How WWI codebreakers taught your gas meter to snitch on you

Jul 31, 2014 by Derek Mcauley
An early version of the internet of things in the Somme.

In the depths of night on August 5th 1914 the British Cable Ship Alert took the first significant action of World War I, severing the five German submarine cables that ran through the English Channel. This operation was a major blow, forcing Germany to use radio for international communications for the duration of the war.

Together with the increasing use of the new-fangled radio for communications between military commanders and their operational units in the field the British and French could listen in to much of the enemy's communications.

Shortly after CS Alert's actions in the Channel, The British army set up Room 40 at the admiralty to process the goldmine of information produced by eavesdropping on the enemy's communications. Much of the information was encrypted but listeners in Room 40 aimed to crack the codes.

To help, they often used associated traffic-analysis to gather the information they needed. This involves looking at other elements of a communication when you don't know the actual content. You can deduce a lot of information by looking at the time and duration of a message and the location of transmitters. Trained listeners could even detect specific operators by their "fist" – subtle variations in the pattern of the Morse code, like the relative duration of the dots, dashes and gaps for different letters. Identify the operator and you could identify a specific ship or military unit, locate it with direction finding, and then track their activity over time.

In the modern world it's the average consumer being listened to. As the internet of things grows, we are installing wireless systems in our homes to control lighting, heating, windows, doors and energy use. We shouldn't be surprised that the same traffic-analysis techniques applied in 1914 can be applied to all these home automation systems, as has been reported by researchers at a conference in Oxford.

The team from Saarland University in Germany acted as malicious attackers and found they were able to build profiles of participants in their study through their home devices, even though they were encrypted. They were able to predict when participants would be away from home by looking at usage patterns in heating and ventilation, for example.

In fact recent research on radiometric signatures shows that individual devices can be identified just by looking at the subtle differences between the radio signals they emit as a result of variations in the manufacturing process. It's the modern equivalent of identifying the "fist" of a Morse operator.

Your best defence

One way to avoid your devices giving you away is "masking". Devices can communicate continually by sending encrypted dummy messages even when they have nothing useful to say. While simple to implement, it is not the greenest or most convenient of solutions. Power is constantly being consumed, which is bad for bills and is a pain for battery-operated devices in particular.

A further solution is to make the radio signal hard to detect. In 1941, famous actress Heddy Lamarr filed US Patent 2,292,387 to protect the invention of "frequency hopping" radio. By jumping from one radio frequency to another rapidly and under the control of a secret key, only a receiver that shares the key can find the transmission. In Heddy's patent, this was used to prevent interference with the radio guidance controls of torpedoes.

Derivatives of this original idea are in everyday use today in and such as GPS. In the early 2000s, there was a fad for ultrawideband radio systems, which were proposed as a possible wireless USB standard. Ultrawideband was robust in the face of interference and it was almost impossible to detect its signal if you didn't know the key. It was just the thing if you wanted to avoid traffic-analysis attacks but not exactly popular among government agencies who might prefer not to allow essentially covert radio communications to be deployed among the population. Ultrawideband has since then almost entirely disappeared from the landscape.

Wifi trap

However, before damning home automation, perhaps we might look at other everyday home devices that leak information. Broadband penetration in the UK has recently been reported as having reached 83% of households (Eurostat 2014) with the majority of the home routers supplied by internet service providers offering wifi. However, anyone can download a software application that runs on standard Windows and Mac personal computers to perform wifi traffic-analysis and identify the computers involved in communications on the wifi network and see when they are active even if they cannot see the message contents.

And with many modern smart phone apps using push technology to continually synchronise with their servers in the cloud the phones are in regular communication via your home wifi network when they are in range, detecting when a smartphone has left the building is a trivial matter.

The fact that 83% of homes leak information over wifi seems a bigger matter of concern right now than smart devices snitching on you to the nearest criminal.

All this sort of monitoring requires is for the attacker to be within radio reception distance, and these radio transmissions are designed to only travel tens of metres. So someone would have to either be lurking around in a suspicious manner at the bottom of your garden to record this information; or has to plant a snooping device, hope it doesn't get discovered, and come back to retrieve it later. Or, it is your neighbour.

Of greater concern still is the modern trend for cloud-based architecture that transmits all this information into the cloud and stores it unencrypted. A tech-savvy burglar might find it more fruitful to attack the single point in the cloud and obtain not only current data, but the whole history of thousands of households in one go.

But for the the truly paranoid – insist on your home automation using wires, change from wifi to Ethernet and switch off all that push technology on your smartphone.

Explore further: Wireless home automation systems reveal more than you would think about user behaviour

add to favorites email to friend print save as pdf

Related Stories

New software alleviates wireless traffic

Apr 11, 2013

The explosive popularity of wireless devices—from WiFi laptops to Bluetooth headsets to ZigBee sensor nodes—is increasingly clogging the airwaves, resulting in dropped calls, wasted bandwidth and botched connections. ...

The goTenna device pitch is No Service, No Problem

Jul 18, 2014

In the new age of Internet-based crowdfunding with special price offers, where startup teams try to push their product closer and closer to the gate of entry, goTenna's campaign offers a most attractive pitch. ...

Recommended for you

Britain's BT in talks to buy mobile operator EE

Dec 15, 2014

BT Group PLC said Monday it is in exclusive talks to buy mobile phone operator EE from Germany's Deutsche Telekom and France's Orange for 12.5 billion pounds ($20 billion) in cash and shares.

Re-imagining the network

Dec 12, 2014

Communication networks are evolving to keep pace with increasing consumer needs and business demands. We've already experienced the progressive jumps from 1G to 4G wireless networks and 5G is looming in the not-too-distant ...

High-speed Internet on its way to more schools

Dec 11, 2014

The Federal Communications Commission agreed Thursday to dramatically boost spending to bring high-speed Internet access to schools and libraries in poor or rural areas, a move that would likely increase Americans' phone ...

User comments : 8

Adjust slider to filter visible comments by rank

Display comments: newest first

DistortedSignature
1.7 / 5 (7) Jul 31, 2014
How WWI codebreakers taught your gas meter to snitch on you


How come there's nothing in the article related to the title? Unless they're implying that filling up gas in certain areas profiles you to have illicit or immoral affairs...?
antialias_physorg
5 / 5 (7) Jul 31, 2014
How come there's nothing in the article related to the title?

The entire first four paragraphs describes how side band attacks for radio transmissions were invented during WWI.
Sigh
5 / 5 (5) Jul 31, 2014
How WWI codebreakers taught your gas meter to snitch on you

How come there's nothing in the article related to the title? Unless they're implying that filling up gas in certain areas profiles you to have illicit or immoral affairs...?

The article is sourced from The Conversation, which is an Australian site. Perhaps Australian English is closer to British English, where gas meter refers to the appliance that measures how much natural gas is supplied to your house, rather than how much petrol you put into your car.
Doug_Huffman
2 / 5 (1) Jul 31, 2014
I know a USN Communications Technician - CT enlisted spook - that can translate teletype AFSK in his head, even Russian language. He spent much of the Cold War listening to endless repetitious nonsense, tapes of A Quick Brown Fox Jumped Over The Lazy Dogs, to hear the interspersed messages.
nkalanaga
5 / 5 (2) Jul 31, 2014
Sigh: I live in the USA, were born and raised here, and am a native American English speaker. I've never heard "gas meter" used to refer to a "petrol dispensing device". Even here a "gas meter" is a "natural gas measuring device". The fuel dispenser is most commonly called a "gas pump".

I think it's more likely that some people either don't read the article closely, or don't comprehend what they're reading.
Dr_toad
Jul 31, 2014
This comment has been removed by a moderator.
nkalanaga
5 / 5 (2) Aug 01, 2014
Dr_Toad: I was responding to Sigh, but only in the sense that he was questioning a previous comment, about the meaning of "gas meter" in British vs American English. I don't have any dispute with him, but was only pointing out that, in my experience, American English uses the same meaning as British. And, like him, I have no idea how the article could be interpreted to refer to fueling vehicles.

I have seen "gasometer" used in old texts, but have never heard anyone use it. Since I read books from all over the English-speaking world, I can't say where it originated.
tscati
5 / 5 (2) Aug 01, 2014
@Dr_Toad:
"Gasometer" - in UK English (i.e. 'real' English!) a gasometer is/was one of those giant round tanks that were originally used to store town gas. I believe some are still in use with natural gas to help balance the pressure.
rockwolf1000
1 / 5 (1) Aug 01, 2014
@"Gasometer" - in UK English (i.e. 'real' English!)


You mean the English in which "Spotted Dick" is something to be eaten??

I'll stick with my American English thanks.

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.