The Computer Security Threat From Ultrasonic Networks

KentuckyFC (1144503) writes Security researchers in Germany have demonstrated an entirely new way to attack computer networks and steal information without anybody knowing. The new medium of attack is ultrasonic sound. It relies on software that uses the built-in speakers on a laptop to broadcast at ultrasonic frequencies while nearby laptops listen out for the transmissions and pass them on, a set up known as a mesh network. The team has tested this kind of attack on a set of Lenovo T400 laptops infected with key-logging software. They say it is possible to transmit ultrasonic signals covertly at data rates of 20 bits per second at distances of up to 20 metres in an office environment. Interestingly, the team created the covert system by adapting a protocol designed for underwater acoustic communication. They've also tested various strategies for defeating this kind of attack. An obvious option is to disable all speakers and microphones but this also prevents ordinary activities such as VOIP communication. Instead, they suggest filtering the audio signals to prevent ultrasonic transmissions or converting them into an audible frequency. This may be newer than most attack vectors, but it's not the first time that ultrasonic transmission has been demonstrated as a vulnerability; in November of last year we mentioned malware operating along the same lines, as investigated byPwn2Own creator Dragos Ruiu.

A (hidden) communication channel is not an attack

[thospel]

WTF ? That's a covert communication channel, not an attack.
At least the original source gets that right. But what idiot writes the slashdot version of the article?

Does it really matter?

[mrspoonsi]

For this to work, the computers must already be 'owned', the fact the computers can communicate 20 meters with another infected machine is the least of the worries if you ask me.

Fix

[Bazman]

Headphones. Or dummy jack-plugs.

"Threat" from last year???

[LordLimecat]

Dragos Ruiu's findings from last year were never able to be reproduced by an outsider, and were highly suspect. Sometimes you can be a brilliant security guy, and also a delusional paranoid-- and I think the general consensus was that in that scenario, Dragos was being delusionally paranoid.

The idea that various laptop speakers (all of varying and generally poor quality) will be able to reliably form a wireless network is really far-fetched, no matter how you cut it. Every laptop's mic is different, the speakers are all in different locations, some mics are gonna be off, the acoustics of the room are unknown....

Theres just no way for this to reliably work.

Re:"Threat" from last year???

> Every laptop's mic is different, the speakers are all in different locations, some mics are gonna be off, the acoustics of the room are unknown....

Says the guy demonstrating his utter lack of knowledge about DSP. All of those things can be compensated for with the right software, The price is simply reduced throughput. But when you've got days or weeks to run because no one even knows to look for you, even just 1bps can be sufficient.

Dragos being right or wrong says absolutely nothing about the viability of these techniques, only about his particular circumstances.

Re:Not that new

[slew]

FWIW, Back in the 90's people were also worried about tempest-like stuff (e.g., EM emissions), but simply disabling the speakers isn't enough to inhibit the sonic transmission path. Electronics can "hum" at ultra-sonic frequencies (and fans can transmit audible frequencies), so by running of a suitable thermal virus actions, it is possible to leak information from a previously compromised machine that was not network connected.

However, disabling the microphone would certain make it harder to control such a compromised, air-gapped machine...