It looks like you're using an Ad Blocker.

Please white-list or disable AboveTopSecret.com in your ad-blocking tool.

Thank you.

 

Some features of ATS will be disabled while you continue to use an ad-blocker.

 

Thermal hacking

page: 1
9
<<   2 >>

log in

join
share:

posted on Mar, 30 2015 @ 03:02 AM
link   
I stumbled upon this last night when I was reading up on linux, didn't find it anywhere on these forums yet - if it is, I'm sorry.

STEALING DATA FROM COMPUTERS USING HEAT

The article describes how researchers at Ben Gurion University @ Israel found out how to retrieve information from and "air-gapped computer" using only "heat emissions and a computer's built-in thermal sensors."

They named the attack BitWhisper and uploaded a video of the procedure as proof:



Apparently Snowden leaked some information about this as well, talking about how the NSA was doing something similar with RF signals; really amazing...
edit on 30-3-2015 by Time2Think because: .




Mod Edit: All Caps – Please Review This Link.
edit on 31/3/2015 by ArMaP because: (no reason given)



posted on Mar, 30 2015 @ 03:20 AM
link   
a reply to: Time2Think

That is pretty wild. I read about the hack and it said that the machine is infected with software already. So possibly the heat sensor of the air gapped machine is simply using the sensor as a binary input device. The video makes it seem like that your taking over a machine simply by being next to it. That is not what is happening. Still very clever.



posted on Mar, 30 2015 @ 04:07 AM
link   

originally posted by: Time2Think
The article describes how researchers at Ben Gurion University @ Israel found out how to retrieve information from and "air-gapped computer" using only "heat emissions and a computer's built-in thermal sensors."
So if they run the attack for 100 years they can retrieve half the information from a floppy disk, how is that useful? It's one of the dumbest things I've ever read.


currently, the attack allows for just eight bits of data to be reliably transmitted over an hour



Apparently Snowden leaked some information about this as well, talking about how the NSA was doing something similar with RF signals; really amazing...
Yes there are much better hacks using both electromagnetic fields and using the sound the CPU makes. They are blazingly faster than one byte an hour.



posted on Mar, 30 2015 @ 05:01 AM
link   
a reply to: Time2Think

I suppose some kind of improved/hardened computer case could offer protection against such intrusion. All through shielding any components within such a case presents its own problems regarding thermal issues.



posted on Mar, 30 2015 @ 06:57 AM
link   
I should think the cooling fan might throw off the "scent".

One byte an hour, lol.

Heres what that data would look like on screen…

AF

A gold mine…



posted on Mar, 30 2015 @ 07:21 AM
link   
While this technique might demonstrate useful scenario-specific capabilities, the malware prerequisite will severely inhibit its efficacy. When it comes to manipulating off-grid command and control systems, it's hardly appealing to require physical access in the first instance. After all, it's not as if they're claiming to be able to do this to their neighbour without ever having to step through their door.



posted on Mar, 30 2015 @ 07:46 AM
link   
a reply to: VigiliaProcuratio

Personally im more worried about the recent new variant of router Malware that essentially rewrites the router firmware allowing ads and pornography never mind what else to be injected into websites. Having fallen prey to the Cryptowall 3.0 virus recently i have to wonder if this new router Malware was responsible considering the ease with which it seemed to circumvent my firewall, virus scanner and Malwarebytes.

www.techspot.com...
edit on 30-3-2015 by andy06shake because: (no reason given)



posted on Mar, 30 2015 @ 08:01 AM
link   

originally posted by: andy06shake
a reply to: VigiliaProcuratio

Personally im more worried about the recent new variant of router Malware that essentially rewrites the router firmware allowing ads and pornography never mind what else to be injected into websites. Having fallen prey to the Cryptowall 3.0 virus recently i have to wonder if this new router Malware was responsible considering the ease with which it seemed to circumvent my firewall, virus scanner and Malwarebytes.

www.techspot.com...


It does seem like firmware hacking is the future, as there is virtually no defense at present.

We really only defend against software hacks.

Firmware hacks are not outside intrusion.

It is more like turning your kidneys against your heart.



posted on Mar, 30 2015 @ 09:48 AM
link   
a reply to: johnwick




It does seem like firmware hacking is the future, as there is virtually no defense at present.



Well you could always change the password on your router from the default one? Do not enable remote access to the WAN side of your router unless you have an ACL that allows only a certain IP. I would also advise updating your routers firmware occasionally. Especially if you hear your router is vulnerable.

V



posted on Mar, 30 2015 @ 10:33 AM
link   
a reply to: andy06shake

Routers blatantly shouldn't have a default password, but should be set to something random or the serial key which would be printed on a label on the router itself.



posted on Mar, 30 2015 @ 10:35 AM
link   
a reply to: VigiliaProcuratio

Most people have the common foresight to change the default router password. Personally i change my own on a monthly basis.

Simple fact is that these-days password protection is not what it once was. If Someone is determined enough to gain access to your system, chances are they will manage it.
edit on 30-3-2015 by andy06shake because: (no reason given)



posted on Mar, 30 2015 @ 10:55 AM
link   

originally posted by: andy06shake

If someone is determined enough to gain access to your system, chances are they will manage it.

That is very true. Trouble is, routers are pretty much shipped ready to go and many people will have very little experience in networking at all, and will blindly trust that everything will be fine & dandy. The onus really is on the manufacturers to work out a simple way for the not-so-savvy to configure their router safely. It's a piece of cake for me, but I wouldn't necessarily say the same even for friends and family of my own age.


edit on 30th March 2015 by VigiliaProcuratio because:  



posted on Mar, 30 2015 @ 11:36 AM
link   

originally posted by: andy06shake
a reply to: Time2Think

I suppose some kind of improved/hardened computer case could offer protection against such intrusion. All through shielding any components within such a case presents its own problems regarding thermal issues.


You would need something like a Silencio 650. It doesn't have those fancy plastic see-through panels that let's everyone else see how valuable your components are. Instead, the case is insulated with foam to keep the sound from the cooling fans down.

But then someone could use malware to vary the sound of the cooling fans to extract data, which could then be picked up using a microphone. I am certain that my cooling fans were playing music when I lived next to a high-end TV showroom.



posted on Mar, 30 2015 @ 12:31 PM
link   
a reply to: andy06shake

Hello, what firewall do you use and what antivirus ?

Try changing some group policies to limited the possible execution from unwanted locations etc.

I think i advised you on CryptoPrevent from Foolish IT.. it saves a lot of messing with gpedit


Along with SuperAntiSpywear.. malware bytes.. avera antivir.. peerblock.. Zonealarm Pro

And Advor for Tor connections
.. works for me


Cheers bud




posted on Mar, 30 2015 @ 01:27 PM
link   
a reply to: Quadlink

I use Superantispyware, Malwarebytes professional and Avast . I dont touch Tor anymore simply because too many things can go wrong these days.



posted on Mar, 30 2015 @ 01:32 PM
link   

originally posted by: Quadlink

Hello, what firewall do you use and what antivirus ?

Please don't ask people which security solutions they use, it looks very iffy.



posted on Mar, 30 2015 @ 06:23 PM
link   

currently, the attack allows for just eight bits of data to be reliably transmitted over an hour


So that's...wait for it...one ASCII-encoded character per hour. ARPANET was faster than that, hell, I'd bet punch cards were faster than this nonsense.



posted on Mar, 30 2015 @ 07:03 PM
link   
a reply to: andy06shake

Tor is proper buggy, but AdvOr is rather nifty. The "network" is actually quite useful during that awkward moment when you absolutely positively need to play roulette at 3am, and 150 don't answer the phone so that you can tell them you're old enough to watch a ball-bearing spin around in circles. That's the long-version, in short I meant "age verification". Not that this has anything whatsoever to do with "thermal hacking", but hey.


edit on 30th March 2015 by VigiliaProcuratio because:  



posted on Mar, 30 2015 @ 09:08 PM
link   
Sometimes I really get a kick out of reading some of the comments... thanks everyone


For this particular hack, if somebody was going to go to all the trouble of setting up such a thing in order to bypass a ton of other security that was already in place; some of your replies don't really make any sense to me. First of all, why in the world would they want to transmit a large amount of data using a method like this? They'd be doing it in order to obtain things like login's, passwords, e-mail addresses (in other words, text), so I'm pretty sure 1 byte an hour really isn't too bad. Nobody in their right mind would attempt to transmit the latest 1080p blu-ray rip of Interstellar via heat emissions.... :: rolls eyes ::

I would also think that the fact that it takes a long time would actually be a good thing, because of the fact that you'd want to do everything in your power not to alert anyone of what's going on for obvious reasons. If it means some guy has to sit at his cubicle playing World of Warcraft for 200 bucks an hour while waiting around for possible logins / passwords to come in, I'm sure big bro wouldn't mind frontin' the cash too much.

In my own personal opinion, when I first read this it blew my mind - because not only is it a new exploit, it is a completely new way of thinking about computer security alltogether. I mean if you break into a system via heat emissions or radio waves, it makes me wonder how long it will be until somebody figures out how to break in on the subatomic level... ( ok, maybe now I'm just talking nonsense :!

edit on 30-3-2015 by Time2Think because: .

edit on 30-3-2015 by Time2Think because: (no reason given)



posted on Mar, 30 2015 @ 09:22 PM
link   
They've been able to reconstruct what's on a CRT monitor from leaked RF (radio frequency) emissions for a long time now. Typically, they'd setup a van down the street and be able to see what you see on your screen. It's gotten a little harder with LCD monitors now, as they don't give off as much RF signal.

Putting your computer workstation inside of a faraday cage can help mitigate/shield you. I've never seen anyone build a big faraday cage to enclose their entire workstation, but it's entirely possible to do so.

In fact, the government even shields against this type of thing. If you want to read more, check out Van Eck phreaking and Tempest (NSA Codename)

Thermal hacking via heat emissions is a newer, but we're just finding out about it. They also can use lasers against your windows to hear what you're saying. Basically, if they want to know something -- they have the tools to find it (assuming you are using technology). One of the reasons it was so hard to track down Osama was that he wasn't using the internet/computer/cell phones. He was using runners with paper notes.

It's sort of like the Battlestar Galactica. Go backwards with your technology to defeat your enemy who relies on high technology.
edit on 30-3-2015 by MystikMushroom because: (no reason given)




top topics



 
9
<<   2 >>

log in

join