Jump to content

Two-way communication with an air-gapped computer via heat exchange.


atiustira

Recommended Posts

Two-way communication with an air-gapped computer via heat exchange.

 

Holy shades of 2015 Batman there getting sophisticated!

 

"BitWhisper does require some planning to properly execute. Both the connected and air-gapped machines need to be infected with specially designed malware. For the Internet box, that’s not really a problem, but even the air-gapped system can be infected via USB drives, supply chain attacks, and so on. Once both systems are infected, the secure machine without Internet access can be instructed to generate heating patterns by ramping up the CPU or GPU. The internet-connected computer sitting nearby can monitor temperature fluctuations using its internal sensors and interpret them as a data stream. Commands can also be sent from the Internet side to the air-gapped system via heat."

 

 

http://www.extremetech.com/computing/201870-bitwhisper-stealing-data-from-non-networked-computers-using-heat

Edited by atiustira
Link to comment
Share on other sites

securitybreach

Well that and there are not any known malware out there for Linux (there are some proof of concept things but nothing "in the wild") as most all viruses/malware target Window's users and closed source applications. It is a lot easier to fix a hole when you have developer's all over the world looking at the source code and fixing things almost immediately.

  • Like 3
Link to comment
Share on other sites

Hello,

 

There's malware in the wild for Linux, it is just not anywhere near the epidemic proportions seen for Windows. An article I wrote, Do yyou really need antivirus software for Linux desktops? contains about two dozen citations at the end. You might find those interesting reading.

 

Regards,

 

Aryeh Goretsky

 

Well that and there are not any known malware out there for Linux (there are some proof of concept things but nothing "in the wild") as most all viruses/malware target Window's users and closed source applications. It is a lot easier to fix a hole when you have developer's all over the world looking at the source code and fixing things almost immediately.

  • Like 3
Link to comment
Share on other sites

securitybreach

Yeah but your article kind of made my point (except in a better way)...

The first thing to understand about attacks on Linux desktops is that these systems are rarely infected by malware such as worms, trojans, viruses and so forth. While this is partially due to Linux’s security model, the greater reason for this is simply the lack of market penetration by Linux in the desktop space.

 

As you noted, there are cross-platform threats that can be carried on Linux machines but since their not written for Linux; they rarely affect Linux. This may not be the case once the user-base is a bit higher but until then:

When we do see malware specifically for Linux, it often seems to be written either as a proof of concept or for other research purposes, and is rarely found in the wild on customers’ computers,

 

Now that's not saying Linux cannot carry a windows infection but Linux it self is pretty immune to malware threats.

Likewise, it is not unusual for Linux users to receive file attachments via email, or to be on networks with file shares, both of which can serve as vectors of malware, even if they only target Microsoft Windows. And, of course, if a Linux-specific worm such asLinux/Ramen was spreading across the network, one would want to protect one’s desktop from it. But even if the only malware on the network is targeting Windows, having anti-malware software installed can serve as a kind of “early warning” system to notify Linux desktop users that they are connected to an infected network.

 

 

Great article BTW!

  • Like 1
Link to comment
Share on other sites

Two-way communication with an air-gapped computer via heat exchange.

 

Holy shades of 2015 Batman there getting sophisticated!

 

"BitWhisper does require some planning to properly execute. Both the connected and air-gapped machines need to be infected with specially designed malware. For the Internet box, that’s not really a problem, but even the air-gapped system can be infected via USB drives, supply chain attacks, and so on. Once both systems are infected, the secure machine without Internet access can be instructed to generate heating patterns by ramping up the CPU or GPU. The internet-connected computer sitting nearby can monitor temperature fluctuations using its internal sensors and interpret them as a data stream. Commands can also be sent from the Internet side to the air-gapped system via heat."

 

 

http://www.extremete...ters-using-heat

While this is interesting from a theoretical viewpoint, it sounds totally impractical as a form of malware. Someone who is paranoid enough to have a computer isolated from the net, isn't going to allow anyone to place a "heat sensor" enchanced box nearby. Or any "unkown" box for that matter. "Well, a spy broke in in the middle of the night and buggered my boxes." Why wouldn't the spy just put transmitting device in the one isolated box? Much simpler.
Link to comment
Share on other sites

Thank you. I found it to be interesting also. I heard about it from a friend about a month ago. So I thought I would post it when I ran across it. And they really are getting very sophisticated! Not only that but when my friend told me.

I listened but thought in the back of my mind not possible. But there it is. I didn’t see in the article that the computer was heat sensor enhanced only that it used it's internal sensors. So not sure how they accomplished that. Or if the

sensors are on most systems.

No matter how secure you think a computer is, there’s always a vulnerability somewhere that a remote attacker can utilize if they’re determined enough. To reduce the chance of sensitive material being stolen, many government and industrial computer systems are not connected to outside networks. This practice is called air-gapping, but even that might not be enough. The Stuxnet worm from several years ago spread to isolated networks via USB flash drives, and now researchers at Ben Gurion University in Israel have shown that it’s possible to rig up two-way communication with an air-gapped computer via heat exchange.

 

I would think that the systems that the Stuxnet worm attacked were very secure. My friend that was telling me about air-gapping a system a month ago entered into the conversation with me because I was pointing out to a supervisor, that a technician had left a port scanner named angry IP scanner on the system. And available for all user's to use. Not good for a system that uses medical records. So there are a number of ways that a system could get the mal-ware on it. Other than some one breaking in in the middle of the night and putting it there. And a far as being paranoid it is probably beyond your scope and focus to make that type of diagnosis. But irregardless I have heard it said that most people that are good at security are a little paranoid. So without getting too far into the stigma of mental illness. I will say Thanks I hope you continue to enjoy the things I link and post :nuke: :ph34r:

Edited by atiustira
  • Like 1
Link to comment
Share on other sites

  • 3 weeks later...

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...