Security

Israeli researcher fans fears: here's another way to cross the airgap

'Fansmitter', a cool way to steal passwords

Richard Chirgwin Fri 24 Jun 2016 // 01:05 UTC

Pity the weary sysadmin who's just finished silencing the loudspeakers in the company's computers to keep data behind the air gap: processor fans can also be used to whisper your secrets.

Israeli white-hat Mordechai Guri, who last year fiddled with firmware to transmit crypto keys from computers to feature phones on GSM frequencies, says fan speed can be modulated, creating an audio channel for data leakage.

As in his previous work, an attacker needs to be able to infect the target to plant the badware that gathers (for example) passwords from the keyboards and put that data into a modulated fan signal.

It's also a very slow channel: Guri's paper describing Fansmitter says the trick's been tested over distances of up to 8 metres, at a snail's-pace 900 bits per hour. Still: if all you want is someone's passwords, that's more than sufficient.

An ordinary smartphone has a good enough microphone to receive the data, he reckons.

Data can be modulated on either the amplitude (loudness) of the fan, or on its frequency, he writes, with the attacker choosing which is better based on the environment and how much is known about the target machine.

While he tested Fansmitter on a Dell OptiPlex desktop, Guri reckons the approach is usable on anything with a fan.

Guri's collaborators in the project were Yosef Solewicz, Andrey Daidakulov, and Yuval Elovici.

So: if you're handling really sensitive data behind the air-gap, it's a good idea to keep microphones away. ®

Similar topics

Security

Narrower topics

Corrections Send us news

Other stories you might like

China offering ten nations help to run their cyber-defenses and networks

Sure, they’re small Pacific nations, but they’re in very strategic locations

Simon Sharwood, APAC Editor Fri 27 May 2022 // 03:33 UTC

China has begun talking to ten nations in the South Pacific with an offer to help them improve their network infrastructure, cyber security, digital forensics and other capabilities – all with the help of Chinese tech vendors.
Newswire Reuters broke the news of China’s ambitions after seeing a draft agreement that China’s foreign minister Wang Yi is reportedly tabling on a tour of Pacific nations this week and next.
The draft agreement proposes assistance with data governance, training local police, and mapping the marine environment. Supply of customs management applications, possible funding of data links to island nations, and cyber-security assistance are also reportedly on the table.

Continue reading
Broadcom to 'focus on rapid transition to subscriptions' for VMware

Offers comforting vision for core customers, products, channel – though warns efficiencies are coming

Simon Sharwood, APAC Editor Fri 27 May 2022 // 01:58 UTC

Broadcom has signaled its $61 billion acquisition of VMware will involve a “rapid transition from perpetual licenses to subscriptions.”
That's according to Tom Krause, president of the Broadcom Software Group, on Thursday's Broadcom earnings call. He was asked how the semiconductor giant plans to deliver on its guidance that VMware will add approximately $8.5 billion of pro forma EBITDA to Broadcom within three years of the deal closing – significant growth given VMware currently produces about $4.7 billion. And subscriptions was the answer.
Krause also repeatedly said Broadcom intends to invest in VMware’s key product portfolio and is pleased to be acquiring a sales organization and channel relationships that give it reach Broadcom does not currently enjoy.

Continue reading
How to reprogram Apple AirTags, play custom sounds

Voltage glitch here, glitch there, now you can fiddle with location disc's firmware

Thomas Claburn in San Francisco Fri 27 May 2022 // 00:52 UTC

At the Workshop on Offensive Technologies 2022 (WOOT) on Thursday, security researchers demonstrated how to meddle with AirTags, Apple's coin-sized tracking devices.
Thomas Roth (Leveldown Security), Fabian Freyer (Independent), Matthias Hollick (TU Darmstadt, SEEMOO), and Jiska Classen (TU Darmstadt, SEEMOO) describe their exploration of Apple's tracking tech in a paper [PDF] titled, "AirTag of the Clones: Shenanigans with Liberated Item Finders."
The boffins discuss tools they've developed and released to advance the exploration of AirTag hardware and firmware, made possible by existing imperfections.

Continue reading

Ransomware encrypts files, demands three good deeds to restore data

Shut up and take ... poor kids to KFC?

Jessica Lyons Hardcastle Thu 26 May 2022 // 23:20 UTC

In what is either a creepy, weird spin on Robin Hood or something from a Black Mirror episode, we're told a ransomware gang is encrypting data and then forcing each victim to perform three good deeds before they can download a decryption tool.
The so-called GoodWill ransomware group, first identified by CloudSEK's threat intel team, doesn't appear to be motivated by money. Instead, it is claimed, they require victims to do things such as donate blankets to homeless people, or take needy kids to Pizza Hut, and then document these activities on social media in photos or videos.
"As the threat group's name suggests, the operators are allegedly interested in promoting social justice rather than conventional financial reasons," according to a CloudSEK analysis of the gang.

Continue reading
Microsoft Azure to spin up AMD MI200 GPU clusters for 'large scale' AI training

Windows giant carries a PyTorch for chip designer and its rival Nvidia

Tobias Mann Thu 26 May 2022 // 22:46 UTC

Microsoft Build Microsoft Azure on Thursday revealed it will use AMD's top-tier MI200 Instinct GPUs to perform “large-scale” AI training in the cloud.
“Azure will be the first public cloud to deploy clusters of AMD's flagship MI200 GPUs for large-scale AI training,” Microsoft CTO Kevin Scott said during the company’s Build conference this week. “We've already started testing these clusters using some of our own AI workloads with great performance.”
AMD launched its MI200-series GPUs at its Accelerated Datacenter event last fall. The GPUs are based on AMD’s CDNA2 architecture and pack 58 billion transistors and up to 128GB of high-bandwidth memory into a dual-die package.

Continue reading
New York City rips out last city-owned public payphones

Y'know, those large cellphones fixed in place that you share with everyone and have to put coins in. Y'know, those metal disks representing...

Thomas Claburn in San Francisco Thu 26 May 2022 // 21:54 UTC

New York City this week ripped out its last municipally-owned payphones from Times Square to make room for Wi-Fi kiosks from city infrastructure project LinkNYC.
"NYC's last free-standing payphones were removed today; they'll be replaced with a Link, boosting accessibility and connectivity across the city," LinkNYC said via Twitter.
Manhattan Borough President Mark Levine said, "Truly the end of an era but also, hopefully, the start of a new one with more equity in technology access!"

Continue reading

Cheers ransomware hits VMware ESXi systems

Now we can say extortionware has jumped the shark

Jeff Burt Thu 26 May 2022 // 21:10 UTC

Another ransomware strain is targeting VMware ESXi servers, which have been the focus of extortionists and other miscreants in recent months.
ESXi, a bare-metal hypervisor used by a broad range of organizations throughout the world, has become the target of such ransomware families as LockBit, Hive, and RansomEXX. The ubiquitous use of the technology, and the size of some companies that use it has made it an efficient way for crooks to infect large numbers of virtualized systems and connected devices and equipment, according to researchers with Trend Micro.
"ESXi is widely used in enterprise settings for server virtualization," Trend Micro noted in a write-up this week. "It is therefore a popular target for ransomware attacks … Compromising ESXi servers has been a scheme used by some notorious cybercriminal groups because it is a means to swiftly spread the ransomware to many devices."

Continue reading
Twitter founder Dorsey beats hasty retweet from the board

As shareholders sue the social network amid Elon Musk's takeover scramble

Brandon Vigliarolo Thu 26 May 2022 // 20:18 UTC

Twitter has officially entered the post-Dorsey age: its founder and two-time CEO's board term expired Wednesday, marking the first time the social media company hasn't had him around in some capacity.
Jack Dorsey announced his resignation as Twitter chief exec in November 2021, and passed the baton to Parag Agrawal while remaining on the board. Now that board term has ended, and Dorsey has stepped down as expected. Agrawal has taken Dorsey's board seat; Salesforce co-CEO Bret Taylor has assumed the role of Twitter's board chair.
In his resignation announcement, Dorsey – who co-founded and is CEO of Block (formerly Square) – said having founders leading the companies they created can be severely limiting for an organization and can serve as a single point of failure. "I believe it's critical a company can stand on its own, free of its founder's influence or direction," Dorsey said. He didn't respond to a request for further comment today.

Continue reading
Snowflake stock drops as some top customers cut usage

You might say its valuation is melting away

Lindsay Clark Thu 26 May 2022 // 19:16 UTC

IPO darling Snowflake's share price took a beating in an already bearish market for tech stocks after filing weaker than expected financial guidance amid a slowdown in orders from some of its largest customers.
For its first quarter of fiscal 2023, ended April 30, Snowflake's revenue grew 85 percent year-on-year to $422.4 million. The company made an operating loss of $188.8 million, albeit down from $205.6 million a year ago.
Although surpassing revenue expectations, the cloud-based data warehousing business saw its valuation tumble 16 percent in extended trading on Wednesday. Its stock price dived from $133 apiece to $117 in after-hours trading, and today is cruising back at $127. That stumble arrived amid a general tech stock sell-off some observers said was overdue.

Continue reading
Amazon investors nuke proposed ethics overhaul and say yes to $212m CEO pay

Workplace safety, labor organizing, sustainability and, um, wage 'fairness' all struck down in vote

Brandon Vigliarolo Thu 26 May 2022 // 17:17 UTC

Amazon CEO Andy Jassy's first shareholder meeting was a rousing success for Amazon leadership and Jassy's bank account. But for activist investors intent on making Amazon more open and transparent, it was nothing short of a disaster.
While actual voting results haven't been released yet, Amazon general counsel David Zapolsky told Reuters that stock owners voted down fifteen shareholder resolutions addressing topics including workplace safety, labor organizing, sustainability, and pay fairness. Amazon's board recommended voting no on all of the proposals.
Jassy and the board scored additional victories in the form of shareholder approval for board appointments, executive compensation and a 20-for-1 stock split. Jassy's executive compensation package, which is tied to Amazon stock price and mostly delivered as stock awards over a multi-year period, was $212 million in 2021.

Continue reading
Confirmed: Broadcom, VMware agree to $61b merger

Unless anyone out there can make a better offer. Oh, Elon?

Dan Robinson Thu 26 May 2022 // 16:20 UTC

Broadcom has confirmed it intends to acquire VMware in a deal that looks set to be worth $61 billion, if it goes ahead: the agreement provides for a “go-shop” provision under which the virtualization giant may solicit alternative offers.
Rumors of the proposed merger emerged earlier this week, amid much speculation, but neither of the companies was prepared to comment on the deal before today, when it was disclosed that the boards of directors of both organizations have unanimously approved the agreement.
Michael Dell and Silver Lake investors, which own just over half of the outstanding shares in VMware between both, have apparently signed support agreements to vote in favor of the transaction, so long as the VMware board continues to recommend the proposed transaction with chip designer Broadcom.

Continue reading

ABOUT US

MORE CONTENT

SITUATION PUBLISHING

The Register - Independent news and views for the tech community. Part of Situation Publishing

SIGN UP TO OUR DAILY NEWSLETTER

Security Scorecard

Biting the hand that feeds IT © 1998–2022

Do not sell my personal information Cookies Privacy Ts&Cs