
Hacker Turns Secure Computers into Secret-Spewing Radios - shahryc
http://www.pcmag.com/article2/0,2817,2489163,00.asp
======
stephengillie
So if I understand this correctly, the "hack" works like this:

    
    
      1. Install malware onto both the Target and the Receiver computers
      2. Use existing circuitry inside the computer to create a software radio
      3. Use the software radio created in Step 2 to transmit data between Target and Receiver
    

This demonstration glossed over the difficulty of Step 1, something we saw in
play with the Stuxnet virus.

This demonstration failed at Step 2, when a suitable circuit could not be
located. Part of that is likely due to the large size of AM radio waves, and
thus the large antennas required to generate them effectively. If microwave
transmission were used, a suitable circuit would be much easier to find.

There are many questions about the viability of this "hack", not the least of
which are the ability to get enough power to the antenna to transmit data
through several layers of metal insulation and electromagnetic noise.

Who knows - maybe the future of WIFI won't be discrete hardware antennas, but
software that can generate a software antenna from any circuit in the device
on-demand. This might be useful for transmitting data short ranges, like just
across a CPU core.

------
PhantomGremlin
OMG. The sky is falling. From the article:

    
    
       But people in three-letter organizations will
       no doubt be interested. Assuming, of course,
       that they haven't figured out the trick already.
    

But, lo and behold, we've known about TEMPEST[1] since 2000, when information
was publicly released in heavily redacted form. Here's what it's about:

    
    
       TEMPEST is a National Security Agency
       specification and NATO certification referring
       to spying on information systems through leaking
       emanations, including unintentional radio or
       electrical signals, sounds, and vibrations.
       TEMPEST covers both methods to spy upon others
       and also how to shield equipment against
       such spying.
    

[1]
[https://en.wikipedia.org/wiki/Tempest_%28codename%29](https://en.wikipedia.org/wiki/Tempest_%28codename%29)

------
shahryc
"Without a doubt, Cui's research is impressive—and terrifying. Because it
doesn't rely on networks policed by firewalls, like Bluetooth or Wi-Fi,
detecting these transmission is very hard. After all, there's plenty of radio
spectrum in which to hide. Cui quipped that with a simple AM radio, he
defeated billions of dollars in firewall research."

~~~
ArekDymalski
"Cui struggled to find cabling within the target devices long enough to act as
a suitable antenna. In the end, his demonstration required 10 feet of cable
connected to the target device."

------
baseballmerpeak
Mind-blowingly outside the box. Network isolation is not enough. Wow.

