Slashdot Mirror

← Back to Stories (view on slashdot.org)

LED Lights: Friend or Foe?

Posted by michael on from the brilliant-deductions dept.

elfdump writes: "In an article (pdf) soon to be published in ACM Transactions on Information and Systems Security, security researchers have discovered that data transmitted through modems and routers can be remotely reconstructed from the equipment's LED status indicators. According to experiments, their light-to-information retrieval method is successful even when the light is captured 'at a considerable distance' from the source. If you want to prevent people from spying on your data, you may want to tape up those blinking LEDs!"

5 of 597 comments (clear)

  1. Re:bullshit by k2enemy · · Score: 5, Informative

    if you read the article, they implemented this at speeds up to 56k and said the physics should hold up until 10mb. look up at the light in your bedroom. you would probably say that its on. but its really flashing on and off faster than you can see. same thing with that led on your modem. when you see one blink it is most likely a lot of blinks faster than your eye can see, but not faster than optical equipment can see.

  2. Re:ummm...doubtful by CaseyB · · Score: 5, Informative
    I've seen my lights blink, and I don't think that there's any way... I'm throwing in the towell and saying I don't think so....

    "+1, informative"? Heh, mods are on crack again.

    Have a look into a Toslink digital audio connector some time. It's using a plain old LED to transmit information. It looks to the naked eye like it's on solid, there's no flicker whatsoever. What would you "think" if you saw that? Your gut reaction is totally off base here.

  3. CRT's can nail you too by phr2 · · Score: 5, Informative

    Here's a paper by the amazing Markus Kuhn (who has done many other brilliant security hacks besides this) showing how CRT display contents can be reconstructed from the light given off by the screen, even when the light is reflected diffusely off a wall. It makes me glad I use an LCD monitor.

  4. *Can* tell 1 from 0 by mclearn · · Score: 5, Informative
    I see lots of posts already from people claiming this is a hoax based on the fact that you can't tell a one from a zero. Well if you RTFA (article), they explain how this can be done through the use of decoding the physical encoding done by the hardware. They explain that the encoding scheme used is a NRZ-L (non-return-to-zero level). This means that everything can be assumed to be a one except for when data is being transmitted, in which case the bits are zeros.

    This is a PHYSICAL encoding, not something cooked up by them. It's used in a variety of devices. Look it up.

    There are other schemes, including non-return-to-zero inverted, and non-return-to-zero space. However these two encoding schemes do not work with absolute values, only transitions from one value to another (ie. from one to zero, or zero to one). There is also Return-to-zero and biphase encoding schemes as well, which attempt to correct problems found in the non-return-to-* schemes. However, NRZ-L is the most simple form of encoding, IIRC.

  5. Re:Tempest by CaseyB · · Score: 5, Informative
    It's a question of whether the indicator is what the article terms a "Class II" device (signal based on activity) or a "Class III" indicator (signal based on data). You, and everyone else that failed to read the article before posting hunches, can read go read page 10, which has a list of various devices shows those that have class III indicators that are susceptible to the snooping in question.

    The Cisco 4000 and 7000 IP Routers are "Class III" devices, and they're relatively popular.