Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
×
Security IT Technology

Academics Steal Data From Air-Gapped Systems Using Screen Brightness Variations (zdnet.com) 52

Academics from Israel have detailed and demoed a new method for stealing data from air-gapped computers. From a report: The method relies on making small tweaks to an LCD screen's brightness settings. The tweaks are imperceptible to the human eye, but can be detected and extracted from video feeds using algorithmical methods. This article describes this innovative new method of stealing data, but readers should be aware from the start that this attack is not something that regular users should worry about, and are highly unlikely to ever encounter it. Named BRIGHTNESS, the attack was designed for air-gapped setups -- where computers are kept on a separate network with no internet access. Air-gapped computers are often found in government systems that store top-secret documents or enterprise networks dedicated to storing non-public proprietary information.
This discussion has been archived. No new comments can be posted.

Academics Steal Data From Air-Gapped Systems Using Screen Brightness Variations

Comments Filter:
  • People with enough control to install software on an air-gapped system are able to then get it to transmit data?

    I mean... yeah, ok, but I would hope that any system that is "air-gapped" for security would also have it's USB ports glued over....

    • That's because you only think about the "Mossad is out to get your ass" type of uses.
      You forgot about the "Kevin Jr" is doing shit just for the pleasure of fucking things up.

      Random example:
      - imagine someone releases some piece of code masquerading as some tool useful for gamer but working as a backdoor. (that used to be a probable risk on the crack/trainer/etc. on old download sites. There's probably some other modern equivalent: some game assisting-bots ?).
      - 4chan user decide he wants to fuck up with some

    • People with enough control to install software on an air-gapped system are able to then get it to transmit data?

      I mean... yeah, ok, but I would hope that any system that is "air-gapped" for security would also have it's USB ports glued over....

      Uh, those USB ports are often used to back up data on an air-gapped standalone system, to protect against the inevitable (hard drive crash).

      The actual mitigation methods are restricting software installs by limiting permissions, and considerable levels of auditing. But to your point, if you've got physical access and rights to install software, there's only so much you can do to protect against the insider (admin) threat.

  • to those reports from around a decade ago of air gapped computers being compromised by using their microphones? IIRC it was only a lab POC but still quite interesting.

    • Why is it interesting? It is fairly obvious. You can communicate information using many methods. Light. Sound. Electricity. Air. Water. Smoke. Do we need a report on all those?

    • those reports from around a decade ago of air gapped computers being compromised by using their microphones?

      It has been in production now to track users by marketeers for ads retargetting and is called an "ultrasound beacon" (Look at the "Cross-device tracking" here in this mozilla blog post [mozilla.org]).

      (I also remember it being used for less nefarious purposes. I think Spotify can use to pair devices and help your own device realise when they are close to each other).

      You can bet someone will find a creative use of "information leaked through brightness control" (e.g.: for when the sound beacon can't work)

    • by TWX ( 665546 )

      And to think I used to joke about a two-cans-and-a-piece-of-string L1 network.

      We were even going to try to build it with some old acoustic-coupler modems and amplifiers.

  • by Fringe ( 6096 ) on Thursday February 06, 2020 @10:00AM (#59697552)
    These were researchers? What a load! We've been using exactly this in the video world for at least eight years. Slight variations in, essentially, the luminescence and brightness of images across a few frames (or even in a few regions), balanced so as to be imperceptible to humans but easily measured by computers. We can encode data that survives being displayed during a movie on a monitor that is then recorded from 20 feet away by a cell phone.

    It is rather low bandwidth... we just use it essentially for long serial numbers, to track down leakers... but it's completely reliable. And not new.

    • Whoa! If I had mods points... really interesting.

      How would it get enforced? If you find a pirated movie on the internet then you can find which copy it originally was? Has it actually been used for enforcement?

      • I think this would be used for tracking down pre-release versions of films. i.e. the ones sent to specific reviewers or members of the academy for Oscar nominations and the like.

    • I think this is has nothing to do with watermarking. I got the impression that the data gathered was from other regions of the screen, not from the source video. Why would you be trying to steal data from a source you already had?

    • Very interesting comment!

      I find that the current setup applies the fundamentals that you mention to a quite different system. Specifically, online adjusting of screen brightness to encode data (vs offline editing of a movie) in order to extract data from an air-gaped system. There is sufficient novelty to be commented, imho.

  • by Opportunist ( 166417 ) on Thursday February 06, 2020 @10:05AM (#59697572)

    Or you could find someone with access to that system and send him a letter with something along the lines "Hello. We know you have access to data we want. In unrelated news, we know where you, your wife and your kids live. We would love to have that data. About as much as you love your wife and kids."

    Needs work on the wording, but you get the gist of it.

    • Or for the guys who don't have a wife or kid: "Here is $100".

    • Of course, the old fallback method https://xkcd.com/538/ [xkcd.com]
    • by PPH ( 736903 )

      Not likely. People with access to highly valuable classified material are usually watched. Not due to a lack of trust. but the biggest risk is just this sort of threat or blackmail.

      • You think state actors have any qualms of hiring hitmen, including the phrase "and if you squeal, we'll off them regardless"?

        The fun bit about our technology is that it's become quite trivial to kill someone from far away if you are willing to take the risk of discovery.

        • by PPH ( 736903 )

          and if you squeal

          People who have this kind of protection don't have to squeal. Odds are pretty good that the CIA will intercept the threat on its way in. And all they'll know is when their security officer tells them that the problem was taken care of. The drone attack on the enemy's head of state intelligence might make the nightly news.

  • Unless of course YOU are a computer.

  • Or you can hook an VCR like device to an DVI/HDMI splitter

  • A computer that handles material sensitive enough to need air gapping probably wouldn't be in a room with a window, but rather in a secured, interior room (at least, hopefully). So for someone to use this attack vector they would still need physical access to the room, and most likely would then have physical access to the computer as well.

  • You can steal data by making (mechanical) drive heads perform in a specific defined rythem and recording the sound You can steal data by forcing LEDs to blink out binary code You can steal data scince you have physical access to the machine to do this silly stuff and just download what you want to a normal flash drive after the high brass leave the room.
  • Clearly we need to crack down on these, 'Academics'. Their exploits and antics are getting out of hand.
  • Why didn't they just strobe the keyboard lights? With thanks to Neil Stevenson...
    • Apparently, the keyboard lights method has a pretty high error rate. Even the string "Neal Stephenson" doesn't survive intact.
  • Next time I see someone messing with my monitor I'll know they're actually trying to hack me! ..........

  • But you have to get software to run on that air-gapped computer first...

    Why add the security click bait, it is cool even doing this with any computer. (for about 1 minute).
  • Air-gapped computers are often found in the houses of people still using Windows 3.1
  • Be vewwy vewwy quiet.

    I'm putting up dot cameras ...

  • This attack is useless against my amber-on-black high-persistence-phosphor CRT VT220 terminal.
    Or are y'all using them newfangled X Terminals ?

  • --If only there were some sort of hood we could place over the monitor - maybe we could put it all inside a Faraday cage and call it the "Cone of Silence"...

Don't tell me how hard you work. Tell me how much you get done. -- James J. Ling

Working...