Security Researchers Can Turn Headphones Into Microphones (techcrunch.com)

← Back to Stories (view on slashdot.org)

Security Researchers Can Turn Headphones Into Microphones (techcrunch.com)

Posted by BeauHD on Thursday November 24, 2016 @01:00AM from the proof-of-concept dept.

As if we don't already have enough devices that can listen in on our conversations, security researchers at Israel's Ben Gurion University have created malware that will turn your headphones into microphones that can slyly record your conversations. TechCrunch reports: The proof-of-concept, called "Speake(a)r," first turned headphones connected to a PC into microphones and then tested the quality of sound recorded by a microphone vs. headphones on a target PC. In short, the headphones were nearly as good as an unpowered microphone at picking up audio in a room. It essentially "retasks" the RealTek audio codec chip output found in many desktop computers into an input channel. This means you can plug your headphones into a seemingly output-only jack and hackers can still listen in. This isn't a driver fix, either. The embedded chip does not allow users to properly prevent this hack which means your earbuds or nice cans could start picking up conversations instantly. In fact, even if you disable your microphone, a computer with a RealTek chip could still be hacked and exploited without your knowledge. The sound quality, as shown by this chart, is pretty much the same for a dedicated microphone and headphones. The researchers have published a video on YouTube demonstrating how this malware works.

15 of 122 comments (clear)

Min score:

Reason:

Sort:

Small tidbit by campuscodi · 2016-11-24 01:05 · Score: 2

You don't have to be a security researcher to do that. Electrical engineers can do it as well. The point of the article is the privacy and security implications that come from malware that can switch I/O audio jacks using software toggles found in audio drivers and secretly record you while you have your headphones or simple speakers plugged in.
1. Re:Small tidbit by xtsigs · 2016-11-24 01:46 · Score: 2
  
  The authors make a point of the fact that they are presenting nothing new with the idea of using speakers as microphones. It also appears that the switches to reverse any input/output are easily manipulated. It doesn't appear there is anything especially new about the article except to point out how easy it is to snoop and how clear the victim's voice is when recorded through speakers.
  The paper also quotes from a declassified 2000 NSA document:
  
  In addition to being a possible fortuitous conductor of TEMPEST emanations, the speakers in paging, intercom and public address systems can act as microphones and retransmit classified audio discussions out of the controlled area via the signal line distribution. This microphonic problem could also allow audio from higher classified areas to be heard from speakers in lesser classified areas. Ideally. Such systems should not be used. Where deemed vital, the following precautions should be taken in full or in part to lessen the risk of the system becoming an escape medium for NSA.
  If the NSA's concerned about people being able to listen to them through paging, intercom, and public address systems (like those in grocery stores and office buildings) then it seems unlikely that they would fail to use these systems to listen in to our conversations. Having PC speakers sitting a few feet away from your voices as you have confidential conversations, or, ahem, "conversations," with coworkers just makes it that much easier for NSA or someone else to listen in with clarity.
2. Re:Small tidbit by Big+Hairy+Ian · 2016-11-24 02:20 · Score: 4, Interesting
  
  What would be more interesting is if they'd managed to do this with a PC's built in speaker
  
  --
  Build a Man a Fire, and He'll Be Warm for a Day. Set a Man on Fire, and He'll Be Warm for the Rest of His Life.
3. Re:Small tidbit by guruevi · 2016-11-24 03:12 · Score: 2
  
  It's even a "feature" not a security bug on some computers (especially tiny laptops) to have the same jacks available as both inputs and outputs. I'm fairly the MacBook Pro's with 1 jack can do it and I've seen it done on a custom computer as well.
  I want to be a 'security researcher' and state the obvious.
  
  --
  Custom electronics and digital signage for your business: www.evcircuits.com
4. Re:Small tidbit by JustAnotherOldGuy · 2016-11-24 04:41 · Score: 2
  
  his is nothing new I was using speakers as microphones when I was a teenager back in the 80's (God I feel old)
  The first time I did this and heard it work, I was so surprised I fell off my dinosaur.
  
  --
  Just cruising through this digital world at 33 1/3 rpm...
5. Re:Small tidbit by JustAnotherOldGuy · 2016-11-24 04:52 · Score: 2
  
  For most people, it probably was not obvious that a speaker even had the correct hardware to function as a microphone. I for one had no idea.
  It should be apparent if you think about it for a moment. A speaker is a transducer, and almost all transducers work both ways (albeit one mode is usually more efficient than the other). A speaker and a microphone are basically the same thing, just optimized for sound in or sound out.
  Stress a piezoelectric chip slightly and you get voltage, apply voltage and it bends slightly.
  Apply heat to a thermocouple and you get voltage, apply voltage and it heats up.
  Expose a photosensitive chip to light and you get voltage*, apply voltage and it will emit a small amount of light.
  Shake a mechanical motion sensor and you get voltage, apply voltage and it will move or expand/contract.
  It should really be no surprise to anyone familiar with basic physics that this is the rule, but then they stopped teaching this stuff in public schools back in the 1980s.
  
  --
  Just cruising through this digital world at 33 1/3 rpm...
6. Re:Small tidbit by Antique+Geekmeister · 2016-11-24 05:38 · Score: 3, Informative
  
  > It should be apparent if you think about it for a moment. A speaker is a transducer
  Electromechanically, it's apparent. In terms of feedback that can be read by any sensory circuitry on the PC itself, it is not. A headphone or speaker circuit need have no _sensors_ that can be read or recorded by the signal generator. I'm afraid it's the introduction of simple chip solutions, designed to connect different electrical jacks to different programmable signals, and the introduction of A/D circuitry for noise cancellation and microphones that allows the cross connection of what is normally an output circuit to an input circuit.
  Such features help reduce costs of circuitry for computer motherboards by providing single well designed, well understood chips for both functions. But it's not a design requirement.
7. Re:Small tidbit by jenningsthecat · 2016-11-24 05:38 · Score: 2
  
  ... or any external speakers...should be possible in theory ...
  Not "any" external speakers. Powered speakers, (with their own amplifiers between the transducers and the input), won't send any usable signal back to the jack on the computer.
  
  --
  'The Economy' is a giant Ponzi scheme whose most pitiable suckers are the youngest among us and the yet-unborn.
amplifier by dehachel12 · 2016-11-24 01:12 · Score: 2

Would it work with amplifier+speakers ?
A headphone... by hcs_$reboot · 2016-11-24 01:17 · Score: 5, Informative

is a microphone. Both headphones and microphone share the same mechanism (using a voice coil). The microphone is more sensitive (as it generates small alternative current when the sound makes the diaphragm vibrate) ; and headphones do the opposite, its diaphragm vibrates when the device injects positive or negative current. Even a bigger speaker is sensitive enough to act as a microphone.

--
Slashdot, fix the reply notifications... You won't get away with it...
1. Re:A headphone... by Kjella · 2016-11-24 01:54 · Score: 5, Interesting
  
  Even if you know that, it is far from obvious that there will be a hardware and software interface that'll let you turn an apparent read-only/write-only device into a read/write device. It could have dedicated ports or use fused circuits to set it in a device, the coupling could have had mode indicators or firmware that forced it into headphone or microphone mode. I've never heard of any malware doing it before, so I'd say this is pretty clever.
  And I just got a scary thought, many laptops have built-in speakers that you can't easily disconnect, can they too be reprogrammed as inputs? Even if it doesn't have much reach if you can hear what the person on the laptop is doing talking on the phone or whatever, that could be huge. I mean many headsets have a mic, so if you're worried about anyone listening in you'd have disconnected it anyway, this only adds the capability to pure headphones/earbuds.
  
  --
  Live today, because you never know what tomorrow brings
2. Re:A headphone... by thegarbz · 2016-11-24 03:23 · Score: 2
  
  it is far from obvious that there will be a hardware and software interface that'll let you turn an apparent read-only/write-only device into a read/write device.
  Have you not used a computer in the past 15 years? The vast majority of desktop computers have come with apps to dynamically assign recording / playback outputs to various ports as you see fit. It stands to reason that the underlying hardware has been capable of this since we first started abandoning the Soundblaster.
Hasn't this always been the case by tomxor · 2016-11-24 01:31 · Score: 4, Interesting

I've noticed it's been possible to retask ports for input output on most sound cards or both for a long time... The smaller the headphone the better it would work as a passive microphone, I thought this was always obvious. This is hardly something that no one ever though of before like air gap hacks.
Re:What about the motherboard speaker? by drinkypoo · 2016-11-24 01:41 · Score: 2

Does it work on that too if you dont have any other audio?
The short answer is no
A longer answer is, only if your motherboard speaker is tied not just to the buzzer output, but also to the audio codec, which is outstandingly rare in a PC but not actually unheard of.

--
"You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
Feature, not a bug by drinkypoo · 2016-11-24 02:42 · Score: 2

Not only do they make bad networking chipsets, their audio chipsets are even worse.
I'm with you on the rtl eth, but being able to switch inputs in the codec is a feature, not a bug. It enables you to do stuff like plug in a device, answer a question about what it is, and not have to worry about which port is which. It also lets you have multiple inputs or multiple outputs with just two jacks, which would often be useful on a laptop.
The problem isn't in the hardware, it's in the software.

--
"You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"