(W)e accept that although it may be more difficult to infect isolated airgapped computers, it isn’t impossible.
But what about exfiltrating data from computers which have no connection with the outside world?
Researchers from Ben-Gurion University in Israel think they have found a way to do it, hiding data in radio emissions surreptitiously broadcast via a computer’s video display unit, and picking up the signals on nearby mobile phones.Honestly this just looks like a dumb downed version of Van Eyck Phreaking to me. Nothing really new in theory just made the application easier and even then the article still says it isn't easy. A little more from Wired:
The researchers tested two methods for transmitting digital data over audio signals but Audio Frequency-Shift Keying (A-FSK) turned out to be the most effective.
“[E]ach letter or character was keyed with different audio frequency,” they note in a paper released last week (.pdf) that describes their technique. “Using less than 40 distinct audio frequencies, we were able to encode simple textual data—both alphabetical and numerical. This method is very effective for transmitting short textual massages such as identifiers, key-stroking, keep-alive messages and notifications.”
The data can be picked up by a mobile phone up to 23 feet away and then transmitted over Wi-Fi or a cellular network to an attacker’s command-and-control server. The victim’s own mobile phone can be used to receive and transmit the stolen data, or an attacker lurking outside an office or lab can use his own phone to pick up the transmission.OK, not quite the same, but still if you knew that Van Eyck Phreaking was possible this shouldn't surprise you. Wired has the YouTube video also.
Ars Technica - Windows Phone security sandbox survives Pwn2Own unscathed -
The Windows Phone attack came during day two of the mobile hacking contest. During day one, an iPhone 5S, Samsung Galaxy S5, LG Nexus 5, and Amazon Fire Phone were all fully hijacked.As one of perhaps 7 Windows Phone users in the world I applaud this achievement. Amazing the comments section was rather complimentary towards Microsoft. Not the usual Linux or GTFO responses. This follows on another recent competition where the desktop version of IE 11 was the only browser to survive the attack. That doesn't mean MSFT is perfect security wise but improving and making efforts to do so.
CNN - ISIS announces new currency -
ISIS is planning to mint its own currency in gold, silver and copper, the group said Thursday.
Its aim is to stay away from the "tyrant's financial system," ISIS said in a statement. It said it would issue another statement to explain the new currency's exchange rate, and where it can be found.
The currency will include seven coins: two gold, three silver and two copper.
I imagine Ron Paul is splooging a little bit at the moment as two of his favorite subjects, antisemitism and gold combine in an orgiastic fervor.
No comments:
Post a Comment