Security Researchers Can Turn Headphones Into Microphones (techcrunch.com)

← Back to Stories (view on slashdot.org)

Security Researchers Can Turn Headphones Into Microphones (techcrunch.com)

Posted by BeauHD on Thursday November 24, 2016 @01:00AM from the proof-of-concept dept.

As if we don't already have enough devices that can listen in on our conversations, security researchers at Israel's Ben Gurion University have created malware that will turn your headphones into microphones that can slyly record your conversations. TechCrunch reports: The proof-of-concept, called "Speake(a)r," first turned headphones connected to a PC into microphones and then tested the quality of sound recorded by a microphone vs. headphones on a target PC. In short, the headphones were nearly as good as an unpowered microphone at picking up audio in a room. It essentially "retasks" the RealTek audio codec chip output found in many desktop computers into an input channel. This means you can plug your headphones into a seemingly output-only jack and hackers can still listen in. This isn't a driver fix, either. The embedded chip does not allow users to properly prevent this hack which means your earbuds or nice cans could start picking up conversations instantly. In fact, even if you disable your microphone, a computer with a RealTek chip could still be hacked and exploited without your knowledge. The sound quality, as shown by this chart, is pretty much the same for a dedicated microphone and headphones. The researchers have published a video on YouTube demonstrating how this malware works.

65 of 122 comments (clear)

Min score:

Reason:

Sort:

Small tidbit by campuscodi · 2016-11-24 01:05 · Score: 2

You don't have to be a security researcher to do that. Electrical engineers can do it as well. The point of the article is the privacy and security implications that come from malware that can switch I/O audio jacks using software toggles found in audio drivers and secretly record you while you have your headphones or simple speakers plugged in.
1. Re:Small tidbit by Big+Hairy+Ian · 2016-11-24 01:31 · Score: 1
  
  Like most transducers speakers and microphones can convert audio signals to electrical signals and vice-verse. This is nothing new I was using speakers as microphones when I was a teenager back in the 80's (God I feel old)
  
  --
  Build a Man a Fire, and He'll Be Warm for a Day. Set a Man on Fire, and He'll Be Warm for the Rest of His Life.
2. Re:Small tidbit by xtsigs · 2016-11-24 01:46 · Score: 2
  
  The authors make a point of the fact that they are presenting nothing new with the idea of using speakers as microphones. It also appears that the switches to reverse any input/output are easily manipulated. It doesn't appear there is anything especially new about the article except to point out how easy it is to snoop and how clear the victim's voice is when recorded through speakers.
  The paper also quotes from a declassified 2000 NSA document:
  
  In addition to being a possible fortuitous conductor of TEMPEST emanations, the speakers in paging, intercom and public address systems can act as microphones and retransmit classified audio discussions out of the controlled area via the signal line distribution. This microphonic problem could also allow audio from higher classified areas to be heard from speakers in lesser classified areas. Ideally. Such systems should not be used. Where deemed vital, the following precautions should be taken in full or in part to lessen the risk of the system becoming an escape medium for NSA.
  If the NSA's concerned about people being able to listen to them through paging, intercom, and public address systems (like those in grocery stores and office buildings) then it seems unlikely that they would fail to use these systems to listen in to our conversations. Having PC speakers sitting a few feet away from your voices as you have confidential conversations, or, ahem, "conversations," with coworkers just makes it that much easier for NSA or someone else to listen in with clarity.
3. Re:Small tidbit by Big+Hairy+Ian · 2016-11-24 02:20 · Score: 4, Interesting
  
  What would be more interesting is if they'd managed to do this with a PC's built in speaker
  
  --
  Build a Man a Fire, and He'll Be Warm for a Day. Set a Man on Fire, and He'll Be Warm for the Rest of His Life.
4. Re:Small tidbit by guruevi · 2016-11-24 03:12 · Score: 2
  
  It's even a "feature" not a security bug on some computers (especially tiny laptops) to have the same jacks available as both inputs and outputs. I'm fairly the MacBook Pro's with 1 jack can do it and I've seen it done on a custom computer as well.
  I want to be a 'security researcher' and state the obvious.
  
  --
  Custom electronics and digital signage for your business: www.evcircuits.com
5. Re:Small tidbit by meerling · 2016-11-24 03:53 · Score: 1
  
  Definitely, as teenagers back in the 80s we pulled that off too. Of course, we just did it for the irony, it's not like it was news worthy or anything, just weird.
6. Re:Small tidbit by JustAnotherOldGuy · 2016-11-24 04:41 · Score: 2
  
  his is nothing new I was using speakers as microphones when I was a teenager back in the 80's (God I feel old)
  The first time I did this and heard it work, I was so surprised I fell off my dinosaur.
  
  --
  Just cruising through this digital world at 33 1/3 rpm...
7. Re:Small tidbit by JustAnotherOldGuy · 2016-11-24 04:52 · Score: 2
  
  For most people, it probably was not obvious that a speaker even had the correct hardware to function as a microphone. I for one had no idea.
  It should be apparent if you think about it for a moment. A speaker is a transducer, and almost all transducers work both ways (albeit one mode is usually more efficient than the other). A speaker and a microphone are basically the same thing, just optimized for sound in or sound out.
  Stress a piezoelectric chip slightly and you get voltage, apply voltage and it bends slightly.
  Apply heat to a thermocouple and you get voltage, apply voltage and it heats up.
  Expose a photosensitive chip to light and you get voltage*, apply voltage and it will emit a small amount of light.
  Shake a mechanical motion sensor and you get voltage, apply voltage and it will move or expand/contract.
  It should really be no surprise to anyone familiar with basic physics that this is the rule, but then they stopped teaching this stuff in public schools back in the 1980s.
  
  --
  Just cruising through this digital world at 33 1/3 rpm...
8. Re:Small tidbit by JustAnotherOldGuy · 2016-11-24 04:52 · Score: 1
  
  It seems like any plugin speaker with its own amplifier would mitigate this problem. Am I correct in making this assumption?
  Generally speaking, yes.
  
  --
  Just cruising through this digital world at 33 1/3 rpm...
9. Re:Small tidbit by Vegan+Cyclist · 2016-11-24 05:12 · Score: 1
  
  Very true, or any external speakers...should be possible in theory. Pretty much every laptop has speakers, and same with PC's - my box has a little speaker for the motherboard..kind of spooky when you think about it. (Note that the record quality worsens with the sound quality of the speaker, so one designed to beep and that's all is going to be able to pick up very little.)
10. Re:Small tidbit by Antique+Geekmeister · 2016-11-24 05:38 · Score: 3, Informative
  
  > It should be apparent if you think about it for a moment. A speaker is a transducer
  Electromechanically, it's apparent. In terms of feedback that can be read by any sensory circuitry on the PC itself, it is not. A headphone or speaker circuit need have no _sensors_ that can be read or recorded by the signal generator. I'm afraid it's the introduction of simple chip solutions, designed to connect different electrical jacks to different programmable signals, and the introduction of A/D circuitry for noise cancellation and microphones that allows the cross connection of what is normally an output circuit to an input circuit.
  Such features help reduce costs of circuitry for computer motherboards by providing single well designed, well understood chips for both functions. But it's not a design requirement.
11. Re:Small tidbit by jenningsthecat · 2016-11-24 05:38 · Score: 2
  
  ... or any external speakers...should be possible in theory ...
  Not "any" external speakers. Powered speakers, (with their own amplifiers between the transducers and the input), won't send any usable signal back to the jack on the computer.
  
  --
  'The Economy' is a giant Ponzi scheme whose most pitiable suckers are the youngest among us and the yet-unborn.
12. Re: Small tidbit by Aristos+Mazer · 2016-11-24 05:40 · Score: 1
  
  Is this a good reason for Apple to remove the analog jack?
13. Re:Small tidbit by antdude · 2016-11-24 07:49 · Score: 1
  
  Which dino(saur)? T-Rex?
  
  --
  Ant(Dude) @ Quality Foraged Links (AQFL.net) & The Ant Farm (antfarm.ma.cx / antfarm.home.dhs.org).
14. Re: Small tidbit by Miamicanes · 2016-11-24 08:36 · Score: 1
  
  The internal PC speaker is a single-bit i/o line without a DAC (digital audio from it is bitbanged 1-bit pwm. Google: RealSound ). Assuming you could read the port all, the audio quality would be really bad since there's no way to quantize sampled pwm. And having at work at all assumes the i/o's data direction register can be changed.
  Basically, this exploit takes advantage of the audio chip's ability to use any line as an input or output, so you can sample stereo and output mono, or output stereo and sample mono.
15. Re: Small tidbit by Anonymous Coward · 2016-11-24 09:15 · Score: 1
  
  Most laptops already have a microphone with no hardware on/off switch.
  Laptop speakers (just like computer speakers) are powered = amplified. You might reset the speaker line into an input but the amp chip between said audio i/o and speakers will function as one way filter.
16. Re:Small tidbit by Anonymous Coward · 2016-11-24 10:02 · Score: 1
  
  The news is that this was done with the headphones plugged into the headphone jack, not the microphone jack.
17. Re:Small tidbit by JustAnotherOldGuy · 2016-11-24 10:05 · Score: 1
  
  Which dino(saur)? T-Rex?
  I think it may have been a Speakersaurus.
  
  --
  Just cruising through this digital world at 33 1/3 rpm...
18. Re:Small tidbit by dbIII · 2016-11-24 16:13 · Score: 1
  
  Here is one example of how to do it:
  http://www.omgubuntu.co.uk/201...
  I think the news here is potential malware doing it instead of it being a deliberate choice by the user.
19. Re:Small tidbit by aaronb1138 · 2016-11-24 18:36 · Score: 1
  
  Still the article and security implications are bullshit. If you can get access to installing your malware on the machine, than the physical domain of eavesdropping is irrelevant. It's not like there is a vendor selling TEMPEST secured equipment with headphone jacks but no mics (and that messing with audio drivers would pass). Switching signal direction on jacks has been a standard feature of audio chipsets since the AC'97 standard, it's just that the auto-detection routines in most CODECs would correctly direction the jack for what you plugged in.
  
  What is interesting is that this "hack" is in the same realm of overblown and needing excessive access as the Cisco VoIP phone hack that everyone was fellating Ang Cui for a few years back. Yeah, if I can hang out physically connected to a diagnostic port on someone's phone for several minutes to flash the firmware, I can do much better as far as surveillance. Not to mention the frequency that VoIP VLANs can't reach the Internet to egress their eavesdropping.
20. Re:Small tidbit by goose-incarnated · 2016-11-25 01:27 · Score: 1
  
  If you remember that picture of Mark Zuckerberg sitting at his laptop, not only was the camera taped over but also the headphone jack. He knew that there was a security problem with the headphone jack that also functioned as an audio input.
  The headphone jack on its own can do nothing. It's when you plug in headphones (or speakers) into it that the sound can be recorded.
  
  --
  I'm a minority race. Save your vitriol for white people.
amplifier by dehachel12 · 2016-11-24 01:12 · Score: 2

Would it work with amplifier+speakers ?
1. Re:amplifier by arielCo · 2016-11-24 01:45 · Score: 1
  
  Nope, because you can't "retask" an amplifier to sense the voltage at its output and feed it into its input. It only works with passive devices like nonamplified headphones (desktop speakers usually need an amp).
  
  --
  This post contains no rudeness or derision of any kind. All arguments are friendly. Terms and exclusions may apply.
2. Re:amplifier by PIBM · 2016-11-24 01:46 · Score: 1
  
  Actually, it depends on your amplifier.. But a good rule of thumb is that you would be safe. This 'hack' on PCs date back to when voice chats appeared .. since no one had dedicated pc microphone, everyone I knew was using cheap headphones.. And doing this without the user knowledge has been possible for quite a while --- since the input/ouput could be reaffected, which is also too long ago to remember. News, anyone ?
Real hackers by Anonymous Coward · 2016-11-24 01:17 · Score: 1

Real hackers pull this stunt through wireless headphones.
A headphone... by hcs_$reboot · 2016-11-24 01:17 · Score: 5, Informative

is a microphone. Both headphones and microphone share the same mechanism (using a voice coil). The microphone is more sensitive (as it generates small alternative current when the sound makes the diaphragm vibrate) ; and headphones do the opposite, its diaphragm vibrates when the device injects positive or negative current. Even a bigger speaker is sensitive enough to act as a microphone.

--
Slashdot, fix the reply notifications... You won't get away with it...
1. Re:A headphone... by Kjella · 2016-11-24 01:54 · Score: 5, Interesting
  
  Even if you know that, it is far from obvious that there will be a hardware and software interface that'll let you turn an apparent read-only/write-only device into a read/write device. It could have dedicated ports or use fused circuits to set it in a device, the coupling could have had mode indicators or firmware that forced it into headphone or microphone mode. I've never heard of any malware doing it before, so I'd say this is pretty clever.
  And I just got a scary thought, many laptops have built-in speakers that you can't easily disconnect, can they too be reprogrammed as inputs? Even if it doesn't have much reach if you can hear what the person on the laptop is doing talking on the phone or whatever, that could be huge. I mean many headsets have a mic, so if you're worried about anyone listening in you'd have disconnected it anyway, this only adds the capability to pure headphones/earbuds.
  
  --
  Live today, because you never know what tomorrow brings
2. Re:A headphone... by drinkypoo · 2016-11-24 02:05 · Score: 1
  
  I just got a scary thought, many laptops have built-in speakers that you can't easily disconnect, can they too be reprogrammed as inputs?
  That depends on the CODEC and how it is used. If it has repurposeable outputs and they use them just for routing convenience because they have more than they need on the device then it's not impossible.
  Not all codecs even have switching onboard, for those you are safe for sure. For the ones that do, it's going to be a case-by-case basis.
  
  --
  "You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
3. Re:A headphone... by Shane_Optima · 2016-11-24 02:52 · Score: 1
  
  Even if you know that, it is far from obvious that there will be a hardware and software interface that'll let you turn an apparent read-only/write-only device into a read/write device.
  I think it's a reasonable assumption that few hardware manufacturers have bothered to create a design where electrical signals can be sent to a speaker/headphone jack, but never received. That sounds like the sort of thing that would require more money to build.
  
  The software interface could/would be provided by the attacker, of course.
  
  I've never heard of any malware doing it before, so I'd say this is pretty clever.
  Meh. It's not a new idea at all. I had an electronics kit in the 6th grade that came with a little earpiece that functioned as both a speaker and a microphone. There obviously was only a single diaphragm, and when I read up on how speakers and microphones worked it was readily apparent that they were the same thing (but usually with optimizations for one functionality or the other.)
  
  And so years later when I heard about security concern over webcams, I instantly thought of the speakers as well. There's been talk about this possibility for a long time but there's been nearly as much concern as there has been vs. webcams. Probably because it's tricky, and of limited utility to regular attackers.
  
  One more thing to note though: acoustic analysis can sometimes decode keystrokes on a keyboard fairly accurately. This means that one compromised speaker in a room (perhaps in an IoT device) could be used to compromise the password for a non-compromised device.
4. Re:A headphone... by thegarbz · 2016-11-24 03:23 · Score: 2
  
  it is far from obvious that there will be a hardware and software interface that'll let you turn an apparent read-only/write-only device into a read/write device.
  Have you not used a computer in the past 15 years? The vast majority of desktop computers have come with apps to dynamically assign recording / playback outputs to various ports as you see fit. It stands to reason that the underlying hardware has been capable of this since we first started abandoning the Soundblaster.
5. Re:A headphone... by ilsaloving · 2016-11-24 04:00 · Score: 1
  
  Is CODEC the right acronym? Do you mean DAC? I know a codec to be the format in which a signal is encoded by software.
6. Re:A headphone... by koreanbabykilla · 2016-11-24 04:38 · Score: 1
  
  Codec isn't an acronym. It's short for compressor/decompresser like modem is to modulator/demodulator
7. Re:A headphone... by thebigmacd · 2016-11-24 05:38 · Score: 1
  
  CODEC isn't correct, no. An audio/video codec is an *algorithm* which operates in the digital realm, converting digital data from uncompressed to compressed format and vice-versa. A codec can be implemented in hardware but is not the hardware itself.
  Ffmpeg is a codec.
8. Re:A headphone... by ilsaloving · 2016-11-24 06:16 · Score: 1
  
  That's what I was thinking. But if so, I'm wondering what component specifically the parent is referring to, apart from it being just "the audio chip". IS there a specific term?
9. Re:A headphone... by jez9999 · 2016-11-24 08:27 · Score: 1
  
  many laptops have built-in speakers that you can't easily disconnect
  Don't they usually come with a MIC you can't easily disconnect?
  
  --
  == Jez ==
  Do you miss Firefox? Try Pale Moon.
10. Re:A headphone... by EETech1 · 2016-11-24 10:49 · Score: 1
  
  I'm just guessing here, but I would imagine that the speakers may have a small audio amplifier built into the motherboard, but headphones would be driven directly off of the chip. The amplifier would prevent the audio from the speakers going the other direction.
  Cheers
11. Re:A headphone... by Megol · 2016-11-24 13:53 · Score: 1
  
  It is correct: https://en.wikipedia.org/wiki/...
12. Re:A headphone... by syntotic · 2016-11-25 08:13 · Score: 1
  
  FINALLY! I ve been fighting without sound since 2009!!! ALL laptops come with the same defects and no solution since then. I was starting to (learn how to) record double nintendo ds double sessions when puff! BSOD. First ever in laptops. After some two hours waiting for the system to come finish diagmostics, no more recording AT ALL!!!! And since then the same ISSUE in all laptops from win7 to win10: recording does not work. But sometimes it feels like some videos do have a sound signal over them.... sometimes... So the problem is being recognized, eh? No antivirus has ever complained though, and no driver solutions available either. Maybe these comments will show a solution is needed?
13. Re:A headphone... by Agripa · 2016-11-25 15:38 · Score: 1
  
  is a microphone. Both headphones and microphone share the same mechanism (using a voice coil). The microphone is more sensitive (as it generates small alternative current when the sound makes the diaphragm vibrate) ; and headphones do the opposite, its diaphragm vibrates when the device injects positive or negative current. Even a bigger speaker is sensitive enough to act as a microphone.
  This is only true for *dynamic microphones* which are tiny voice coil speakers. Most microphones are electret microphones which are a variation of the condender microphone and nothing like speakers but in consumer gear they are increasingly being replaced by MEMS microphones.
Hasn't this always been the case by tomxor · 2016-11-24 01:31 · Score: 4, Interesting

I've noticed it's been possible to retask ports for input output on most sound cards or both for a long time... The smaller the headphone the better it would work as a passive microphone, I thought this was always obvious. This is hardly something that no one ever though of before like air gap hacks.
Phbbt by Minupla · 2016-11-24 01:31 · Score: 1

I figured that out when I was 8!
Slow researchers!
(In seriousness, its a nice hack. Now excuse me while I put black electrical tape over all my microphones... oh wait...)

--
On the whole, I find that I prefer Slashdot posts to twitter ones because I don't get limited to 140 chars before
What about the motherboard speaker? by WormholeFiend · 2016-11-24 01:34 · Score: 1

Does it work on that too if you dont have any other audio?
1. Re:What about the motherboard speaker? by drinkypoo · 2016-11-24 01:41 · Score: 2
  
  Does it work on that too if you dont have any other audio?
  The short answer is no
  A longer answer is, only if your motherboard speaker is tied not just to the buzzer output, but also to the audio codec, which is outstandingly rare in a PC but not actually unheard of.
  
  --
  "You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
2. Re:What about the motherboard speaker? by swb · 2016-11-24 02:19 · Score: 1
  
  It may be rare in build your own motherboards, but it's not uncommon in low-end Dell desktops. I see a fair amount of desktops with what sounds like a typical crap beep speaker wired to the sound chip output. The sound quality and volume is poor, but you hear Windows audio out of it.
  I doubt it would make a useful microphone as the audio output quality is poor and its buried inside the noisy PC case, which may be made worse by being a SFF case where its closer to fans or drives.
3. Re:What about the motherboard speaker? by drinkypoo · 2016-11-24 02:39 · Score: 1
  
  I see a fair amount of desktops with what sounds like a typical crap beep speaker wired to the sound chip output. The sound quality and volume is poor, but you hear Windows audio out of it.
  Yes, in such hardware, I would definitely be concerned about the risk of such an attack.
  
  I doubt it would make a useful microphone as the audio output quality is poor and its buried inside the noisy PC case, which may be made worse by being a SFF case where its closer to fans or drives.
  Yes, only in the case where the speaker is front-mounted does it seem like it would be possible to get high-quality audio. Then again, with sufficient processing, you might be able to get usable audio, and there's a processor right there.
  I've also recently become aware that the original PC speaker hardware could be used in reverse. How much useful audio you could get through a crap speaker inside a noisy steel box full of noisy spinning rust I'm not sure, though. As far as I know, that hardware is now emulated and won't work in the same way, but I've been wrong before.
  
  --
  "You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
4. Re:What about the motherboard speaker? by drinkypoo · 2016-11-24 11:44 · Score: 1
  
  If you need a whole audio codec to run the PC speaker, how do you get POST beeps to decode when you're having a problem? Or is the expectation that you just buy a new one when that happens?
  Either the BIOS knows how to make that happen, or (more likely) the codec isn't the only thing connected to the speaker.
  
  --
  "You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
Realtek's bad design strikes again. by sethstorm · 2016-11-24 02:02 · Score: 1

Not only do they make bad networking chipsets, their audio chipsets are even worse.

--
Twitter supports and protects racists - by smearing their critics with the "Hate Speech" label.
1. Re:Realtek's bad design strikes again. by thegarbz · 2016-11-24 03:24 · Score: 1
  
  Not only do they make bad networking chipsets, their audio chipsets are even worse.
  What about this is bad design? I see a bug, but I see it in a good design that allows you to dynamically assign I/O where needed be it the back or the front or the riser card or the whatever. Computers have done this for 15 years. Researchers have demonstrated it on one device but I'll bet you a Mars bar that this feature is exploitable across a wide range of vendors, even dedicated Soundcard vendors.
So Apple did something right by dromgodis · 2016-11-24 02:30 · Score: 1

This hack won't work on your iPhone 7. Now they can never turn it into a device that can pick up sounds at any time... Oh...
Feature, not a bug by drinkypoo · 2016-11-24 02:42 · Score: 2

Not only do they make bad networking chipsets, their audio chipsets are even worse.
I'm with you on the rtl eth, but being able to switch inputs in the codec is a feature, not a bug. It enables you to do stuff like plug in a device, answer a question about what it is, and not have to worry about which port is which. It also lets you have multiple inputs or multiple outputs with just two jacks, which would often be useful on a laptop.
The problem isn't in the hardware, it's in the software.

--
"You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
Re: UMM DUHHH by Khyber · 2016-11-24 02:59 · Score: 1

The hardware allows it and has since WAY BACK (Like Sound Blaster Live using kX drivers you could route anything anywhere.)
And with things like the newer Windows Sound System (Win7+) you can now surreptitiously and maliciously make it so that your malware can listen in on a specific program. You couldn't do that in XP, as XP didn't have per-program audio control.

--
Still waiting on Serviscope_minor to wake up to fucking reality and realize that Jessica Price isn't going to fuck him.
Re:Workaround: by hcs_$reboot · 2016-11-24 03:01 · Score: 1

Or use a new iPhone, it doesn't have a headphones plug

--
Slashdot, fix the reply notifications... You won't get away with it...
Most plug allow both in and out by aepervius · 2016-11-24 03:07 · Score: 1

At least for the cards I have had for the last 10 years you have a color for the plug and you can choose *at the moment* you plug in if it should act as headphone, as microphone, it is not set as "in" or "out" you can even switch them around and it sitll work properly. If the driver can chose, then the driver can be misused to switch around and amde believe headphone/loudpseaker are (poor) microphone

--
C. Sagan : A demon haunted world:
http://www.amazon.com/gp/product/0345409469/
visit randi.org
Everything old is new again... by NetAlien · 2016-11-24 03:17 · Score: 1

Good grief! We were doing this in the early 60s when the carbon microphones in our headsets crapped out. Switching earpeice between ear & mouth gave us half vs full duplex comms too... :)
Courage and security by zerofoo · 2016-11-24 03:24 · Score: 1

The new iPhone 7 - even more courageous and secure.....
1. Re:Courage and security by freeze128 · 2016-11-24 05:28 · Score: 1
  
  The iPhone (yes, even the iPhone 7) already has a built-in microphone. It would be easier to just turn that on and listen, rather than try to do this headphone thing.
  
  In fact, this whole exploit is becoming increasingly pointless, since all cell phones have a built-in microphone, and so do almost all laptops.
2. Re:Courage and security by q4Fry · 2016-11-30 06:22 · Score: 1
  
  There are some companies who provide a hardware kill switch to the microphone (grep for "HKS"), but this exploit means that the speakers are also vulnerable.
Home automation is better at sending data to cloud by rlh100 · 2016-11-24 06:50 · Score: 1

Who needs to hack into anything when we are installing home automation devices like Amazon Alexa Echo and Google Home that stream audio to the cloud. In the case of the Echo its 16bit, 16KHz audio with a sophisticated microphone array that can determine the direction of the conversation. Both Google and Amazon are proud of their voice recognition capabilities.
How do you know it is only sending audio when you talk to it? Blinking LEDs? See discussion about software control of indicator LEDs.
Re:why is this news? by gweihir · 2016-11-24 10:03 · Score: 1

Works as well, just needs a lot of DSP after to correct.

--
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
Tinfoil hat subversion by Flownez · 2016-11-24 11:49 · Score: 1

I wonder how soon until they can subvert tin foil hats?
Re:why is this news? by Megol · 2016-11-24 14:01 · Score: 1

Yes. Plasma speakers may be a bit harder to hack though...
OK. So... by RightwingNutjob · 2016-11-24 15:32 · Score: 1

put an amplifier or isolator between the jack and the speaker. Security problem gone.
Prevention by nuc1e0n · 2016-11-25 06:50 · Score: 1

Would a diode put a stop to this?
1. Re:Prevention by Agripa · 2016-11-25 15:41 · Score: 1
  
  Would a diode put a stop to this?
  Yes sort of but that is not the way to go about it. Adding a headphone amplifier would neatly solve the problem.
Feature, not a bug by Ant+P. · 2016-12-06 11:36 · Score: 1

So... how can I invoke this deliberately? I would *love* to swap my laptop's line-in/out in software, because one port's never been used and the other is damaged beyond repair.