It's Possible To Hack a Smartphone With Sound Waves, Researchers Show (cnbc.com)

← Back to Stories (view on slashdot.org)

It's Possible To Hack a Smartphone With Sound Waves, Researchers Show (cnbc.com)

Posted by msmash on Tuesday March 14, 2017 @09:20AM from the security-woes dept.

A security loophole that would allow someone to add extra steps to the counter on your Fitbit monitor might seem harmless. But researchers say it points to the broader risks that come with technology's embedding into the nooks of our lives. John Markoff, writes for the NYTimes: On Tuesday, a group of computer security researchers at the University of Michigan and the University of South Carolina will demonstrate that they have found a vulnerability that allows them to take control of or surreptitiously influence devices through the tiny accelerometers that are standard components in consumer products like smartphones, fitness monitors and even automobiles. In their paper, the researchers describe how they added fake steps to a Fitbit fitness monitor and played a "malicious" music file from the speaker of a smartphone to control the phone's accelerometer. That allowed them to interfere with software that relies on the smartphone, like an app used to pilot a radio-controlled toy car. "It's like the opera singer who hits the note to break a wine glass, only in our case, we can spell out words" and enter commands rather than just shut down the phone, said Kevin Fu, an author of the paper, who is also an associate professor of electrical engineering and computer science at the University of Michigan and the chief executive of Virta Labs, a company that focuses on cybersecurity in health care. "You can think of it as a musical virus."

20 of 41 comments (clear)

Min score:

Reason:

Sort:

obligatory xkcd by slew · 2017-03-14 09:23 · Score: 2

For your bemusement...
Re:Play a song, complete your mile walk faster by Travis+Mansbridge · 2017-03-14 09:34 · Score: 1

If you can execute arbitrary code on a target machine it's not a whole lot of steps further to have it "play a song" that pipes out a stream representing your personal (or other private) information. That'd let you "hack into" even an air-gapped machine.
TL;DR by Scarred+Intellect · 2017-03-14 09:46 · Score: 3, Funny

Yelling at your phone DOES work!
Ha ha ha by JustAnotherOldGuy · 2017-03-14 09:48 · Score: 1

Ha ha ha h- errr, I mean, that's terrible!
Seriously, what passes for "security" these days is akin to throwing a nympho with a bottle of Jack Daniels under each arm onto a troopship and expecting her to come out a virgin.

--
Just cruising through this digital world at 33 1/3 rpm...
Re:Play a song, complete your mile walk faster by viperidaenz · 2017-03-14 09:50 · Score: 1

They're not executing code.
That're manipulating an accelerometer with sound waves.
The extent of the impact is applications that use accelerometer input can get false readings - like steps in a fitness app or steering control for a remote control toy car.or game.
Horse Shit by h4x0t · 2017-03-14 09:58 · Score: 1

This is not hacking a smartphone. This is A) 'biasing output' or making it look like one has put in more steps for the day, and B) 'controlling output' or spelling a word with the graph of acceleration/time using tight sound manipulation of an accelerometer. Link to TFPeer reviewed paper: https://spqr.eecs.umich.edu/pa...
1. Re:Horse Shit by Ol+Olsoc · 2017-03-14 10:04 · Score: 1
  
  This is not hacking a smartphone. This is A) 'biasing output' or making it look like one has put in more steps for the day, and B) 'controlling output' or spelling a word with the graph of acceleration/time using tight sound manipulation of an accelerometer. Our headlines have been getting more hyperbolic, with this and the "Rogue Robot" killing it's handler.
  Next we'll be hearing about how O'Bama wiretapped Trump Tower or how he did it with Microwave ovens.......
  Oh - wait.
  Who's writing these Slashdot headlines anyhow?
  
  --
  The shepherds did so well protecting the flock that the sheep no longer believed that wolves existed.
2. Re:Horse Shit by Ol+Olsoc · 2017-03-15 06:53 · Score: 1
  
  Who's writing these Slashdot headlines anyhow?
  In this case it was an editor at CNBC.
  That explains much
  
  --
  The shepherds did so well protecting the flock that the sheep no longer believed that wolves existed.
Re:Play a song, complete your mile walk faster by pr0fessor · 2017-03-14 09:59 · Score: 1

Now I'm waiting for a DIY sonic screwdriver that can interfere with accelerometers.....
Re:Play a song, complete your mile walk faster by Ol+Olsoc · 2017-03-14 10:01 · Score: 1

If you can execute arbitrary code on a target machine it's not a whole lot of steps further to have it "play a song" that pipes out a stream representing your personal (or other private) information. That'd let you "hack into" even an air-gapped machine.
As long as you wear a tinfoil hat, you should be safe.

--
The shepherds did so well protecting the flock that the sheep no longer believed that wolves existed.
no it won't "take control" by Sneftel · 2017-03-14 10:01 · Score: 3, Insightful

Wellll. Okay, let's walk back some of that.
You can't "hack" a phone with sound waves (or, at least, no method for that has been demonstrated as yet. What is being demonstrated here is a method of artificially biasing the input to a MEMS accelerometer using audible (!) and not-incredibly-loud (!!!) sound waves. Make no mistake, that is impressive. But it's still just input. Unless your phone will reveal its passwords to anyone who shakes it in a particular way, there's no real attack surface here.

--
The opinions stated herein do not necessarily represent those of anybody at all. Deal with it.
1. Re:no it won't "take control" by AHuxley · 2017-03-14 11:41 · Score: 2
  
  Re "Unless your phone will reveal its passwords to anyone who shakes it in a particular way, there's no real attack surface here."
  Clever Attack Uses the Sound of a Computer’s Fan to Steal Data (06.28.16)
  https://www.wired.com/2016/06/...
  shows what can be done on the output side.
  The input side would be a way to open the device OS in some way to accept malware once its security was altered and a network opened.
  How would a device respond at code at 15 to 20 bits per minute in its own trusted hardware?
  
  --
  Domestic spying is now "Benign Information Gathering"
2. Re:no it won't "take control" by Sneftel · 2017-03-14 13:10 · Score: 1
  
  The input side would be a way to open the device OS in some way to accept malware once its security was altered and a network opened.
  How would a device respond at code at 15 to 20 bits per minute in its own trusted hardware?
  Probably somewhat slower than it would if you were communicating with it at 5-100 megabits per second over that network connection you've already opened up.
  
  --
  The opinions stated herein do not necessarily represent those of anybody at all. Deal with it.
3. Re:no it won't "take control" by AHuxley · 2017-03-14 14:15 · Score: 1
  
  Flood the area with two methods.
  The first to enter or reset the device hardware. A command to reset or default using unexpected hardware access.
  The sound does not have to be complex or need malware like bandwidth, just enough to alter the device settings to make it network receptive.
  The second network in the same area is just a flood of classic malware for that brand and version of device finding a now wide open default device wide open on normal networks with all the bandwidth needed for more complex OS alterations.
  Once infected, the device reverts to the expected user configuration.
  
  --
  Domestic spying is now "Benign Information Gathering"
I do it all the time with sound waves by nospam007 · 2017-03-14 10:42 · Score: 2

"Hey Siri, open the hacking app."
Accerlometers Control Insulin Dosage?!?.. by BBF_BBF · 2017-03-14 12:38 · Score: 2

If an accelerometer was designed to control the automation of insulin dosage in a diabetic patient, for example, that might make it possible to tamper with the system that controlled the correct dosage.
This is pure fear mongering. Why didn't the article go with: "If an accelerometer was designed to control the launching of the US Nuclear Arsenal, it might make it possible for the hack to end human life on earth."
:rolleyes:
DTFM tones by lucaiaco · 2017-03-14 12:51 · Score: 1

When I was a kid people used to hack public phones with a similar technique. I think they used candies' wraps. It's true what they say that everything in computer technology is at last 50 years old.
The people who originally made it.. by SCVonSteroids · 2017-03-15 02:49 · Score: 1

.. probably said the same thing before shipping the product; "You know.. In theory, people could mess with this through sound waves." Because I doubt anyone smart enough to make something like this wouldn't be smart enough to realize that. Oh, and then they probably all laughed their way to the bar and enjoyed a couple beers as colleagues usually do after a tough project.

--
I tend to rant.
Comment by WallyL · 2017-03-15 04:52 · Score: 1

Musical virus-- like Taylor Swift?
waves by bobmajdakjr · 2017-03-15 07:07 · Score: 1

i listen to malicious music everyday in my car that threatens to rip the rear view mirror off the glass. til people are still surprised at what "sound" is.