * Potential for 3D Sensing: Combining information from multiple links and bands could facilitate more sophisticated 3D tracking of objects or people. * 4096-QAM (Quadrature Amplitude Modulation): * Impact on Sensing: 4K QAM allows each symbol to carry more bits of data (12 bits compared to 10 bits in Wi-Fi 6/6E's 1024-QAM). While primarily for throughput, higher-order modulation requires incredibly clean and stable signals. * Benefits for Sensing: The underlying ability of Wi-Fi 7 to maintain such high modulation rates implies a network that is extremely sensitive to signal integrity. This sensitivity can be leveraged for sensing, as even tiny changes in the environment (due to motion) would cause discernible shifts in the highly modulated signal, potentially making detection more precise. * Improved MU-MIMO (Multi-User Multiple Input Multiple Output) and Increased Spatial Streams: * Impact on Sensing: Wi-Fi 7 increases the number of spatial streams (up to 16x16 MU-MIMO compared to 8x8 in Wi-Fi 6/6E). * Benefits for Sensing: More spatial streams mean more diverse signal paths are being transmitted and received. This provides even richer and more redundant CSI data, which is invaluable for robust and accurate sensing, particularly for distinguishing multiple targets or for fine-grained motion analysis. * Spectrum Puncturing and Multi-RU Allocation: * Impact on Sensing: These features allow for more flexible and efficient use of spectrum, even in the presence of interference. * Benefits for Sensing: By intelligently avoiding interfered portions of a wide channel, the system can maintain cleaner CSI data from the usable subcarriers, ensuring more consistent sensing performance in noisy environments. * Lower Latency: * Impact on Sensing: Wi-Fi 7 significantly reduces latency. * Benefits for Sensing: Lower latency means faster processing and reporting of motion events. This is crucial for real-time applications like security alerts, fall detection, or gesture recognition where immediate response is critical. Applications and Potential Accuracy of Wi-Fi 7 for Sensing: With these advancements, Wi-Fi 7 has the potential to push Wi-Fi sensing beyond simple presence detection to more sophisticated applications: * Highly Accurate Presence and Motion Detection: More reliable detection of human presence (even stationary) and movement within a defined area. * Precise Localization and Tracking: Better ability to identify the exact position of a person or object and track their movement paths within a space. * Gesture Recognition: Potential for recognizing specific human gestures for control applications (e.g., smart home controls without touch). * Biometric Sensing: More accurate detection of subtle physiological signals like breathing patterns and heart rate, which has applications in elder care, sleep monitoring, and health tracking, all without wearable devices. * People Counting: Improved ability to accurately count the number of people in a room. * Enhanced Security: More robust detection of intruders and fewer false alarms compared to earlier Wi-Fi sensing iterations. While the "degree of accuracy" is hard to quantify with a single number (as it depends on the specific implementation, algorithms, and environment), Wi-Fi 7's core features provide a much stronger foundation for building highly accurate, reliable, and advanced Wi-Fi sensing solutions compared to Wi-Fi 6/6E. It moves Wi-Fi sensing closer to the capabilities of dedicated radar or mmWave sensors in certain contexts, while leveraging existing Wi-Fi infrastructure.
> Comcast does not monitor the motion and/or notifications generated by the service.
> This feature is currently only available for select Xfinity Internet customers as part of an early access preview.
> WiFi Motion is off by default.
Features like this at Comcast are typically one or two engineers on a random team coming up with a cool idea, testing it out, and if it works, they ask if they can roll it out en-masse. If it's just a software or server/backend thing and it doesn't have any negative impact, it gets accepted. Despite their terrible customer service and business practices, they do some cool stuff sometimes. They also release a fair bit of home-grown stuff as open source, which is expensive and time-consuming, but [they hope] it attracts engineers.
> Activating the feature
> WiFi Motion is off by default. To activate the feature, perform the following steps:
The actual title of the article is "Using WiFi Motion in the Xfinity app".
As far as I can tell, devices were already on the market when that thread was made. 802.11bf was standardization to help along interoperability and future products.
Grounded fine copper mesh can attenuate RF and maintain cooling.
Subject to applicable law, Comcast may disclose information generated by your WiFi Motion to third parties without further notice to you in connection with any law enforcement investigation or proceeding, any dispute to which Comcast is a party, or pursuant to a court order or subpoena.
This is scary, particularly considering how the current administration wants to weaponize everything they possibly can.
I wanted to talk about how responsible WiFi router software authors can make things local-only (and I've done that in the past; no way to get this information even if I wanted it). But this is always temporary when "they" can push an update to your router at any time. One day the software is trustworthy, they next day it's not, via intentional removal of privacy features or by virtue of a dumb bug that you probably should have written a unit test for. Comcast is getting attention for saying they're doing this, but anyone who pushes firmware updates to your WiFi router can do this tomorrow if they feel like it. A strong argument in favor of "maybe I'll just run NixOS on an Orange Pi as my router", because at least you get the final say in what code runs.
We have endless cases of Comcast and others criminally abusing their granted monopoly and the PUCs simply allowing them to run roughshod over consumers.
How do we fix it?
> The IEEE plans to take the concepts for Wi-Fi sensing from the proprietary system built by Cognitive (which has been licensed to Qualcomm and also Plume) and create a standard interface for how the chips calculate interference that determines where in space an object is.
Other firmware sensing capability: https://www.cognitivesystems.com/caregiver/
- Activity Tracking: Detects movement patterns to identify changes in daily routines to spot health concerns
- Sleep Monitoring: Tracks sleep duration, wake times and nighttime interruptions to assess sleep quality
- Anomaly Detection: Establishes household baseline to proactively identify unusual patterns & changes in activityTurn that thing off.
I used to recommend using your own cable modem as well, but these days you have to use the Xfinity modem to avoid overages if you're in a market with data caps.
Comcast has a stellar network operations unit, but their business operations are creepy and exploitative.
Comcast in general has a long history of snooping around and messing with users' traffic. Not that the alternatives are much better. Regular folks are screwed on this matter.
But perhaps for HNers setting up your own trusted WIFI AP and routing it (and all other traffic) through an internet gateway that routes your traffic over a secure channel (whatever that is for you, Tor, VPN services, VPN over your own cloud/vps,etc..) is ideal. It goes without saying, your DNS traffic should also not be visible to the ISPs.
Keep in mind that they sell all this data (including the motion data) not just to law enforcement but to arbitrary well-paying data brokers and other clients.
That's funny because it does sound like they suggest it be used as such.
jacobgkau•3h ago
Sounds like, at least in some limited circumstances (using the provided WiFi AP, having this feature turned on, etc), ISPs are going to be able to tell law enforcement/courts whether anyone was home at a certain time or not.
57473m3n7Fur7h3•3h ago
schiffern•2h ago
https://www.mdpi.com/1424-8220/24/7/2111
josho•2h ago
If we rely on the technical path, Comcast can achieve the same by how many active IPv6 addresses are in use. Even if you aren't using your phone, the device is going to be constantly pinging services like email, and your ISP can use that to piece together how many people are at home.
If we rely on legal protection, then not only Comcast, but all ISPs will be prohibited from spying on their customers. Ideally the legislation would be more broad and stop other forms of commercial/government surveillance, but I can't imagine a world where Congress could actually achieve something that widely helpful for regular citizens.
dylan604•2h ago
aspenmayer•2h ago
landl0rd•2h ago
This means, respectively: ensure personal info is stored securely so hackers can recover little. Don't transmit info to remote servers to limit what advertisers get. And just store as little as possible in the first place because this is the legal means to have little to subpoena or discover.
Useful info, when absolutely necessary, should be locked behind a password, as constitutional rights preclude law enforcement from making someone disclose it.
aspenmayer•2h ago
dylan604•2h ago
aspenmayer•1h ago
The irony is that all of these metadata leaks and correlation attacks etc were theoretical at the time these technologies were created and developed, unless you’re NSA level compute power, both human and silicon. Now, any script kid has enough info to try to build an array of SDRs to do the same thing, and no one will care when they do besides the feds who cry foul about their turf being stepped on by plebeians. The public will never care because their eyes will already have glazed over once you mention MAC addresses and SSIDs.
maxerickson•1h ago
aspenmayer•1h ago
It’s almost a legal impossibility and would be a bad move geopolitically to give up this full take capability and it is not happening. It’s wishful thinking to believe otherwise.
https://en.wikipedia.org/wiki/Room_641A
dylan604•2h ago
matthew-wegner•31m ago
"Motion is detected based on the amount of signal disruption taking place between the Xfinity Gateway and your selected WiFi-connected devices, so motion from small pets (around 40 pounds or less) can be filtered out while keeping you notified of large movements more likely to be caused by humans."
baggachipz•2h ago
"Best we can do is letting all the AI companies hoover up your data too"
timewizard•2h ago
Unless you put your own gateway (layer 3 switch, wifi ap, linux router) in front of it.
frollogaston•2h ago
nemomarx•2h ago
timewizard•1h ago
frollogaston•1h ago
timewizard•1h ago
There are a multitude of pre-existing ways of achieving the same result. One would be simply looking at the ft^2 listed on the public tax documents for the given address.
So I was really assuming any useful analysis would require them to be the actual man in the middle by owning and controlling your router. In which case address family does not matter.
Yeri•1h ago
Putting your phone in airplane mode doesn't make it think you have left the house.
> If you’d like to prevent your pet’s movement from causing motion notifications, you can exclude pet motion in your WiFi Motion settings by turning on the Exclude Small Pets feature. > Motion is detected based on the amount of signal disruption taking place between the Xfinity Gateway and your selected WiFi-connected devices, so motion from small pets (around 40 pounds or less) can be filtered out while keeping you notified of large movements more likely to be caused by humans.
Aurornis•2h ago
The parent commenter was highlighting that law enforcement can compel them to provide the data.
The customer has to opt-in to WiFi motion sensing to have the data tracked. If you see something appear in an app, you should assume law enforcement can compel the company to provide that data. It's not really a surprise.
> If we rely on legal protection, then not only Comcast, but all ISPs will be prohibited from spying on their customers.
To be clear, the headline on HN is editorialized. The linked article is instructions for opting in to WiFi motion sensing and going through the setup and calibration. It's a feature they provide for customers to enable and use for themselves.
tehwebguy•1h ago
Not for long, there’s money to be made by adding this to the cops’ customer lookup portal.
frollogaston•2h ago
oliwarner•1h ago
Technical solutions tend to last longer. Legal solutions have a habit of being ignored when they become inconvenient.
The legal default should be that collecting this sort of data should always be illegal without informed consent and never used beyond the remit of that consent. As inconvenient as it sometimes is, the world needs GDPR.
armchairhacker•1h ago
I disagree. Solutions should be technical whenever possible, because in practice, laws tend to be abused and/or not enforced. Laws also need resources and cooperation to be enforced, and some laws are hard to enforce without creating backdoors or compromising other rights.
"ISPs will be prohibited from spying on their customers" doesn't mean ISPs won't spy on their customers.
hamhock666•1h ago
The solution is to not use the internet if you care about your privacy.
kevin_thibedeau•52m ago
timewizard•2h ago
Which is one of the main reasons I bought my own modem.
jhowison•52m ago
lrvick•10m ago
snarf21•2h ago
[Note: this should be illegal]
Aurornis•2h ago
It's an opt-in feature. If you don't set it up, they aren't generating the home/away chart like shown in the article.
vel0city•1h ago
As the salty water meatbags move from room to room we change how the reflections and scattering patterns of 2.4 and 5GHz waves move. Studying these changes and some calibration, you can even determine small changes (like is the person on the left side of the room breathing, are they standing or prone, etc).
vel0city•1h ago
As the salty water meatbags move from room to room we change how the reflections and scattering patterns of 2.4 and 5GHz waves move. Studying these changes and some calibration, you can even determine small changes (like is the person on the left side of the room breathing, are they standing or prone, etc).
In their docs, they show using the WiFi connection from a printer to determine motion sensing and have the option to exclude pets.
puppycodes•42m ago
For someone breathing or a heartbeat you need much higher GHz signal. Usually this is done at 30ghz to 60ghz. The power flux leaving the antenna has an inverse square drop off rate which makes this basically impractical unless your standing directly in front of it.
lrvick•12m ago
Yeri•1h ago
> If you’d like to prevent your pet’s movement from causing motion notifications, you can exclude pet motion in your WiFi Motion settings by turning on the Exclude Small Pets feature. > Motion is detected based on the amount of signal disruption taking place between the Xfinity Gateway and your selected WiFi-connected devices, so motion from small pets (around 40 pounds or less) can be filtered out while keeping you notified of large movements more likely to be caused by humans.
godshatter•38m ago
brewtide•6m ago
puppycodes•47m ago
Using your mobile data and internet traffic is far easier and already deeply integrated into off the shelf law enforcement products. Those progams are even more terrifying than this by an order of magnitude.
casper14•41m ago
lrvick•20m ago
Wifi imaging is a bit like a silhouette and generally accurate enough to work out gait and height which could give a good indication of which people are in what locations in a home. That is some very scary power in the hands of a corpo.