Xfinity using WiFi signals in your house to detect motion

Original Article ↗ Hacker News Discussion ↗

What WiFi motion can infer

  • Motion sensing via WiFi can reveal whether anyone is home, how many people, and roughly where they are in a dwelling.
  • More advanced research and products claim detection of breathing, heart rate, gait, and possibly individual identification and activity patterns.
  • Combining WiFi patterns with other data (devices, DNS, IPv6, usage levels, public records) can refine household profiles and demographics.

Privacy, surveillance, and law enforcement

  • Terms state motion data may be shared with third parties in law enforcement investigations, disputes, or under court orders.
  • Commenters worry this creates a persistent record of in‑home activity sitting in corporate data lakes, easily subpoenaed later.
  • Some argue that even if ISPs don’t actively “monitor,” collection and retention alone are dangerous; “you can’t subpoena what doesn’t exist.”
  • Others note similar inferences are already possible via router logs, smart meters, water flow, cell networks, and commercial data brokers.

Legal vs technical responses

  • One camp says the primary fix must be legal: ban or strictly limit commercial surveillance and retention, enforce deletion, and guarantee the right to use one’s own router.
  • Another camp distrusts enforcement and prefers technical defenses: own hardware, open firmware, encryption, traffic padding, and RF obfuscation; but concedes ISPs will always see at least timing and volume.
  • There is pessimism about political will, regulatory capture, and national‑security workarounds (NSLs, secret programs), but also arguments that laws can still meaningfully raise costs and reduce bulk collection.

Trust, opt‑in, and ISP hardware

  • Officially the feature is off by default and must be explicitly enabled and calibrated; skepticism is high that it will remain truly optional once monetization opportunities emerge.
  • Concerns include silent remote activation, weak or misleading consent flows, and the ability of law enforcement or attackers to flip settings.
  • Several note ISPs heavily push their own gateways (e.g., tying them to unlimited data, shared hotspots), which concentrates sensing and telemetry power in ISP‑controlled devices.

Technology and standardization

  • Commenters connect this to “WiFi sensing” and IEEE 802.11bf: capabilities originally developed for better MIMO/beamforming and refined through military, research, and niche commercial deployments.
  • Some are skeptical of the more extreme claims (fine‑grained imaging, reliable heartbeat through walls) at scale; others cite existing products and papers that already demonstrate significant resolution.
  • Standards work has largely focused on making sensing performant and interoperable, with privacy and security explicitly out of scope so far.

User mitigations and countermeasures

  • Common advice: use a separate DOCSIS modem and your own router/AP, disable ISP WiFi or bridge their gateway, and block or encrypt DNS.
  • For forced gateways, suggestions range from opening the box and disconnecting antennas to Faraday‑style shielding—balanced against rental terms and practicality.
  • Researchers and some commenters highlight active obfuscation: injecting random RF or traffic patterns, or using tools that add noise to WiFi channel state information to defeat localization.

Broader ethical and societal issues

  • Many see this as part of a broader drift toward ubiquitous, involuntary sensing in homes (WiFi, smart meters, IoT, cameras), with high value for advertisers, landlords, and state agencies.
  • There is debate over engineers’ responsibility in building such systems and frustration that user‑visible “features” often serve as a front end for larger surveillance ecosystems.
  • Some argue for a “digital bill of rights” and stronger human‑rights framing of privacy in the home; others are bleak about change without much broader civic engagement.