Stories
Slash Boxes
Comments

SoylentNews is people

posted by martyb on Wednesday May 06 2020, @12:41AM   Printer-friendly
from the gotta-build-a-better-box dept.

OK, so you've air-gapped that PC. Cut the speakers. Covered the LEDs. Disconnected the monitor. Now, about the data-leaking power supply unit...

Video Israeli cyber-security side-channel expert Mordechai Guri has devised a way to pilfer data from devices that have been air-gapped and silenced.

[...] An obvious defense against acoustic data transmission is to disable any speakers on the protected device, a practice known as audio-gapping.

But Guri's latest research shows that's not enough. He and his team have found a way to turn the power supply in an isolated, muted machine into a speaker of sorts, one capable of transmitting data at a rate of 50 bits/sec.

He calls the attack POWER-SUPPLaY. The technique has the potential to be used against PC workstations and servers, as well as embedded systems and IoT devices that have no addressable audio hardware.

"We show that malware running on a PC can exploit its power supply unit (PSU) and use it as an out-of-band speaker with limited capabilities," a paper [PDF] detailing the technique explained. "The malicious code intentionally manipulates the internal switching frequency of the power supply and hence controls the waveform generated from its capacitors and transformers."

[...] Guri and others have developed a handful of similar TEMPEST attack schemes, such as luminance signaling via LCD screen fluctuations (BRIGHTNESS), acoustic signaling using fan modulation (FANSMITTER), data exfiltration via power cables (POWERHAMMER), and covert signaling via keyboard lights (CTRL-ALT-LED).

- archive.org alternate link


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 2) by FatPhil on Wednesday May 06 2020, @08:55AM (1 child)

    by FatPhil (863) <pc-soylentNO@SPAMasdf.fi> on Wednesday May 06 2020, @08:55AM (#991005) Homepage
    Valuable information can be very small in size, so the rate isn't really important. However your second point is the only thing that matters, and which makes this story evaporate into a puff of stupidity. If someone else's PC is running your software, it's your computer now anyway.
    --
    Great minds discuss ideas; average minds discuss events; small minds discuss people; the smallest discuss themselves
    Starting Score:    1  point
    Karma-Bonus Modifier   +1  

    Total Score:   2  
  • (Score: 1) by shrewdsheep on Wednesday May 06 2020, @10:27AM

    by shrewdsheep (5215) on Wednesday May 06 2020, @10:27AM (#991021)

    For most "use cases" it seems sheer stupidity. However, think of a stuxnet type operation. You need to keep in stealth mode. If other computers do have microphones, you can build your own network. Use it for slow updates, getting the critical signal through.