General Discussion
Related: Editorials & Other Articles, Issue Forums, Alliance Forums, Region ForumsStealing Data From Computers Using Heat
AIR-GAPPED SYSTEMS, WHICH are isolated from the Internet and are not connected to other systems that are connected to the Internet, are used in situations that demand high security because they make siphoning data from them difficult.
Air-gapped systems are used in classified military networks, the payment networks that process credit and debit card transactions for retailers, and in industrial control systems that operate critical infrastructure. Even journalists use them to prevent intruders from remotely accessing sensitive data. To siphon data from an air-gapped system generally requires physical access to the machine, using removable media like a USB flash drive or a firewire cable to connect the air-gapped system directly to another computer.
But security researchers at Ben Gurion University in Israel have found a way to retrieve data from an air-gapped computer using only heat emissions and a computers built-in thermal sensors. The method would allow attackers to surreptitiously siphon passwords or security keys from a protected system and transmit the data to an internet-connected system thats in close proximity and that the attackers control. They could also use the internet-connected system to send malicious commands to the air-gapped system using the same heat and sensor technique.
In a video demonstration produced by the researchers, they show how they were able to send a command from one computer to an adjacent air-gapped machine to re-position a missile-launch toy the air-gapped system controlled.
<snip>
http://www.wired.com/2015/03/stealing-data-computers-using-heat
I love the computer security world. I really do. It encourages everyone to get fired up about fantastical, unlikely threats. The latest dream attack, which emerged from Israels Ben-Gurion University, is way, way out there.
Ive been to Israel and met Ben-Gurion computer security students. Many of them are scary good. Last year I taught a weeklong class in Israel about honeypots, and the students almost taught me more than I taught them. In the end I felt I'd endured the mental equivalent of being arm-barred by Ronda Rousey.
But the heat-based side-channel attack recently cooked up by the folks at Ben-Gurion was a bit much. Dubbed BitWhisper, its fun to speculate about, but unlikely to be much of a threat in the real world.
Researchers were able to demonstrate they could generate heat from one computer to communicate with another, nearby air-gapped computer. BitWhisper essentially uses temperature as a digital smoke signal to send bits from sender to receiver.
<snip>
http://www.infoworld.com/article/2902921/security/6-reasons-why-heat-based-attacks-wont-happen.html
Wait till the machines become self aware and do this themselves.