Slashdot Mirror

← Back to Stories (view on slashdot.org)

Researchers Build Covert Acoustical Mesh Networks In Air

Posted by samzenpus on from the protect-ya-neck dept.

An anonymous reader writes "Researchers at Fraunhofer FKIE, Germany have presented a paper on covert acoustical communications between laptop computers. In their paper 'On Covert Acoustical Mesh Networks in Air', they describe how acoustical communication can be used to secretly bridge air gaps between computers and connect computers and networks that are thought to be completely isolated from each other. By using ad-hoc routing protocols, they are able to build up a complete mesh network of infected computers that leaks data over multiple hops. A multi-hop acoustical keylogger is also presented where keystrokes are forwarded to an attacker over multiple hops between different office rooms. The fundamental part of the communication system is a piece of software that has originally been developed for acoustic underwater communications. The researchers also provide different countermeasures against malicious participation in a covert acoustical network. The limitations of air gaps have been discussed recently in the context of a highly advanced malware, although reports on this so-called badBIOS malware could not yet be confirmed."

3 of 107 comments (clear)

  1. Re:Lock down I/O by marcello_dl · · Score: 4, Insightful

    You mean downgrade? what about the old desktop box with no mic, an easily detachable and crappy speaker for beep, no wireless stuff integrated into the CPU as an anti theft device, no official wireless modem, and always-on fans at a fixed speed (to stop in his track the resourceful black hat that one day will try malicious communication over fan freq.).

    --
    ---- MISSING MISCELLANEOUS DATA SEGMENT --- [sigdash] trolololol
  2. This is really, really simple to understand by nctritech · · Score: 4, Insightful

    Without the software required to use the hardware for communication, the communication doesn't work. If your air-gapped computer has not been infected prior to air-gapping, this simply can't work. I can smell conspiracy theorists a mile away with "but what about malicious BIOSes or pre-infected hardware designs or..." and the solution for all of those remains the same: if it's that big of a concern, remove it from the computer. Rip open the laptop and disconnect or desolder the speakers and microphone, and while you're in there you can heat-gun off the magnetics for the network card and all the external USB port connectors. If you're gonna do paranoid, you might as well do it right.

  3. Re:Air Gaps are Evil by mlts · · Score: 4, Insightful

    The perfect is the enemy of the good.

    Air gaps may not be perfect. If one gets physical access, then things are hosed. However it does do a good job at removing an entire type of attack, i.e. from remote. An attacker would have to have a "boots on the ground" presence in order to get software on the machine to use audio as a media layer with another machine to decode it.

    Yes, it can be a threat, but it doesn't completely negate the benefits of air-gapping, and it is still prudent to keep the key signing boxes well off any network.

    As always, if someone has access, no matter how sophisticated the defense, it likely can be bypassed somehow.