How to Turn a Coke Can into an Eavesdropping Device



Black Hat Asia – According to a team of researchers from Ben-Gurion University of the Negev, if an attacker can see the object, then a soda can, smartphone stand, or any bright, light desk decoration, there is a danger of eavesdropping even in a soundproofed room. could. ,

At the Black Hat Asia security conference on Thursday, and aiming to expand on previous research into optical speech eavesdropping, the research team demonstrated that audio conversations at the volume of a typical meeting or conference call can be captured at up to 35 meters, or about could. 114 feet away. The researchers used a telescope to collect reflected light from an object near the speaker and a light sensor — a photodiode — to sample changes in light as the object vibrates.

A light object with a shiny surface reflects the signal with enough fidelity to recover the audio, said Ben Nassi, an information security researcher at the university.

“Many bright, light objects can serve as optical implants that can be used to recover speech,” he said. In some cases, they are completely innocuous objects, such as a smartphone stand or an empty drink can, but all of these devices because they share the same two characteristics, they are light and shiny when there are If there is enough light it can be used to hide.”



The eavesdropping experiment isn’t the first time researchers have attempted side-channel attacks that pick up audio from nearby objects.

Improvements to previous optical eavesdropping
In 2016, for example, researchers demonstrated ways to reconfigure the audio-out jack on a computer into an audio-in jack and thereby use the speaker as a microphone. In 2014, a group of MIT researchers discovered a way to use potato chip bags to capture sound waves. And in 2008, a group of researchers created a process to capture typed keys on a keyboard based on their sound and the time between keystrokes.

The MIT research is similar to the technique adopted by Ben-Gurion University researchers, except that the exploit requires a more restrictive location of the reflecting object and sufficient processing power to recover the audio, said Ben-Gurion. Raz Swissa, a researcher at the university, said. Negev.

“it [older] The method cannot be implemented in real time because it requires a lot of computational resources to recover the sound of only a few seconds.” And other well-known techniques, such as laser microphones, need to be employed. Requires a detectable light signal.

The researchers thus focused on creating a process that could be accomplished with everyday objects already in the target area and using readily available equipment. Using 25-centimeter objects about 10 inches from the speaker, the researchers could capture fluctuations in the light reflected by them up to 35 meters away. The recovered speech was quite clear at 15m and somewhat understandable at 35m.

Overall, the experimental setup, which the researchers call the Little Seal Bug, could be used to capture audio with everyday objects.

Great Seal, Little Seal and Beyond
The Little Seal Bug is a nod to a well-known early espionage phenomenon, known as the Great Seal Bug. In 1945, the Soviet Union presented the US ambassador with a crimson, embossed eagle celebrating US-Soviet cooperation to defeat Nazi Germany. Yet the Great Seal also had a hidden audio recorder that allowed Soviet spies to monitor high-level conversations at the embassy.

Similarly, the Little Seal Bug can use common objects around the office to capture audio through reflected light. In addition, most mobile devices come with a photosensor that does not require special permissions to be accessed. While the researchers have not come up with a chain of attacks using sensors, such a resource could very well be exploited by future attackers.

However, there are many more potential threats to espionage attacks, Nassi said. From compromising systems with malware and capturing audio that way, to using microphones already embedded in Internet of Things devices, such as AI assistants and video cameras, our world is quickly filling up with potentially eavesdropping devices. Is.

A smartphone, a laptop, an IP camera and a smart watch are probably more risky in terms of privacy than these devices or objects, he said.

Source



Related News

El Corte Inglés lowers the price of this Smart TV Neo QLED Samsung from 55″ reconditioned in its Outlet: a bargain with more than 1,200 euros discount

Contrary to what many users believe, the articles refurbished they are an excellent opportunity to get a perfectly functional and high-end product that new

This was the exclusive Apple “sound bar”: it sold very little but today it sweeps eBay

Apple has been around longer than you think in the world of hi-fi. There was an Apple speaker many years before the HomePod, which coincidentally has just

4 tricks that will help you know if an image was created with Artificial Intelligence

After several AIs that are experts in creating truly impressive images came to light, it would not be a surprise if you found it difficult to identify which

Samsung Galaxy S24 to return to Exynos 2400 high-end chips

For years, Samsung has been using a dual flagship model in terms of mobile phone chips. This means that it uses its in-house Exynos chips for its flagships

Spotify is unrivaled in the connected home: this is the feature that puts it miles ahead of the competition

Colors and streaming services are for everyone: Spotify, YouTube Music, Apple Music, Amazon Music... they all have their differences and similarities, but if

Heating the house with candles for less than 50 cents a day: what is the Winter method and why it is not a good idea

With the cold waves typical of the time and the price of fuels, it is normal for us to sharpen our ingenuity in search of solutions to have a comfortable