Of course slapping a 15kHz analogue filter on all audio ports would also work.
Grumpy old man who cant hear beyond that now =>
Computer speakers and headphones make passable microphones and can be used to receive data via ultrasound and send signals back, making the practice of air gapping sensitive computer systems less secure. In an academic paper published on Friday through preprint service ArXiv, researchers from Israel's Ben-Gurion University of …
"Of course slapping a 15kHz analogue filter on all audio ports would also work."
Actually no. You could still use lower frequencies. Thanks to spread spectrum technologies you can make that less silent than the fans. All you would hear is a very soft noise from your speakers. You couldn't even be sure if that actually came from the speakers or some fan running at low speed.
What you can do is of course to install an amplifyer between the sound chip and your speakers/headphones so information can only travel one way and turn off your microphones when you don't need them.
Before I even clicked the article I knew exactly where this "research" was from. Do tell? How do you get the malware on the air gapped pc in the first place? The point of air gapping a pc is that it never touches the internet, ever. I can't wait till the next exciting episode where they use the mouse laser to send morse code or detect passwords by key sounds.
The other thing is, most air-gapped PCs don't have speakers attached either, at least in my experience.
They are there to control some industrial equipment, so they don't generally need speakers (and a majority of late have also been fanless, which knocks out the 2nd attack form)...
But, yes, the question is, how do you infect the air-gapped PC in the first place? If you have properly air-gapped it, it can't be infected...
"How do you get the malware on the air gapped pc in the first place?"
Quite. And if they've managed that its game over anyway. Also if its a laptop you have full control of you might just as well use the built in microphone to receive data instead of fannying about with the speakers. Thats assuming for some reason the malware can't switch on the built in wifi!
This research is interesting from a technical point of view but virtually irrelevant from a security one.
"How do you get the malware on the air gapped pc in the first place? The point of air gapping a pc is that it never touches the internet, ever"
The problem with that is it only takes one person to make a mistake, and the Malware is in the system. Stuxnet got into a secure Nuclear facility. From what I understand, all it took was for a Siemens engineer to open an infected document on his laptop at home, then plug the laptop into the secure network. Even just plugging a USB into an infected computer, then into an airgapped computer is entirely possible.
The reflections off my eyeballs - where I'm looking. Or the bodies in front of the screen moving about a room - infrared included.
While this seems silly given current consumer technology it certainly seems possible and possibly being actively developed.
Some years ago, there was an article – I don't recall where – about recovering data off screens by looking at the illumination of window blinds or curtains from a distance.
This may be easier with low resolution screens, as detection of individual pixels will be easier at the slower pixel rate.
Audiophile speakers and professional studio quality microphones, just may be able to communicate in the 18khz to 24khz range. The roll off on professional kit in this range is, I guess between ±3dB and ±6dB, it's been years since I worked in a studio.
Your average consumer microphone and PC/laptop speakers I believe would need to communicate with each other at a volume and frequency range a human... even an old one like me, could hear.
The theoretical problem the 'researchers' posed is nonsense. At the distance one has to be for a decent transfer speed, one may as well being sitting at the keyboard. They also miss the point of air-gapping: the computer is isolated from the most dangerous external threats. For an air-gapped computer to be compromised one would need physical access which limits the number of people dramatically to maybe a handful. Exploits with an effective range of a few meters that can easily be blocked (play music in the room) are not worth worrying about.
"The people who build them and ship them have physical access so that's one hell of a big handful."
So what do you do, compromise all of them in hope that you'll eventually find one online that shares a room with an air-gapped one you're interested in? However, just to be on the safe side, if you're installing an air-gapped machine make sure it's a different make to any others in the room.
With just in time manufacturing you could get quite specific. And if you stuffed something in the BIOS then infecting everything is no big deal. Compromise the machines you are potentially interested in at source. You just need a listening device not another machine in the same room and you can build that into the wall.
Just because in your mind the case does not exist, does not mean the case does not exist.
In many industries, PCs are tools, with an expected life in decades. Medical equipment, CNC machines, whatever. Air gapping there is all about simply not connecting them to the internet / a network (BSG75 style) - we're not talking national security.
The threat is therefore not theoretical. Infection vector is an issue, of course, but even those old machines need updating sometimes, with a (potentially infected) USB stick say.
Fast forward a few steps and find deep learning embedded into malware - searching for the best form of comms... This research is actually useful, because it forces those who need to think about these things for their situations to think further about every part of the machine (not just the ethernet jack).
There is a Reddit site that has been up for several years since "BadBios" was first proposed.
Some users of the site claim to have fallen victim to strange and unusual ongoing attacks.
It is not for me to say if the commentards are victims from actual malware attacks or victims of a form of mental stress brought on by the never ending "whack-a-mole" that is computer security or adverse reaction to revelations of government surveillance. They are victims nonetheless.
Biting the hand that feeds IT © 1998–2019