Slashdot Mirror

← Back to Stories (view on slashdot.org)

Researchers Build Covert Acoustical Mesh Networks In Air

Posted by samzenpus on from the protect-ya-neck dept.

An anonymous reader writes "Researchers at Fraunhofer FKIE, Germany have presented a paper on covert acoustical communications between laptop computers. In their paper 'On Covert Acoustical Mesh Networks in Air', they describe how acoustical communication can be used to secretly bridge air gaps between computers and connect computers and networks that are thought to be completely isolated from each other. By using ad-hoc routing protocols, they are able to build up a complete mesh network of infected computers that leaks data over multiple hops. A multi-hop acoustical keylogger is also presented where keystrokes are forwarded to an attacker over multiple hops between different office rooms. The fundamental part of the communication system is a piece of software that has originally been developed for acoustic underwater communications. The researchers also provide different countermeasures against malicious participation in a covert acoustical network. The limitations of air gaps have been discussed recently in the context of a highly advanced malware, although reports on this so-called badBIOS malware could not yet be confirmed."

20 of 107 comments (clear)

  1. Apple already sells this by ArcadeMan · · Score: 3, Funny

    It's called AirPort.

    --
    Get free satoshi (Bitcoin) and Dogecoins
    1. Re:Apple already sells this by ArcadeMan · · Score: 4, Funny

      Vibrations of air, like the woosh that just went over your head?

      --
      Get free satoshi (Bitcoin) and Dogecoins
  2. Lock down I/O by l2718 · · Score: 3, Funny

    An "air gap" means making sue a computer cannot exchange information with other computers. LAN is one way to do so, but other sensors on the computer can be used for input, and other devices for output. Is it really a surprise that the microphone on a computer can be used as an input device?

    1. Re:Lock down I/O by K.+S.+Kyosuke · · Score: 2

      I guess it's time for us to upgrade to vacuum-gapped computers.

      --
      Ezekiel 23:20
    2. Re:Lock down I/O by marcello_dl · · Score: 4, Insightful

      You mean downgrade? what about the old desktop box with no mic, an easily detachable and crappy speaker for beep, no wireless stuff integrated into the CPU as an anti theft device, no official wireless modem, and always-on fans at a fixed speed (to stop in his track the resourceful black hat that one day will try malicious communication over fan freq.).

      --
      ---- MISSING MISCELLANEOUS DATA SEGMENT --- [sigdash] trolololol
    3. Re:Lock down I/O by Somebody+Is+Using+My · · Score: 2

      I see your vacuum-gapped computer and raise you a webcam + CAPSLock LED.

    4. Re:Lock down I/O by bhassel · · Score: 2

      I wonder what sort of bitrate you could get by modulating energy consumption...

  3. Air Gaps are Evil by TechyImmigrant · · Score: 3, Interesting

    Air gaps are a liability. They do not work as advertised. Covert audio channels have nothing to do with it.

    When you put a computer in a faraday cage with an air gap, you still need to computer to have some input and output in order to be useful.
    So the air gap requires that a human periodically walks into the room and interacts with the machine. At this point, the options for undermining the security of the system have gone up exponentially.

    The reality of air gaps is that key signing ceremonies take place with several people packed in the room, while CDs are passed back and forth and put in the machine holding the CSRs, the software and signed certs.

    If you instead had a wire to the machine in the room, you could monitor the transactions over the wire. You could ensure a non turing complete language is used in the wire protocol. You can deny humans access. You can apply defense in depth to a wire. No so much to a room full of humans.

    Air gaps are evil.

    --
    I should use this sig to advertise my book ISBN-13 : 978-1501515132.
    1. Re:Air Gaps are Evil by mlts · · Score: 4, Insightful

      The perfect is the enemy of the good.

      Air gaps may not be perfect. If one gets physical access, then things are hosed. However it does do a good job at removing an entire type of attack, i.e. from remote. An attacker would have to have a "boots on the ground" presence in order to get software on the machine to use audio as a media layer with another machine to decode it.

      Yes, it can be a threat, but it doesn't completely negate the benefits of air-gapping, and it is still prudent to keep the key signing boxes well off any network.

      As always, if someone has access, no matter how sophisticated the defense, it likely can be bypassed somehow.

    2. Re:Air Gaps are Evil by AK+Marc · · Score: 2

      You can have secure or usable, not both. And when you get so secure as to be unusable, the users will undermine security for usability. Air gaps are almost always done in a way that doesn't improve security.

      --
      Learn to love Alaska
  4. Some Technical Details. by Jah-Wren+Ryel · · Score: 4, Informative

    They used Lenovo T400 laptops which are circa 2008 models, no extra audio hardware. They could do 20bits/sec over nearly meters 20 meters if they had line-of-site between the laptops.

    --
    When information is power, privacy is freedom.
    1. Re:Some Technical Details. by gl4ss · · Score: 2

      was the earlier story about a researcher bitching about his laptop being hacked through this an advert for these guys?

      well.. he claimed to have bios infection which did the airgap jump..

      just that you can encode and decode information to and from audio isn't that much of a news.

      --
      world was created 5 seconds before this post as it is.
    2. Re: Some Technical Details. by ceoyoyo · · Score: 2

      Skype works extremely poorly on an air gapped machine.

  5. Re:band pass filters by MightyYar · · Score: 2

    Filters usually have some consequence. Something approaching an ideal low-pass filter can be applied to a recorded signal, since you can assume a zero level before and after the recording. But a real-time filter has to make compromises and will result in some kind of distortion (ringing artifacts mostly). You can improve things by adding a delay, but if this delay is too long then you run into latency problems for real-time applications like chat. I'm sure you could produce something of acceptable quality, but it wouldn't necessarily be trivial or transparent.

    --
    W..w..W - Willy Waterloo washes Warren Wiggins who is washing Waldo Woo.
  6. So I have to disable my audo hardware now? by bobbied · · Score: 2, Informative

    Oh great... Can't you hackers just leave well enough alone?

    I've had to disconnect my network cable, remove the wireless card, and disable all the USB ports to make my machine secure and now I have to disable the audio hardware too? Man, this is getting out of hand..

    Seriously though... This is new how? We have been sending data using audio cards between computers for decades. I remember cranking up the cassette tape drive to load programs into my TRS-80 in high school and hooking up to an acoustic modem to get on dial up AOL. Recently I've used my computer to talk to another computer halfway around the world though an RF link provided by my ham radio. Hams routinely transfer "data" over packet, PSK and other modes over audio links using their audio cards in their computers.

    Oh, wait, so the ad-hock links are the new thing? Um, not so fast there either. Mesh networks have been around long enough to fall in and out of favor once or twice. Ham radio operators might know about HSMM Mesh http://www.broadband-hamnet.org/ has been doing mesh networks for nearly a decade, and the protocol it uses internally wasn't the first. So this is not new..

    I conclude that NOTHING here is new, except perhaps combining an audio network link with a mesh networking protocol.... But I don't see that as ground breaking..

    The only thing this will really do is make it necessary to disable/remove audio hardware from secure computers, just because somebody might try to use it for something stupid. Thanks guys (and gals if there are any working on this) for making my life harder...

    --
    "File to fit, pound to insert, paint to match" - Aircraft Maintenance 101
  7. This is really, really simple to understand by nctritech · · Score: 4, Insightful

    Without the software required to use the hardware for communication, the communication doesn't work. If your air-gapped computer has not been infected prior to air-gapping, this simply can't work. I can smell conspiracy theorists a mile away with "but what about malicious BIOSes or pre-infected hardware designs or..." and the solution for all of those remains the same: if it's that big of a concern, remove it from the computer. Rip open the laptop and disconnect or desolder the speakers and microphone, and while you're in there you can heat-gun off the magnetics for the network card and all the external USB port connectors. If you're gonna do paranoid, you might as well do it right.

  8. Anyone remember bus radio? by TheCarp · · Score: 2

    Not only is it not new, I remember almost 10 years ago now, somebody had demonstrated that he could slam the bus in such a way as to generate radio signals that he could pick up on a nearby reciever.

    There was even a slashdot story about it back then, but damned if I can find anything on it now. Pretty sure it was only a one way channel but, depending on the circumstances, that could be enough.

    --
    "I opened my eyes, and everything went dark again"
  9. Re:Space Gap by OhSoLaMeow · · Score: 2

    Soon we'll have marketers pitching space-gapped machines, so even the acoustics are blocked.

    Then one computer will display moving lips and another computer will read said lips.

    I'm sorry Dave, I'm afraid I can't do that.

    --
    They can take my LifeAlert pendant when they pry it from my cold dead fingers.
  10. Re:band pass filters by Anonymous Coward · · Score: 3, Informative

    You're both uninformed. Computers don't lack filters. There are analog low pass filters on all audio inputs, because they're necessary (see the Nyquist/Shannon sampling theorem). The thing is, the cutoff frequencies are necessarily above the audible range, because there are no perfect "brick-wall" filters. For systems with sampling rates higher than 44.1kHz, the cutoff frequencies are far above the audible range. Otherwise what would be the point of providing the high sampling rate? Yes, it's audiophile hocus-pocus, but people buy it. None of this is relevant to the topic though, because the researchers used frequencies which are theoretically audible. But most adults don't hear much above 15kHz, so they don't notice these "audible" frequencies. When TVs were still called "tube", did you hear a high pitched sound in TV stores? If not, your audible range is already significantly diminished. The horizontal frequency is ca. 16kHz and the oscillating magnetic field caused parts in some TV sets to vibrate and emit noise at that frequency.

  11. Re:Three words: by Minwee · · Score: 2

    Good idea. You could turn up the noise level to defeat just about anything, and then call it The Cone Of Silence.

    Who could possibly object to that?