hngopher.com

       [HN Gopher] Pixhell Attack: Leaking Info from Air-Gap Computers ...
       ___________________________________________________________________
        
       Pixhell Attack: Leaking Info from Air-Gap Computers via 'Singing
       Pixels'
        
       Author : gnabgib
       Score  : 25 points
       Date   : 2024-09-10 19:34 UTC (3 hours ago)
        
 (HTM) web link (arxiv.org)
 (TXT) w3m dump (arxiv.org)
        
       | Terr_ wrote:
       | In some alternate timeline, there's yet another attack vector of
       | noise from still-in-use floppy drives. (In addition to other
       | less-obsoleted things like flatbed scanners.)
       | 
       | Much the same way that people have used them to make music.
       | 
       | https://www.theverge.com/24034551/floppy-disk-music-scene-un...
        
         | colechristensen wrote:
         | Not an alternate timeline, I went to a blackhat talk that was
         | exfiltrating data from airgapped computers with unconnected
         | parallel port pins, printers (exact same thing as making them
         | make music but faster and with EM), and other peripherals. At a
         | usable distance of some meters too.
        
       | metaphor wrote:
       | For those unindoctrinated with the underlying phenomenon being
       | exploited, this demo[1] was shared almost a decade ago.
       | 
       | Also, undiscussed mitigation techniques[2] relevant to this
       | general class of nuisance that circuit designers may find of
       | value.
       | 
       | [1] https://news.ycombinator.com/item?id=8862689
       | 
       | [2] https://news.ycombinator.com/item?id=41505772
        
         | beefok wrote:
         | That just blew me away! I didn't think I was going to hear
         | anything, but yeah, immediately it gave an almost pulse-width
         | modulated high pitch tone. I'm not surprised, but it is also
         | awesome. I'm so many years old yet I can still hear the hum
         | from CRT's, but I'd say that tone is much higher frequency.
        
       | PoignardAzur wrote:
       | Two meters seems like a pretty short distance to bypass an
       | airgap.
       | 
       | At that point, in the kind of situation where someone is actively
       | trying to exfiltrate data, couldn't they point their phone camera
       | at a screen?
       | 
       | Like, maybe there are scenarios where the exit device is
       | compromised without the wearer knowing, or the spy wants to
       | remain discrete, but they seem a bit niche.
        
         | abdullahkhalids wrote:
         | Two ways this is useful:
         | 
         | - It is possible that the airgapped system still has a publicly
         | viewable screen displaying harmless information. But you use
         | this technique to leak secret information from the system.
         | 
         | - If the authors established that 2m is the maximum distance
         | that you can reliably leak information this way, then that is
         | in principle useful information for someone designing the
         | security system. No audio recording software allowed within 2m
         | of the screen!
        
       ___________________________________________________________________
       (page generated 2024-09-10 23:00 UTC)