WiFi Says "Hi!" Back to Strangers!

WiFi networks employ authentication and encryption mechanisms to protect the network from being accessed by unauthorized devices. Therefore, WiFi communication should be possible only between devices inside the same network. However, we have found that all existing WiFi devices send back acknowledgments (ACK) to even fake packets received from WiFi devices outside of their network. We call this behavior Polite WiFi since WiFi devices respond to all packets even those coming from strangers! In this paper, we discover the Polite WiFi behavior for the first time. We also examine this behavior on over 5,000 WiFi devices from 186 vendors. We find that all existing WiFi devices respond to fake packets transmitted to them. We believe this behavior creates many threats as well as opportunities. For example, one can couple this behavior with WiFi sensing and localization techniques to create a new class of security threats. In particular, by continuously sending fake frames to a target device, and measuring the properties of the ACK signal, one can extract sensitive personal information. Similarly, an attacker may use this behavior to quickly drain the battery of WiFi devices by continuously sending fake packets to them. Despite these threats, we also believe that the Polite WiFi behavior can open up new opportunities to WiFi sensing applications by making them more practical and easier to deploy.