Hacker News new | comments | ask | show | jobs | submit login
Acoustic Denial of Service Attacks on HDDs (arxiv.org)
125 points by adulau on Dec 22, 2017 | hide | past | web | favorite | 23 comments

The paper links to this entertaining YouTube video from 2009, in which someone demonstrates the effect by literally shouting at a rack of servers: https://www.youtube.com/watch?v=tDacjrSCeq4

(EDIT: replaced the link I found via YouTube's search with the original, thanks robotmlg!)

That's a reposted video, the original is from Bryan Cantrill (formerly of Sun, now CTO of Joyent): https://www.youtube.com/watch?v=tDacjrSCeq4

Wow.. so, how much interference is caused by the ambient noise of the server room itself? Is there some "critical threshold" for noise beyond which you'd have to install sound dampeners or smth?

I've had a case that caused disk performance to drop because the memory correctable errors rose above a server BMC threshold.

Turned out that the BMC beeped the internal speaker which vibrated the chassis at the right harmonic frequency that matches the HDD sensitivity spot and reduced performance. After that we disconnected the speaker on all servers.

The overall nose may impact the HDD performance but mostly if the vibration is at the right frequencies. Some are a lot more important than others.

that someone is Brendan Gregg! He's awesome! http://www.brendangregg.com/

Holy shit that's one hell of a demonstration!

I wonder if somewhere out there there's a sysadmin pulling their hair out trying to figure out why their I/O shits the bed every now and then.

Several jobs ago, we were in the data center and doing this came up. We had an idle disk shelf with which to test, so we started up a bulk IO operation (`dd` or something; I don't remember what, specifically), and watched the dip in the IO rate correlate perfectly with someone crouching next to the shelf and screaming at it.

I remembered to read somewhere that the fire suppression in DC could kill HDDs just in the same way (if they use gaseous agents). Never had fire drills in our DC to "confirm" that though.

Ive had that happen. Only killed 1 or 2 disks but it knocked a lot more disks offline requiring a reboot. Not bad out of 2 racks I guess.

In that case the valve holding back the gas failed so it was an unexpected release. Would not have wanted to be in there at the time - no warning!

If shouting works... couldn't the typical LOUD data center noises of other machines and AC, also cause disk latency?

I know vibration affects hard drives, but (AFAIK) data center drives are mounted on anti-vibration mounts for exactly that reason. But sound? Goodness!

The dimensions involved in modern hard drives are staggeringly small; the bit cells have dimensions in the tens of nanometers -- about as big as couple-year-old semiconductor feature sizes.

It's not shocking that strong external vibration that induces resonances in the mechanical components causes dysfunction: the miracle is that hard drives function at all, even in the face of mild mechanical maltreatment.

That's pretty incredible how something seemingly innocuous can have tremendous power if wielded properly. Some of the Side-channel attacks that people come up with are really outside the box and clever.

Also see:


They present 'Resonance attack against HDD':


They include code etc.

This also somewhat implicitly confirms one thing I've noticed over many years of servicing PCs, mostly for others --- HDDs mounted in cheap flimsy cases seem to have shorter lives than those in cases made of heavier material.

Too bad they only tested 4 WD Blue (consumer/desktop) drives; I would've liked to see other models, particularly WD Black (high end workstations), Gold (datacenter), and Purple (DVR applications). The WD Blacks I use are noticeably heavier, and they do advertise them as having more vibration dampening.

I have several greens fail SMART well before their time, not crash, only later came to the understanding in every case it was when I played loud music. My nearby small 4" subwoofer was causing it even though isolated from floor, apparently acoustic coupling. I understand this is/may be from lower flying height (from lower speed, but aren't they tail-draggers?).

With all due respect for the research or the researchers, and if I read the paper correctly, they discovered that inducing vibrations to something sensible to vibrations (at a given "right" frequency of course) causes malfunctioning of the something.

And, though technically it can be said (as stated in the conclusions) that the technnique may represent a "non-contact DoS attack", the experiments with speakers placed at 15 and 25 cm from the device cases don't really qualify for "feasability of real-world attack".

I mean if you can get access to be able to place a speaker within 15, 25 (or even 500 cm for that matters) from a device, there are much easier ways to attack it.

If you could somehow transmit the sound waves/vibrations with enough intensity to be able to affect a hard disk from another room or from the outside of a building, then that would be a feasible realworld atttack.

resonance is a hellofa thing

Can carry information, cf. Huygens synchronization, oscillators sync up through resonance... https://www.youtube.com/watch?v=Aaxw4zbULMs

I've seen resonance snap a 1" grade #9 bolt. Vibration and resonant vibration are real killers when it comes to mechanics and construction.

I wonder if you could change what a HDD writes or reads with a specific pattern of vibrations, making it "fail" selectively.

Related - Using HDD errors to detect movement and sound - https://www.youtube.com/watch?v=ntw32kYDryM

Is it really denial of service, or just deterioration of service?

The paper has the full details; they were able to halt all disk access for minutes at a time, resulting in operating system crashes.

I run an 8 disk hardware RAID6 at home for entertainment. It's not far from some fairly serious home theater equipment. Right now I'm thinking back on the timing of various faults and I'm pretty sure I've DOSed myself, lol.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact