Jumping Air Gaps
Nice profile of Mordechai Guri, who researches a variety of clever ways to steal data over air-gapped computers.
Guri and his fellow Ben-Gurion researchers have shown, for instance, that it's possible to trick a fully offline computer into leaking data to another nearby device via the noise its internal fan generates, by changing air temperatures in patterns that the receiving computer can detect with thermal sensors, or even by blinking out a stream of information from a computer hard drive LED to the camera on a quadcopter drone hovering outside a nearby window. In new research published today, the Ben-Gurion team has even shown that they can pull data off a computer protected by not only an air gap, but also a Faraday cage designed to block all radio signals.
Here’s a page with all the research results.
BoingBoing post.
Peter Lind • February 13, 2018 6:55 AM
“Guri and his fellow Ben-Gurion researchers have shown, for instance, that it’s possible to trick a fully offline computer into leaking data to another nearby device via the noise its internal fan generates”
Would have been somewhat closer to the truth if the bit had contained the relevant bit of info that the air-gapped machine needs to be malware infected in the first place. Hence, the machine is not “being tricked” into leaking, it is running software that makes it transmit data.
Or, to be a bit more blunt about it. Someone had to have physical access to the machine in the first place. If that was the case, why bother fiddling with the fans.