AnimeSuki Forums

Register Forum Rules FAQ Members List Social Groups Search Today's Posts Mark Forums Read

Go Back   AnimeSuki Forum > General > General Chat

Notices

Reply
 
Thread Tools
Old 2013-12-11, 23:09   Link #1
Urzu 7
Juanita/Kiteless
 
 
Join Date: Apr 2006
Location: New England
Age: 31
Malware can now be transmitted by...the air we breath

Don't believe me? Read on...

Quote:
The gold standard for protecting computer systems—as everyone from the U.S. military to Osama Bin Laden’s ghost well knows—is disconnecting them from the Internet. Called an “air gap,” because prior to wireless networking it literally meant making sure there was no cable physically connecting a computer to the public Internet, this is one of the most drastic, inconvenient, and difficult-to-maintain computer security measures out there. It’s usually reserved for systems that require the very highest levels of security, because it leaves you with a computer system that may be limited in what it can do, but at least it’s absolutely safe. But according to a recent paper by researchers at the Fraunhofer Institute for Communication, Information Processing, and Ergonomics, that gap can be bridged by high-frequency audio signals.

The researchers, Michael Hanspach and Michael Goetz, were able to transmit data between air-gapped laptops up to 19.7 meters (more than 60 feet) apart at a rate of approximately 20 bits per second by using acoustic methods originally developed for underwater communications. In other words, the computers communicated via their built-in speakers and microphones by transmitting inaudible acoustic waves. The paper announcing this prototype comes just weeks after security consultant Dragos Ruiu hypothesized that the “badBIOS” malware he was studying was able to penetrate air-gapped machines in the same manner. Even without Hanspach and Goetz’s confirmation of its feasibility, Ruiu’s claim was enough to unsettle some. At the Defense One conference last month, United States Naval Academy cyber security professor and retired Navy captain Mark Hagerott said the discovery of air-gap jumping technology would “disrupt the world balance of power.”
http://www.slate.com/blogs/future_te...p_air_gap.html

Cyber terrorism just gets worse and worse. Think about it, a possible scenario one day could be that someone writes airborne malware that could work on a video game system you are playing, transmitting malware to your PC while it is on and you download some anime torrents. That is just a guess, but surely we'll see malware being transmitted to desktops and laptops via the air some day not too long from now. Imagine this problem at computer labs at colleges and offices at work places. One computer could get the malware, and then spread to other computers, and then the malware could be engineered to go onto USB thumb drives, so people could then spread the malware more when backing up work and then using the USB thumb drives on home computers or any other computer.

Technology does so much good for us but boy can it ever be used against us, and as it gets better, the more it can be a double edged sword.
__________________
http://forums.animesuki.com/images/as.icon/signaturepics/sigpic38963_5.gif
Urzu 7 is online now   Reply With Quote
Old 2013-12-11, 23:19   Link #2
kuroishinigami
Ava courtesy of patchy
 
 
Join Date: Jan 2009
Uh, assume you're using normal speaker/wave transmitter, how far can such unaudible sound wave travel before getting corrupted by interference from the millions other such wave already in the air currently? Even in test scenario, the said data can only be transmitted for 20 meter, so I don't think we, as normal user should worry about this one yet. It might infect your family's laptop, but I don't think it can lead to that big of an outbreak before the malware can be completely isolated and removed.
__________________
kuroishinigami is offline   Reply With Quote
Old 2013-12-11, 23:26   Link #3
Konakaga
Yuri Moderator
*Moderator
 
 
Join Date: Nov 2009
Location: FL, USA
Age: 27
Send a message via AIM to Konakaga Send a message via Skype™ to Konakaga
Solution: quit having a microphone on everything if you aren't you using it .

As with no sound detection system it does nothing.
__________________
Nanami Aoyama - Sakurasou no Pet na KanojoAvatar By RRW &
Sig by TheEroKing
MAL(KagamiHiiragi)
Konakaga is offline   Reply With Quote
Old 2013-12-11, 23:42   Link #4
EscapeReality
Member
 
 
Join Date: Aug 2013
Location: Kazamatsuri City
Age: 18
Can computers catch malware just by connecting to the internet, without visiting any sites and clicking any links?

How is a computer's microphone connected to its hard drive or other components? I can't quite comprehend the idea of sound waves jumbling up code.

Since this can only be spread in short ranges, I think it'll be confined pretty easily. Unless you have someone carrying a speaker and walking around...eh.
EscapeReality is offline   Reply With Quote
Old 2013-12-11, 23:56   Link #5
Urzu 7
Juanita/Kiteless
 
 
Join Date: Apr 2006
Location: New England
Age: 31
Maybe the worst case scenario I mentioned in the OP is a stretch, but airborne malware would still be a big bummer. While they confirmed this in a lab experiment, those that engineer malware and viruses always take a new-found way to infect computers and tweak it and enhance it and make it more sophisticated. It is very possible that in a matter of years, families have headaches because laptops and desktops in homes get malware that one computer got from the internet because of this airborne means of infection.

Worse than that, on the matter of national security for any nation, now it is even easier for classified info to be compromised.
__________________
http://forums.animesuki.com/images/as.icon/signaturepics/sigpic38963_5.gif
Urzu 7 is online now   Reply With Quote
Old 2013-12-11, 23:58   Link #6
Flower
Purrrrfectly cuddly!
*Moderator
 
 
Join Date: May 2010
Location: Yamato, Akiba, Log Horizon Guild Hall, Kitchen....
Quote:
Originally Posted by Konakaga View Post
Solution: quit having a microphone on everything if you aren't you using it .

As with no sound detection system it does nothing.
We are trying to panic here ma'am! Please don't interfere with our frenzied nailbiting and "oh noes!"

In all seriousness though, my guess is that it will be some time before this becomes a real threat (if at all), and even if it does it is not like people will just sit around and do nothing. Just as malware on the internet is most effectively combatted by never connecting turning off microphones or other input devices is a fine solution from the initial descriptions and such.

In the meantime I think there are other more important things to be concerned about and which take priority, at least for me there are.....
__________________
Flower is offline   Reply With Quote
Old 2013-12-12, 00:04   Link #7
Konakaga
Yuri Moderator
*Moderator
 
 
Join Date: Nov 2009
Location: FL, USA
Age: 27
Send a message via AIM to Konakaga Send a message via Skype™ to Konakaga
Quote:
Originally Posted by EscapeReality View Post
Can computers catch malware just by connecting to the internet, without visiting any sites and clicking any links?
Catch? unlikely but possible via other programs that access it, and More so it's possible to be target by being connected this is why firewalls are standard practice.

Quote:
Originally Posted by EscapeReality View Post
How is a computer's microphone connected to its hard drive or other components? I can't quite comprehend the idea of sound waves jumbling up code.
it doesn't jumble something, it would transit code to do something to your computer.

Quote:
Originally Posted by Urzu 7 View Post
Worse than that, on the matter of national security for any nation, now it is even easier for classified info to be compromised.
On a national security level just getting ones with no sound detection should be fine, it isn't a default or necessary function.
__________________
Nanami Aoyama - Sakurasou no Pet na KanojoAvatar By RRW &
Sig by TheEroKing
MAL(KagamiHiiragi)
Konakaga is offline   Reply With Quote
Old 2013-12-12, 04:31   Link #8
Fireminer
Lumine Passio
*Author
 
 
Join Date: Jul 2013
Location: Hanoi, Vietnam
Age: 8
Meh, this new has been posted for an entire month on one of our millitary news.
Fireminer is offline   Reply With Quote
Old 2013-12-12, 13:21   Link #9
Dhomochevsky
temporary safeguard
 
 
Join Date: May 2004
Location: Germany
Age: 33
For anyone having even a slight clue about how computers work, this is a total non story.

Unless you have these scientists' program running on a computer, it will not interpret audio as code.
Even if you did transmit 'information' like it says in the title, which apparently is a new concept (and since when has 'sound' not been information?), this information would still need to be run as code.
And why would a pc do that?

I propose this new way to hack government computers:
Go for a walk near the secure facility, wearing a t-shirt with 'format c:' written on it.
There will surely be security cameras about, which will film you and if they are running OCR on your t-shirt, that will transmit the harmful code into their system!
Now if they paste this code into a cmd shell, it will totally shut down all security!
Dhomochevsky is offline   Reply With Quote
Old 2013-12-12, 13:57   Link #10
Renegade334
Exitus Acta Probat
*Graphic Designer
 
 
Join Date: Jul 2006
Location: Permanent retirement from raws-hunting
Age: 28
^ Finally someone who understands this is just a wet firecracker.

Yep, unless you find a way to make sure the code is run through the CPU without being garbled/corrupted somewhere between the emitter and the microphone (provided the said component is on and listening, the driver knows how to appropriately filter the audio feed and there is already an executable within the OS to convert the audio feed into high- or low-level language code), the airborne malware will not do anything...I mean, it's audio gibberish. Why would the OS or the CPU suddenly decide to execute it as code?

I can understand if the audio feed involves code injection (in assembly language, for example), but once again it can't go live on its own; you need to somehow force the execution.
__________________
<< -- Click to enter my GFX thread.

-- Permanently retired from the raw-hunting business --

Last edited by Renegade334; 2013-12-12 at 14:21.
Renegade334 is offline   Reply With Quote
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT -5. The time now is 15:49.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.
We use Silk.