Smart Device Audio Hacking on the Web 3.0 | MIPYTHON.com
So one of my other hobbies beside web 3.0 bot building is cyber security. It’s really something you have to be up on everyday as it’s an extremely fast paced dynamic environment. Some of these bots never sleep lol. Any who I was just casually getting back into the scene and noticed some fascinating exploits with the harmonics of the cooling fan In a PC. Well it could be almost any device I suppose.
https://www.wired.com/2016/06/clever-attack-uses-sound-computers-fan-steal-data/
Mordechai Guri, manager of research and development at the Cyber Security Research Center at Ben-Gurion University, and colleagues at the lab, have previously designed three attacks that use various methods for extracting data from air-gapped machines—methods involving radio waves, electromagnetic waves and the GSM network, and even the heat emitted by computers.
One potential problem is a consumer might notice, and be dubious of, the versions in fan noises. So Guri and co use low frequencies of 140 to 170 hertz, that happen to be more challenging for humans to listen to. “Modulating the info over change of close frequencies is also less obvious by a individual, as it mixes in and shows up as natural qualifications environmental sound,” they state.
One of the limitations of the Human ear is the small range of frequencies we can pick up. With the Explosion of these new Web 3.0 Helpers, like amazon echo and all the other home convenience devices. Not to Mention the Good Ol web 2.0 smart phone, smart TV, etc.. How do you say google search “” @ 40k hertz? The opportunity for Exploitation is very apparent. I’m not an audiologist but it’s not very complicated to use some simple music creation software. FL Studio is my Fav ( BIG SHOUT OUT) to create just about any frequency range.
The Pandora is already out of the Box. Be very careful linking anything important to any “ smart device”
I just have my concerns with the push towards all these “smart” devices with voice commands. Specially driverless cars Don’t get me wrong. I’m a huge fan of IBM Watson and the Bluemix services. I’m just not so sure of this“Machine Learning”? Most of what I’ve seen are just hard coded nodes that “branch out” to other nodes on the “tree” in response to input.
Back to the potential for exploitation. So your driving down the road in your Self Driving Uber rental., DO DUH DO. What if the Youtube channel you’re watching has an embedded UHF signal that gains access to root debugging mode on the self driving vehicle? Just something to ponder.