Welcome to DU! The truly grassroots left-of-center political community where regular people, not algorithms, drive the discussions and set the standards. Join the community: Create a free account Support DU (and get rid of ads!): Become a Star Member All Forums Issue Forums Culture Forums Alliance Forums Region Forums Support Forums Help & Search

Renew Deal

(81,802 posts)
Tue Mar 31, 2015, 04:09 PM Mar 2015

Stealing Data From Computers Using Heat

AIR-GAPPED SYSTEMS, WHICH are isolated from the Internet and are not connected to other systems that are connected to the Internet, are used in situations that demand high security because they make siphoning data from them difficult.

Air-gapped systems are used in classified military networks, the payment networks that process credit and debit card transactions for retailers, and in industrial control systems that operate critical infrastructure. Even journalists use them to prevent intruders from remotely accessing sensitive data. To siphon data from an air-gapped system generally requires physical access to the machine, using removable media like a USB flash drive or a firewire cable to connect the air-gapped system directly to another computer.

But security researchers at Ben Gurion University in Israel have found a way to retrieve data from an air-gapped computer using only heat emissions and a computer’s built-in thermal sensors. The method would allow attackers to surreptitiously siphon passwords or security keys from a protected system and transmit the data to an internet-connected system that’s in close proximity and that the attackers control. They could also use the internet-connected system to send malicious commands to the air-gapped system using the same heat and sensor technique.

In a video demonstration produced by the researchers, they show how they were able to send a command from one computer to an adjacent air-gapped machine to re-position a missile-launch toy the air-gapped system controlled.
<snip>

http://www.wired.com/2015/03/stealing-data-computers-using-heat



6 reasons why heat-based attacks won't happen

I love the computer security world. I really do. It encourages everyone to get fired up about fantastical, unlikely threats. The latest dream attack, which emerged from Israel’s Ben-Gurion University, is way, way out there.

I’ve been to Israel and met Ben-Gurion computer security students. Many of them are scary good. Last year I taught a weeklong class in Israel about honeypots, and the students almost taught me more than I taught them. In the end I felt I'd endured the mental equivalent of being arm-barred by Ronda Rousey.

But the heat-based side-channel attack recently cooked up by the folks at Ben-Gurion was a bit much. Dubbed BitWhisper, it’s fun to speculate about, but unlikely to be much of a threat in the real world.

Researchers were able to demonstrate they could generate heat from one computer to communicate with another, nearby air-gapped computer. BitWhisper essentially uses temperature as a digital smoke signal to send bits from sender to receiver.
<snip>

http://www.infoworld.com/article/2902921/security/6-reasons-why-heat-based-attacks-wont-happen.html


Wait till the machines become self aware and do this themselves.
Latest Discussions»General Discussion»Stealing Data From Comput...