Black Hat Asia – According to a team of researchers from Ben-Gurion University of the Negev, if an attacker can see the object, then a soda can, smartphone stand, or any bright, light desk decoration, there is a danger of eavesdropping even in a soundproofed room. could. ,
At the Black Hat Asia security conference on Thursday, and aiming to expand on previous research into optical speech eavesdropping, the research team demonstrated that audio conversations at the volume of a typical meeting or conference call can be captured at up to 35 meters, or about could. 114 feet away. The researchers used a telescope to collect reflected light from an object near the speaker and a light sensor — a photodiode — to sample changes in light as the object vibrates.
A light object with a shiny surface reflects the signal with enough fidelity to recover the audio, said Ben Nassi, an information security researcher at the university.
“Many bright, light objects can serve as optical implants that can be used to recover speech,” he said. “In some cases, they are completely innocuous objects, such as a smartphone stand or an empty drink can, but all of these devices – because they share the same two characteristics, they are light and shiny – when there are If there is enough light it can be used to hide.”
The eavesdropping experiment isn’t the first time researchers have attempted side-channel attacks that pick up audio from nearby objects.
Improvements to previous optical eavesdropping
In 2016, for example, researchers demonstrated ways to reconfigure the audio-out jack on a computer into an audio-in jack and thereby use the speaker as a microphone. In 2014, a group of MIT researchers discovered a way to use potato chip bags to capture sound waves. And in 2008, a group of researchers created a process to capture typed keys on a keyboard based on their sound and the time between keystrokes.
The MIT research is similar to the technique adopted by Ben-Gurion University researchers, except that the exploit requires a more restrictive location of the reflecting object and sufficient processing power to recover the audio, said Ben-Gurion. Raz Swissa, a researcher at the university, said. Negev.
“it [older] The method cannot be implemented in real time because it requires a lot of computational resources to recover the sound of only a few seconds.” And other well-known techniques, such as laser microphones, need to be employed. Requires a detectable light signal.
The researchers thus focused on creating a process that could be accomplished with everyday objects already in the target area and using readily available equipment. Using 25-centimeter objects about 10 inches from the speaker, the researchers could capture fluctuations in the light reflected by them up to 35 meters away. The recovered speech was quite clear at 15m and somewhat understandable at 35m.
Overall, the experimental setup, which the researchers call the Little Seal Bug, could be used to capture audio with everyday objects.
Great Seal, Little Seal and Beyond
The Little Seal Bug is a nod to a well-known early espionage phenomenon, known as the Great Seal Bug. In 1945, the Soviet Union presented the US ambassador with a crimson, embossed eagle celebrating US-Soviet cooperation to defeat Nazi Germany. Yet the Great Seal also had a hidden audio recorder that allowed Soviet spies to monitor high-level conversations at the embassy.
Similarly, the Little Seal Bug can use common objects around the office to capture audio through reflected light. In addition, most mobile devices come with a photosensor that does not require special permissions to be accessed. While the researchers have not come up with a chain of attacks using sensors, such a resource could very well be exploited by future attackers.
However, there are many more potential threats to espionage attacks, Nassi said. From compromising systems with malware and capturing audio that way, to using microphones already embedded in Internet of Things devices, such as AI assistants and video cameras, our world is quickly filling up with potentially eavesdropping devices. Is.
“A smartphone, a laptop, an IP camera and a smart watch are probably more risky in terms of privacy than these devices or objects,” he said.