Siphoning data from an air-gapped computer using magnetic fields

[Shawn Knight]

Security researchers typically specialize in finding vulnerabilities and exploits via traditional channels of communication - you know, over hardwired networks or across Wi-Fi or Bluetooth. Mordechai Guri, however, prefers to transmit data using methods that most security models don't account for.

You see, Guri's work as a security researcher involves conquering air-gapped computers, or those that aren't connected to any type of network. In the past, Guri and his colleagues have siphoned data from offline computers using the noise generated by their fans and hard drives, patterns in changing air temperatures and even the blinking of hard drive activity LEDs.

The researcher's latest work is a technique called Magneto. Described as the most dangerous technique they've unveiled yet, it involves carefully coordinating operations on a computer's processor to create specific frequencies of electrical signals. When done intentionally, this creates a pattern of magnetic forces that can be used to transmit information to a nearby device over an air gap.

As Wired highlights, the device "listening" for the signal can be as trivial as a smartphone (via the phone's magnetometer which is typically used by the compass). Data can be transmitted using this technique at a rate of between one and 40 bits a second, depending on how close the phone is to the target computer. On the low end, that's still fast enough to steal a password in about a minute or a 4,096-bit encryption key in just over an hour.

What's unique about this technique is that the magnetic forces can be strong enough to penetrate secure environments like those created by the metal shielding of a Faraday cage.

Permalink to story.

https://www.techspot.com/news/73194-siphoning-data-air-gapped-computer-using-magnetic-fields.html

 

[Uncle Al]

You know, they caught an Eastern Block spy back in the early 80's that created a rig from $50 worth of Radio Shack parts. He would sit across from NATO offices and point it at windows. The old monitors were terribly dirty with MRI that this guy could duplicate what was on their screens on his little apple computer and use screen capture to save it. When the debriefed him they found a steamer trunk full of disks and in scanning them he had most of NATO's battle plans as well as a ton of other classified data. Just goes to show, a little ingenuity still goes a long, long way .....

 

[captaincranky]

I predict that by 2020, instead of autonomous cars, we'll all be traveling in Faraday cages on roller skates. (While wearing tinfoil hats and jumpsuits).

The solid metal wheel on the skates should provide adequate grounding, albeit with a backbreaking ride quality.

Or maybe, rubber wheels could be used, with drop chains welded to the cage, just like a gasoline tanker.

 

[Abraka]

Well, if you read mainstream media 5 years ago, those were all conspiracy theories. Everyone knew that online shopping using SSL was safe, that Smart TVs were great, that only tin foil hatters didn't use smartphones, that hackers cannot be tracked on the internet, because they knew tricks how to stay anonymous. In just one year, 2017, all of those "security" myths were debunked. Conspiracy theorists turned out to be right, since every possible device you had, from stupidphone, to smartphone, to smart TV, to laptop, to even "Intel CPU inside" was spying on you.

Despite that, mass media is advertising devices like Amazon Echo or Google Home, even though everyone (not just conspiracy theorists) should know by now those devices will spy on you.

And regarding those who say "I have nothing to hide" I say: Please post your naked pictures here, post all of your passwords, your sexual fetishes, all of your dirty secrets. And credit cards numbers. You don't want? Well, then you have something to hide.

 

[Joe Blow]

This is old news. The NSA has had this for decades.

 

[clytndn]

You should see what I can do with my Timex Expedition watch w/Indiglo.