16 replies to this topic

[LilBambi]

Eavesdropping Antennas Can Steal Your Smart Phone's Secrets:

Quote

The processors in smart phones and tablets leak radio signals that betray the encryption keys used to protect sensitive data.

At the RSA computer security conference last week, Gary Kenworthy of Cryptography Research held up an iPod Touch on stage and looked over to a TV antenna three meters away. The signal picked up by the antenna, routed through an amplifier and computer software, revealed the secret key being used by an app running on the device to encrypt data. An attacker with access to this key could use it to perfectly impersonate the device he stole it from—to access e-mail on a company server, for example.

The antenna was detecting radio signals "leaking" from the transistors on the chip inside the phone performing the encryption calculations. Transistors leak those signals when they are active, so the pattern of signals from a chip provides an eavesdropper a representation of the work the chip is doing. ...

More in the article.

Looks like even the current hardware can be mitigated with software, but at a performance hit. Of course it would  be worth the performance it not to have your apps for looking at your bank, credit cards, stocks, purchases, etc. openly available for picking through to get keys to do you financial or privacy damage, eh?

New mobile devices can be dealt with at the hardware level and save on the performance hit.

Edited by LilBambi, 26 April 2012 - 12:41 PM.
fixed formatting

[V.T. Eric Layton]

Ain't got no smarty-pants phone. Ain't worried 'bout this silliness.

[securitybreach]

Thanks for the head's up

[ross549]

From how this is described, it could apply to regular PCs too, right? They use the same components.....

Probably the easiest way to prevent signal leakage would be to shield the CPU of these devices.

That, I think would be a relatively simple engineering change.

Adam

[mac]

From how this is described, it could apply to regular PCs too, right? They use the same components.....

Probably the easiest way to prevent signal leakage would be to shield the CPU of these devices.

That, I think would be a relatively simple engineering change.

Adam

While I'm not an electronics engineer, and I didn't stay at a Holiday Inn Express last night, I would think that the steel or aluminum case of a desktop PC would, at least, shield or block these transmissions from the CPU's transistors.

[LilBambi]

Leaky Radio Signals Pose Smartphone Security Risk:

How did the antenna pick up signals from the device? Well, smartphones and other devices contain radio transmitters to communicate with cell towers and Wi-fi base stations, but in this case, the signal was apparently leaking form the CPU itself.

This is because as the CPU performs an operation, it radiates at a particular frequency. These frequencies change depending on the operation of CPU, but it is fairly easy to build a system that can detect this RF radiation.

Cryptography Research for example reportedly built its detector using nothing more than a simple AM radio and some other electronics. This allowed it to analyse the peaks and troughs of the signal which correspond to the string of digital 1s and 0s that make up the encryption key.

“[This] antenna is not supposed to work at this frequency, and it’s been in someone’s attic for years and is a bit bent,” Kenworthy, a principal engineer at Cryptography Research told Technology Review. “You could build an antenna into the side of a van to increase your gain – well, now you’ve gone from 10 feet to 300 feet.”

I would imagine that the shielding on desktop computers and hopefully laptop computer's CPUs would shield from such leakage and consequently detecting and reading of the data.

But is there something else going on here? Or are we truly just talking about these mobile companies NOT shielding the RF from the CPUs? I wonder if compact plastic computers like Mac Mini, Raspberry Pi, Tablets, compact or mini PCs? Do they all have whatever hardware shielding would prevent this leakage?

I think more needs to be known about this? Especially with drones coming to America and likely not just from local, state and federal governments but corporations likely too, I bet? Hopefully this would be more a concern for the those with concerns for state secrets, etc. and not average citizens, but who knows...

[V.T. Eric Layton]

No one here read Neal Stephenson's Cryptonomicon, huh? In one part of the book, they use a similar stray radiation sniffer to eavesdrop on another computer in an adjoining hotel room. It's not science fiction, folks. Ain't it great!

[securitybreach]

Excellent book!!

[LilBambi]

Yeah, figured it was a fact... a security area that may have intentionally been left unfixed...??

[ross549]

Leaky Radio Signals Pose Smartphone Security Risk:


I would imagine that the shielding on desktop computers and hopefully laptop computer's CPUs would shield from such leakage and consequently detecting and reading of the data.

But is there something else going on here? Or are we truly just talking about these mobile companies NOT shielding the RF from the CPUs? I wonder if compact plastic computers like Mac Mini, Raspberry Pi, Tablets, compact or mini PCs? Do they all have whatever hardware shielding would prevent this leakage?

I think more needs to be known about this? Especially with drones coming to America and likely not just from local, state and federal governments but corporations likely too, I bet? Hopefully this would be more a concern for the those with concerns for state secrets, etc. and not average citizens, but who knows...

Yes, many computer cases feature shielding, though it is not specifically for preventing outsiders from "listening in." It probably has more to do with keeping outside interference out.

I don't think there is anything else going on here. I think this type of "listening" is very similar to using a microphone to record the sound of someone typing on a keyboard. In other words, this is very specific.

To put it simply, is someone going to be able to drive by your house with an antenna and be able to distinguish what you are doing on the computer? Probably not. Did you see the antenna in the article picture? It was a very focused yagi array, meaning that this is not something you could pick up with a car antenna for example.

There are so many digital devices out there- even in our TVs!- that it would be very difficult (in my semi-educated opinion) to pick out a single processor and be able to discern what it was doing. I also bet that you would have to know what frequency (clock speed) the processor was running at in order to be able to really lock on.

I guess an elaborate scheme could be construed..... someone hacks your computer knowing its physical location, figures out your cpu, and gets a nice high gain antenna, points it at the computer's specific location, and tries to figure out what you are doing. Is this practical for the average hacker or script kiddie? Not really. It would have to be a highly targeted attack.

Adam

[securitybreach]

Excellent point Adam

[Temmu]

any mobile phone in the usa already has gps enabled, besides its constant pining to give its location to the cell network.

those 2 things are insidious in and of themselves - without stretching the tech to listen to weak signals.

--------------

the supreme court recently ruled against the fbi who plants gps transponders on people's cars.
the flip side is, the fbi will go after those folks using cell-tower (location) records.

[ross549]

any mobile phone in the usa already has gps enabled, besides its constant pining to give its location to the cell network.

These two functions are vital to the proper operation of the cell network.

The GPS you refer to is not a true GPS fix unless the phone has an actual GPS receiver installed. Without the receiver, it uses triangulation of the cellular signals to provide approximate location.

This location information is what allows a 911 operator to know your location and be able to get emergency services to you as quickly as possible.

Pining the cellular towers constantly also allows the phone to know which tower to talk to, as well as the network would also know your location in order to properly route calls to you.

Adam

[Temmu]

yes, o great and correctly informed one

however, my point being that big brother now finds it quite easy to find us.

[crp]

These two functions are vital to the proper operation of the cell network.

The GPS you refer to is not a true GPS fix unless the phone has an actual GPS receiver installed. Without the receiver, it uses triangulation of the cellular signals to provide approximate location.

This location information is what allows a 911 operator to know your location and be able to get emergency services to you as quickly as possible.

Pining the cellular towers constantly also allows the phone to know which tower to talk to, as well as the network would also know your location in order to properly route calls to you.

Adam

And also provides data to let the engineers know if any tower/cell area is having problems above normal. Nowadays the engineer is probably not even told till it hits a critical level and the network management software routes around the problem.
The side effect benefits of being able to help locate lost people and criminals outweigh my BB concerns as long as warrants are still required.

[ross549]

And also provides data to let the engineers know if any tower/cell area is having problems above normal. Nowadays the engineer is probably not even told till it hits a critical level and the network management software routes around the problem.

The other way they will know is through user complaints. AT&T has made this process simple with the "Marks the Spot" app for their devices. I am not sure if it is available for Android or not, but the iOS version lets you describe a problem and submit it as a problem. I am not sure how effective it is, but the same could be said for calling a CS rep.

Adam

[Temmu]

LilBambi, on 08 March 2012 - 10:38 AM, said:

Eavesdropping Antennas Can Steal Your Smart Phone's Secrets:

sur-prise!