- Sep 15, 2008
- 5,046
- 177
- 116
US intelligence has already explored this attack technique, the NSA program known as TEMPEST makes use of special devices to syphon data from computers and servers via leaking emanations, including unintentional radio or electrical signals and vibrations from targeted hardware (e.g. Monitors, memory chips, keyboards, network cards and connection cables).
Once the malicious code is installed in the phone, it scans for electromagnetic waves which can be manipulated to build a network connection using FM frequencies to install a virus onto a computer or server.
Even assuming that particular one is in fact even plausible (I've read about ones using a similar "approach" that are apparently functional at least in a limited way), attack vectors like that are extremely impractical for "general use", and easily thwarted by anyone with even half a brain. Which doesn't mean that a large organization with many workers of varying levels of intelligence, motivation to maintain security, and loyalty to whomever or whatever owns or runs the organization would be immune, but as far as motivated individuals are concerned, they're fundamentally meaningless.this took two seconds of googling to find: http://securityaffairs.co/wordpress/25782/hacking/air-gap-network-hacking.html
And for that matter, there was another report (also out of Israel, so probably to be taken with at least a flake of kosher salt) that a PC's fan's speed could be modulated to transmit information via audible frequencies to a phone's mic. But again (all the other issues aside), that requires not only infecting a smartphone that will come into proximity with the target machine and the machine itself with appropriate software, but also that the phone remain turned on and/or in range of the targeted computer while the latter is being used. Even if a private individual can't be 100% sure their phone and/or computer could never be infected without being detected, turning the phone off (probably), or simply putting it in a drawer or leaving it in another room entirely are obviously mindlessly easy ways to thwart such an attack...I think the jest of the whole thing is that even if you have FDE, TEMPEST can see it. This is why the NSA hardens their buildings.
modulated to transmit information via audible frequencies to a phone's mic.
TrueCrypt – The venerable full disk and container encryption software that was abandoned by its developers in 2014, was believed to be secure, despite the development of the software ending. This was the consensus among the security community because the software had been audited by iSec (a subsidiary of NCC). They had taken separate looks at the boot loader and the application code and not found any serious security flaws.
This strengthened the community’s trust in the software and people continued to use the software, confident that the software was largely bug-free.
Fast forward to today and James Forshaw from Google’s Project Zero has taken a look at the source code, and found two flaws that existed throughout the iSec audit. One is a critical EOP (escalation of privilege) bug that would allow an attacker to use the TrueCrypt application to get elevated access to a computer that has the software installed. While this would not give access to the containers on the Windows PC and the data would remain encrypted, it is only one additional step now to bypass that hurdle. You could, for example, install a keylogger on the machine and use that to get access to the passwords on the machine without the user’s knowledge, thus breaking the encryption of containers.
VeraCrypt has patched the flaws, and the current version is now safe from the EOP attack. Make sure you update VeraCrypt to the current version if you haven’t already. If you are still running TrueCrypt, now is the time to run for the hills as this flaw is a deal-breaker. Having the TrueCrypt software installed is a direct security risk on all Windows systems.
This chain of events highlights the need for support from organizations like ours and people like you. You need as many eyes on critical security software as possible. Our efforts to draw more skilled developers into reviewing the code, both through bounties and direct funding of audits, is a crucial step in keeping software as secure as possible.
You can read more about the new flaws here: CVE-2015-7358 and CVE-2015-7359 (full disclosure has not occurred yet, this will be updated with links after full disclosure)
There is a vulnerability, but that's when the computer is on when it will be vulnerable anyway.