So when you swipe your Android smartphone lock-screen pattern, enter a PIN number or a password in an app, your finger movements alter the radio signal and the movements are imprinted into the signal, meaning that if hackers were controlling a public Wi-Fi access point that your device is connected to, they could then reverse-engineer the signal to figure out what sensitive data you may have typed into your phone.
The researchers set up a malicious public Wi-Fi access point consisting of $20 (£16) antennas, the attacker’s laptop and a $5 Intel networking card in a café. The setup was located a metre away from a target sitting at a table with a smartphone.
Once the user connected to the free Wi-Fi, the WindTalker system was able to extract sensitive data by analysing the radio signals and processing the signals to separate the parts of the signal it needed.
I do not know how plausible this attack is in reality, but it sure sounds worth further exploration.