Stealing Data Via Electrical Outlet 208
Posted
by
timothy
from the accidentally-forget-to-label-some-220v-outlets dept.
from the accidentally-forget-to-label-some-220v-outlets dept.
Ponca City, We love you writes "NetworkWorld reports that security consultants Andrea Barisani and Daniele Bianco are preparing to unveil their methodology at the Black Hat USA conference for stealing information typed on a computer keyboard using nothing more than the power outlet to which the computer is connected. When you type on a standard computer keyboard, electrical signals run through the cable to the PC. Those cables aren't shielded, so the signal leaks via the ground wire in the cable and into the ground wire on the computer's power supply. The attacker connects a probe to a nearby power socket, detects the ground leakage, and converts the signal back into alphanumeric characters. So far, the attack has proven successful using outlets up to about 15 meters away. The cost of the equipment to carry out the power-line attack could be as little as $500 and while the researchers admit their hacking tools are rudimentary, they believe they could be improved upon with a little time, effort and backing. 'If our small research was able to accomplish acceptable results in a brief development time (approximately a week of work) and with cheap hardware,' they say, 'Consider what a dedicated team or government agency can accomplish with more expensive equipment and effort.'"
usb keyboard? (Score:5, Interesting)
random noise generator? (Score:5, Interesting)
even usb uses a GND and the D+/D- (data wires) aren't isolated from the GND.
Plus most GND is typically a common ground (through the chassis and to the ground of the power cable).
and if you consider the fact that this was done by unfunded, tiny group in just a week....makes ya wonder what the NSA or any other BIGGER and better funded group would have up their sleeves.
looks like I have to come up with a random noise generator to hook up to the ground of my power outlets.
Re:Done that (Score:4, Interesting)
Hell if I remember correctly my old motherboard had a setting to add random noise so the memory chips couldn't be read from their emissions. So yeah, it's an old and well known problem.
Listen to music from your computer with a radio (Score:3, Interesting)
A great deal of people here already know, but for the others:
http://www.erikyyy.de/tempest/ [erikyyy.de]
Software to generate images (noise) on your CRT screen so that the generated interference will translate as sound you can listen to on a radio receiver
It works great to listen to music when you do not have a sound card!
Mechanical Solution (Score:4, Interesting)
I worked in a facility that was fully TEMPEST shielded in the 80's. Dual airlock doors with full metal seals to get in. The power line leakage problem was taken care of a motor/generator setup. Incoming power only went to an electic motor. The motor was connected by a shaft which spun a generator to supply power to the computer room. With only a mechanical connection no data would be leaking back.
Re:usb keyboard? (Score:2, Interesting)
Re:Mechanical Solution (Score:5, Interesting)
I worked in a facility that was fully TEMPEST shielded in the 80's. Dual airlock doors with full metal seals to get in. The power line leakage problem was taken care of a motor/generator setup. Incoming power only went to an electic motor. The motor was connected by a shaft which spun a generator to supply power to the computer room. With only a mechanical connection no data would be leaking back.
So that's basically a mechanically implemented low-pass filter, right? I would think that it would be easier and cheaper to implement electronic low-pass filters at each wall outlet. Especially if you're worried about someone plugging a sniffer into one of the facility's interior power outlets.
Re:random noise generator? (Score:3, Interesting)
We musicians have our tricks and devices to get rid of power-line disturbances. I recommend looking for such a device in a big store for musicians and a guide on the net.
Re:usb keyboard? (Score:2, Interesting)
Bogus rehash of old methods (Score:3, Interesting)
This "Story" is a bogus rehashing of old, old methods. Old as in 60 to 80 years old. The NSA has been grabbing serial teletype signals off adjacent signal and power wires for at least that long.
It's old and in this case quantitatively bogus. The keyboard signals are milliamps. The leakage to chassis ground will be at least 40dB down, or under a microamp. The leakage from there to earth ground will be at least another 20dB down so we're down in the nanoamp range. By comparison the background ground currents from the PC's switching power supply and other devices will be several thousand times greater. If there's a light dimmer on the same circuit the noise will be nearly a million times greater. You can't combat that kind of background noise.
Same problem with the keyboard vibrations-laser scheme. They got the idea from a 1930's detective story where the secretary put her gold cigarette case under the phone receiver so her typing could be heard on the other end. Old!
But that only had a chance of working because each typewriter key row has a specific length of lever and spring, plus the typefaces are arrayed in a curve, so each one strikes the paper from a different angle, giving the listener an opportunity to guess the letter from the combination of X info from the length of the lever and spring, and Y info from the typeface strike angle.
But that is completely inapplicable to a modern keyboard, where THE KEYS ARE ALL IDENTICAL. No differing row and arc info at all. Maybe a teensy difference if the keyboard base is flimsy and has a slight change in resonance across the board. But unlikely.
I call bogus.
Re:random noise generator? (Score:2, Interesting)
Re:Mechanical Solution (Score:3, Interesting)
Wouldn't a voltage fluctuations inside simply become resistive fluctuations in the motor, causing the motor speed to fluctuate, and thus cause fluctuations on the supply power?
If there's a flywheel in there (and the sheer mass of the rotor assemblies will act as one) then the fluctuations will be so small that it'll be just about impossible to see anything, even with top quality equipment attached at the perfect point (on the outside, of course).
The other possibility is to just put a lot of other disparate busy traffic on in the inside too. Sure you'll be seeing fluctuations, but you'll never figure out what they mean; for all you know, that glitch you've just measured isn't a password but rather a server handing out yet another lolcat picture.
Re:usb keyboard? (Score:3, Interesting)
You really don't need to go that far. If you use a true sine wave UPS (where the incoming current charges the battery, and all power going to your devices is generated from the battery), I doubt you'll have lots of noise coming out of the line.
Heard about this six years ago (Score:3, Interesting)
Old college roommate, former Air Force Intelligience type, one day decided to give me something to think about when I was trying to be more secure with my PC... "Don't you think when you push 'A' on your keyboard or push 'B' on your keyboard that something ever so slightly different happens in your power supply?"
It's very old news amongst SIGINT types...
Re:random noise generator? (Score:3, Interesting)