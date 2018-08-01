from the stop-whining-we-can-see-you dept.
Daniel Genkin of the University of Michigan, Mihir Pattani of the University of Pennsylvania, Roei Schuster of Cornell Tech and Tel Aviv University, and Eran Tromer of Tel Aviv University and Columbia University investigated a potential new avenue of remote surveillance that they have dubbed "Synesthesia"[1]: a side-channel attack that can reveal the contents of a remote screen, providing access to potentially sensitive information based solely on "content-dependent acoustic leakage from LCD screens."
The research, supported by the Check Point Institute for Information Security at Tel Aviv University[2] (of which Schuster and Tromer are members) and funded in part by the Defense Advanced Research Projects Agency, examined what amounts to an acoustic form of Van Eck phreaking. While Van Eck phreaking uses radio signal emissions that leak from display connectors, the Synesthesia research leverages "coil whine," the audio emissions from transformers and other electronic components powering a device's LCD display.
source: https://arstechnica.com/information-technology/2018/08/researchers-find-way-to-spy-on-remote-screens-through-the-webcam-mic/
archived: https://archive.fo/ZmO62
[1] https://www.cs.tau.ac.il/~tromer/synesthesia/synesthesia.pdf & https://www.cs.tau.ac.il/~tromer/synesthesia/
[2] http://cpiis.cs.tau.ac.il/
(Score: 4, Funny) by The Mighty Buzzard on Wednesday August 29, @09:06PM
Yet another reason to run multiple monitors and scoff at the silly fuckers who insist on getting rid of fan noise.
"Buzzy, you're probably the dumbest person I've ever encountered. Well, there is aristarchus, so make it 2nd dumbest."
(Score: 2) by SemperOSS on Wednesday August 29, @09:12PM (6 children)
So, what are the bandwidth requirements for this?
Assume a screen of 1,024 by 800 pixels (smallish screen) = 819,200 pixels. Assume a refresh rate of 24 Hz (slow refresh rate), that's 19,660,800 updates per second. With a black and white screen (i.e. one bit per pixel), you would need a bandwidth of more then 19 MHz to decipher the screen properly and 24 times that with 8-bit per colour RGB pixels. I think that even the best microphones would have problem with that bandwidth.
They may be able to gain partial insight in some of the lower frequency, per whole line, information, like the overall intensity, but beyond that I'd like to see a demonstration before I accept it.
I don't need a signature to draw attention to myself.
(Score: 2) by dbe on Wednesday August 29, @09:32PM
The answer is at the end of the article:
So a very low bandwidth indeed, a sort of low quality TEMPEST system...
https://en.wikipedia.org/wiki/Tempest_(codename) [wikipedia.org]
(Score: 0) by Anonymous Coward on Wednesday August 29, @09:34PM (2 children)
Except that isn't actually needed if you aren't trying to read pixels which are changing every refresh.
Generally the most important thing to someone spying on you will be text. Text tends to have decent contrast, and the pixels tend to change very infrequently. So it is completely conceivable that some kind of statistical averaging could be done over a large number of frames, which would reveal the text being displayed.
(Score: 3, Funny) by requerdanos on Wednesday August 29, @10:10PM (1 child)
We have determined that your password is:
(Score: 2) by Azuma Hazuki on Wednesday August 29, @10:55PM
It's hunter2, it just looks like ******* to everyone else =p
(Score: 0) by Anonymous Coward on Wednesday August 29, @09:36PM
To reconstruct every pixel of every frame, yes. But if the screen is static, not at all. Their research uses 'zebras' (black and white stripes) as proof of concept but it's not limited to such a pronounced signal.
Your post also has a distinct error, not just a failure to read the article. Assuming a relatively static screen, ie.not a wildly flashing strobe video, the same pixel will have a similar value from frame to frame, so in fact the 'refresh rate' doesn't apply at all, because of how sampling and aliasing apply.
(Score: 2) by RandomFactor on Wednesday August 29, @10:39PM
So they reinvented the modem?
(Score: 2) by Azuma Hazuki on Wednesday August 29, @09:18PM (1 child)
"Van Eck" is my family name, but no relation to the researcher who first pioneered the technique. It's weird to read this. Though I *am* the kind of devious, corkscrew-minded little sneak who thinks about side channels a lot...
(Score: 0) by Anonymous Coward on Wednesday August 29, @11:30PM
Hmm, I would have thought "back channels" instead.
(Score: 0) by Anonymous Coward on Wednesday August 29, @09:31PM (1 child)
They are going to get it one way or another at this point Nothing is safe.
All we can do now is try to minimize the damage and make recovery easier.
(Score: 2) by requerdanos on Wednesday August 29, @10:12PM
Congratulations, NSA. Your despair campaign is going well. Mod parent up!