back to article Air gapping PCs won't stop data sharing thanks to sneaky speakers

Computer speakers and headphones make passable microphones and can be used to receive data via ultrasound and send signals back, making the practice of air gapping sensitive computer systems less secure. In an academic paper published on Friday through preprint service ArXiv, researchers from Israel's Ben-Gurion University of …

Silver badge
Windows

Of course slapping a 15kHz analogue filter on all audio ports would also work.

Grumpy old man who cant hear beyond that now =>

48
0
Reply

An appreciation of a good bass player is useful as you get older :)

7
0
Reply
Silver badge

I just blow a dog whistle the whole time the computer is on.

27
0
Reply
Silver badge

"Of course slapping a 15kHz analogue filter on all audio ports would also work."

Actually no. You could still use lower frequencies. Thanks to spread spectrum technologies you can make that less silent than the fans. All you would hear is a very soft noise from your speakers. You couldn't even be sure if that actually came from the speakers or some fan running at low speed.

What you can do is of course to install an amplifyer between the sound chip and your speakers/headphones so information can only travel one way and turn off your microphones when you don't need them.

Also don't run malware and don't allow Javascript to access the sound devices.

5
0
Reply
Anonymous Coward

Before I even clicked the article I knew exactly where this "research" was from. Do tell? How do you get the malware on the air gapped pc in the first place? The point of air gapping a pc is that it never touches the internet, ever. I can't wait till the next exciting episode where they use the mouse laser to send morse code or detect passwords by key sounds.

43
6
Reply

"Before I even clicked the article I knew exactly where this "research" was from."

Yeah, weren't they the ones who tested offloading data optically from hard drive LED flashes?

17
0
Reply
Anonymous Coward

Yep and also power supply hums to steal encryption keys along with the monitor frequency hack that allowed you to extract jpegs using nothing but a camera.

I'm not sure if I'm projecting my sarcasm properly here, it's difficult when posting anonymously.

30
1
Reply
Silver badge
Meh

Probably their next paper will be about extracting data from an air-gapped PC by training a camera at the screen while it displays information.

21
1
Reply

Re: training a camera at the screen while it displays information

Just make the screen flicker a bit.

6
0
Reply
Anonymous Coward

Shhh, don't give them ideas, they are master hackers after all.

8
0
Reply

The keyboard sounds one has already been done 8 years ago - https://www.inf.ed.ac.uk/publications/thesis/online/IM100855.pdf

7
0
Reply
Silver badge

Be nice!

BGU was ranked between 101st and 150th overall in computer science for four consecutive years!

(According to The Shanghai Ranking Consultancy's 2015 Academic Ranking of World Universities in Computer Science, whatever the hell that means.)

6
4
Reply
Silver badge

The other thing is, most air-gapped PCs don't have speakers attached either, at least in my experience.

They are there to control some industrial equipment, so they don't generally need speakers (and a majority of late have also been fanless, which knocks out the 2nd attack form)...

But, yes, the question is, how do you infect the air-gapped PC in the first place? If you have properly air-gapped it, it can't be infected...

11
2
Reply
Silver badge

"But, yes, the question is, how do you infect the air-gapped PC in the first place? If you have properly air-gapped it, it can't be infected..."

License key update via USB.

4
0
Reply
Silver badge

"How do you get the malware on the air gapped pc in the first place?"

Quite. And if they've managed that its game over anyway. Also if its a laptop you have full control of you might just as well use the built in microphone to receive data instead of fannying about with the speakers. Thats assuming for some reason the malware can't switch on the built in wifi!

This research is interesting from a technical point of view but virtually irrelevant from a security one.

5
0
Reply
Anonymous Coward

It's easy to get the malware on these days.

In the middle of the night, one PC says "Hey Cortana, download https://dodgy.site.com/malware.msi"

6
0
Reply

This post has been deleted by its author

"How do you get the malware on the air gapped pc in the first place? The point of air gapping a pc is that it never touches the internet, ever"

The problem with that is it only takes one person to make a mistake, and the Malware is in the system. Stuxnet got into a secure Nuclear facility. From what I understand, all it took was for a Siemens engineer to open an infected document on his laptop at home, then plug the laptop into the secure network. Even just plugging a USB into an infected computer, then into an airgapped computer is entirely possible.

3
1
Reply
Trollface

I sometimes like to say "I know you're listening." randomly just to fuck with them.

24
0
Reply
Anonymous Coward

You are looking for Diplomatix.

4
0
Reply
Anonymous Coward

I once had to wave and type "I see what you did" on the screen... only to notice I had hit the one laptop shortcut that launches the camera app.

It was late, there may have been beer, and for 5 seconds I thought the NSA *was* watching.

5
0
Reply

You'll be fine, you've your camera counter measure in place haven't you...?

2
0
Reply
Silver badge

I suppose someone will tell me next that my LED screen/light-bulb is watching me...

The reflections off my eyeballs - where I'm looking. Or the bodies in front of the screen moving about a room - infrared included.

While this seems silly given current consumer technology it certainly seems possible and possibly being actively developed.

7
0
Reply
Silver badge
Big Brother

Re: I suppose someone will tell me next that my LED screen/light-bulb is watching me...

Enhance!

https://vimeo.com/69663986

2
0
Reply

Re: I suppose someone will tell me next that my LED screen/light-bulb is watching me...

Some years ago, there was an article – I don't recall where – about recovering data off screens by looking at the illumination of window blinds or curtains from a distance.

This may be easier with low resolution screens, as detection of individual pixels will be easier at the slower pixel rate.

1
1
Reply
Silver badge

Does anyone else have a sense of deja vu?

9
0
Reply

Deja vue all over again

Sure did. And it was also reported on The Register.

https://www.theregister.co.uk/2013/12/05/airgap_chatting_malware/

8
0
Reply
Silver badge
Pint

Does anyone else have a sense of deja vu?

Yes.

Yes.

15
0
Reply
Silver badge

You're all forgetting the purpose of this research: published papers.

18
0
Reply

1 bit per sec? This is a joke right?

2
7
Reply
Anonymous Coward

80000 bits is enough for anyone though.

5
0
Reply

Fast enough...

You can get a big cryptyo key out in less than an hour.

6
0
Reply
Silver badge

Theory and in practice?

Audiophile speakers and professional studio quality microphones, just may be able to communicate in the 18khz to 24khz range. The roll off on professional kit in this range is, I guess between ±3dB and ±6dB, it's been years since I worked in a studio.

Your average consumer microphone and PC/laptop speakers I believe would need to communicate with each other at a volume and frequency range a human... even an old one like me, could hear.

7
0
Reply
Silver badge

Re: Theory and in practice?

yup...

Especially given the directionality of high frequency sound, and the fact that the speakers would generally not be aimed at each other...

You'd need to put out some serious volume to get anywhere. Well into hearing range of all but the most disco-deaf.

5
0
Reply
Anonymous Coward

Re: Theory and in practice?

"...in the 18khz to 24khz range."

kHz! Das H in Hz ist ein Großbuchstabe.

Vielen Dank.

Mit herzlichen Grüßen

-Heinrich

21
0
Reply
Def
Silver badge
Joke

Re: Theory and in practice?

khz = kilo-heinz. It measures the ratio between a mixture's liquids to solids where one heinz is approximately the same as a tin of beans.

20
0
Reply
Silver badge

Re: Theory and in practice?

Hz needs an El Reg alternative to avoid all this confusion.

2
0
Reply
Paris Hilton

Re: Theory and in practice?

I nominate the boing. The average rate you'd pound this at --->

3
3
Reply

Re: Theory and in practice?

He, Heinz, du Rechtschreibeblockwart,

gratuliere, du hast was gefunden.

Jetzt troll dich zurück ins Heise-Forum, zum Rest Deinesgleichen.

1
0
Reply
Silver badge

Re: Theory and in practice?

Hz needs an El Reg alternative to avoid all this confusion.

I propose the "Ouch".

2
0
Reply
Silver badge

Re: Theory and in practice?

I propose the kilometer per second per megaparsec which, as we learned the other day, is used to express the Hubble non-constant. It's about 30 zeptoherz.

2
0
Reply
Silver badge

Relevance

The theoretical problem the 'researchers' posed is nonsense. At the distance one has to be for a decent transfer speed, one may as well being sitting at the keyboard. They also miss the point of air-gapping: the computer is isolated from the most dangerous external threats. For an air-gapped computer to be compromised one would need physical access which limits the number of people dramatically to maybe a handful. Exploits with an effective range of a few meters that can easily be blocked (play music in the room) are not worth worrying about.

7
3
Reply

Re: Relevance

The people who build them and ship them have physical access so that's one hell of a big handful.

2
0
Reply
Silver badge

Re: Relevance

Nah... not nonsense". Someone got a paper published. Someone got a degree. Someone got some funding. It's all good. Now we just need to define "good".

13
1
Reply
Silver badge

Re: Relevance

"The people who build them and ship them have physical access so that's one hell of a big handful."

So what do you do, compromise all of them in hope that you'll eventually find one online that shares a room with an air-gapped one you're interested in? However, just to be on the safe side, if you're installing an air-gapped machine make sure it's a different make to any others in the room.

4
1
Reply

Re: Relevance

@Doctor

With just in time manufacturing you could get quite specific. And if you stuffed something in the BIOS then infecting everything is no big deal. Compromise the machines you are potentially interested in at source. You just need a listening device not another machine in the same room and you can build that into the wall.

1
0
Reply

Re: Relevance

Just because in your mind the case does not exist, does not mean the case does not exist.

In many industries, PCs are tools, with an expected life in decades. Medical equipment, CNC machines, whatever. Air gapping there is all about simply not connecting them to the internet / a network (BSG75 style) - we're not talking national security.

The threat is therefore not theoretical. Infection vector is an issue, of course, but even those old machines need updating sometimes, with a (potentially infected) USB stick say.

Fast forward a few steps and find deep learning embedded into malware - searching for the best form of comms... This research is actually useful, because it forces those who need to think about these things for their situations to think further about every part of the machine (not just the ethernet jack).

4
0
Reply
Anonymous Coward

r/badBIOS

There is a Reddit site that has been up for several years since "BadBios" was first proposed.

Some users of the site claim to have fallen victim to strange and unusual ongoing attacks.

It is not for me to say if the commentards are victims from actual malware attacks or victims of a form of mental stress brought on by the never ending "whack-a-mole" that is computer security or adverse reaction to revelations of government surveillance. They are victims nonetheless.

https://www.reddit.com/r/badBIOS/

4
0
Reply
Anonymous Coward

Alexa

ME: "Alexa, can my air-gapped PC be compromised by a speaker?"

Alexa: "Of course not, don't be silly."

21
1
Reply

Re: Alexa

You forgot to add the spooky laughing.

15
1
Reply

Page:

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2018