
Acoustic Denial of Service Attacks on HDDs - adulau
https://arxiv.org/abs/1712.07816
======
teraflop
The paper links to this entertaining YouTube video from 2009, in which someone
demonstrates the effect by literally shouting at a rack of servers:
[https://www.youtube.com/watch?v=tDacjrSCeq4](https://www.youtube.com/watch?v=tDacjrSCeq4)

(EDIT: replaced the link I found via YouTube's search with the original,
thanks robotmlg!)

~~~
robotmlg
That's a reposted video, the original is from Bryan Cantrill (formerly of Sun,
now CTO of Joyent):
[https://www.youtube.com/watch?v=tDacjrSCeq4](https://www.youtube.com/watch?v=tDacjrSCeq4)

~~~
btbuildem
Wow.. so, how much interference is caused by the ambient noise of the server
room itself? Is there some "critical threshold" for noise beyond which you'd
have to install sound dampeners or smth?

~~~
baruch
I've had a case that caused disk performance to drop because the memory
correctable errors rose above a server BMC threshold.

Turned out that the BMC beeped the internal speaker which vibrated the chassis
at the right harmonic frequency that matches the HDD sensitivity spot and
reduced performance. After that we disconnected the speaker on all servers.

The overall nose may impact the HDD performance but mostly if the vibration is
at the right frequencies. Some are a lot more important than others.

------
zkms
The dimensions involved in modern hard drives are staggeringly small; the bit
cells have dimensions in the tens of nanometers -- about as big as couple-
year-old semiconductor feature sizes.

It's not shocking that strong external vibration that induces resonances in
the mechanical components causes dysfunction: the miracle is that hard drives
function _at all_ , even in the face of mild mechanical maltreatment.

------
blackflame7000
That's pretty incredible how something seemingly innocuous can have tremendous
power if wielded properly. Some of the Side-channel attacks that people come
up with are really outside the box and clever.

------
anfractuosity
Also see:

[https://github.com/ortegaalfredo/kscope](https://github.com/ortegaalfredo/kscope)

They present 'Resonance attack against HDD':

[https://www.youtube.com/watch?v=8DdqTz3CW5Y](https://www.youtube.com/watch?v=8DdqTz3CW5Y)

They include code etc.

------
userbinator
This also somewhat implicitly confirms one thing I've noticed over many years
of servicing PCs, mostly for others --- HDDs mounted in cheap flimsy cases
seem to have shorter lives than those in cases made of heavier material.

Too bad they only tested 4 WD Blue (consumer/desktop) drives; I would've liked
to see other models, particularly WD Black (high end workstations), Gold
(datacenter), and Purple (DVR applications). The WD Blacks I use are
noticeably heavier, and they do advertise them as having more vibration
dampening.

~~~
awful
I have several greens fail SMART well before their time, not crash, only later
came to the understanding in every case it was when I played loud music. My
nearby small 4" subwoofer was causing it even though isolated from floor,
apparently acoustic coupling. I understand this is/may be from lower flying
height (from lower speed, but aren't they tail-draggers?).

------
jaclaz
With all due respect for the research or the researchers, and if I read the
paper correctly, they _discovered_ that inducing vibrations to something
sensible to vibrations (at a given "right" frequency of course) causes
malfunctioning of the something.

And, though technically it _can_ be said (as stated in the conclusions) that
the technnique may represent a "non-contact DoS attack", the experiments with
speakers placed at 15 and 25 cm from the device cases don't really qualify for
"feasability of real-world attack".

I mean if you can get access to be able to place a speaker within 15, 25 (or
even 500 cm for that matters) from a device, there are much easier ways to
attack it.

If you could somehow transmit the sound waves/vibrations with enough intensity
to be able to affect a hard disk from another room or from the outside of a
building, then that would be a feasible realworld atttack.

------
carapace
resonance is a hellofa thing

Can carry information, cf. Huygens synchronization, oscillators sync up
through resonance...
[https://www.youtube.com/watch?v=Aaxw4zbULMs](https://www.youtube.com/watch?v=Aaxw4zbULMs)

~~~
jacquesm
I've seen resonance snap a 1" grade #9 bolt. Vibration and resonant vibration
are real killers when it comes to mechanics and construction.

------
Mindcraft
I wonder if you could change what a HDD writes or reads with a specific
pattern of vibrations, making it "fail" selectively.

------
jcims
Related - Using HDD errors to detect movement and sound -
[https://www.youtube.com/watch?v=ntw32kYDryM](https://www.youtube.com/watch?v=ntw32kYDryM)

------
amelius
Is it really _denial_ of service, or just deterioration of service?

~~~
teraflop
The paper has the full details; they were able to halt all disk access for
minutes at a time, resulting in operating system crashes.

------
rootw0rm
I run an 8 disk hardware RAID6 at home for entertainment. It's not far from
some fairly serious home theater equipment. Right now I'm thinking back on the
timing of various faults and I'm pretty sure I've DOSed myself, lol.

