Time to put tape over hard drive lights now, too? Anyone care to guess at the potential baud rate of a blinking light?
posted by doctor_negative at 10:19 AM on February 22, 2017

If an attacker can plant malware on one of those systems—say, by paying an insider to infect it via USB or SD card—this approach offers a new way to rapidly pull secrets out of that isolated machine.

If I can pay an insider to plug in a USB or SD card, I think I would just dump the drive to the plugged in device. Why bother with a very low bandwidth interface for what you could accomplish in seconds over USB?
posted by JackFlash at 10:19 AM on February 22, 2017 [7 favorites]

Time to put tape over hard drive lights now, too?

Yeah, for a moment there I was afraid I'd have to upgrade from the Faraday cage I've been doing my computing device usage in since Van Eck phreaking came along in in the 80's, to a full underground lair type of arrangement. Then I remembered electrical tape.
posted by sfenders at 10:22 AM on February 22, 2017 [6 favorites]

Anyone care to guess at the potential baud rate of a blinking light?

From TFA: "By transmitting data from a computer’s hard drive LED with a kind of morse-code-like patterns of on and off signals, the researchers found they could move data as fast as 4,000 bits a second, or close to a megabyte every half hour. That may not sound like much, but it’s fast enough to steal an encryption key in seconds."

If I can pay an insider to plug in a USB or SD card, I think I would just dump the drive to the plugged in device.

That's fine if the data you're looking for is on the drive at the time the insider has access to the computer.
posted by DevilsAdvocate at 10:26 AM on February 22, 2017 [6 favorites]

If I can pay an insider to plug in a USB or SD card, I think I would just dump the drive to the plugged in device. Why bother with a very low bandwidth interface for what you could accomplish in seconds over USB?

It's a side channel that doesn't show up on whatever network logs that the target is maintaining. You also only need to plug in something with a USB interface: could be, say, a printer that was tampered while in shipment to the destination.
posted by indubitable at 10:27 AM on February 22, 2017 [1 favorite]

This group has come up with some really clever (though largely impractical) data exfiltration methods:

Using the sound of a computer's fan

Using the heat given off by a computer
posted by Sangermaine at 10:37 AM on February 22, 2017 [4 favorites]

You also only need to plug in something with a USB interface: could be, say, a printer that was tampered while in shipment to the destination.

Or, even more subtle - a mouse or keyboard? A microusb cable (for phone charging), maybe?
posted by spaceman_spiff at 10:48 AM on February 22, 2017

Ye, by my winks and farts, shall know me, (computer, me computer, aargh!)
posted by Oyéah at 10:49 AM on February 22, 2017 [2 favorites]

How does Randy know that there is a site called Golgotha, and how does he know its real coordinates? His computer told him using Morse code. Computer keyboards have LEDs on them that are essentially kind of useless: one to tell you when NUM LOCK is on, one for CAPS LOCK, and a third one whose purpose Randy can't even remember. And for no reason other than the general belief that every aspect of a computer should be under the control of hackers, someone, some where, wrote some library routines called XLEDS that make it possible for programmers to turn these things on and off at will. And for a month, Randy's been writing a little program that makes use of these routines to output the contents of a text file in Morse code, by flashing one of those LEDs. And while all kinds of useless crap has been scrolling across the screen of his computer as camouflage, Randy's been hunched over gazing into the subliminal channel of that blinking LED, reading the contents of the decrypted Arethusa intercepts.
- Cryptonomicon, 1999
posted by ohkay at 10:54 AM on February 22, 2017 [27 favorites]

If I can pay an insider to plug in a USB or SD card, I think I would just dump the drive to the plugged in device.

That's fine if the data you're looking for is on the drive at the time the insider has access to the computer.

Plus you need access a second time to get your device back, which could involve having to smuggle a physical thing through security.
posted by ctmf at 10:54 AM on February 22, 2017 [2 favorites]

Time to put tape over hard drive lights now, too? Anyone care to guess at the potential baud rate of a blinking light?

If you're air-gapping the computer, the FIRST rule is to put it in an interior room that has no direct line of sight exposure to a window. Blinking any one of the several more-or-less software controllable LEDs (i.e. caps lock, num lock, scroll lock, or a custom screensaver that encodes huge wodges of data in its pretty pictures) would be the totally easy and obvious first line of egress that anybody writing malware would think of for exfiltrating data. Drone, line of sight and a telescope, I can probably think of something else now I have a bit of time to think...
posted by wotsac at 10:56 AM on February 22, 2017 [8 favorites]

Lol, now you mention it, the blatant in-your-face changing 2D barcode as a screensaver idea might just be ridiculous enough to work.
posted by ctmf at 11:17 AM on February 22, 2017 [4 favorites]

I'm able to steal all the information off a computers hard drive using only photons transmitted directly from a liquid-crystal display to the visual receptors located in my cranium.

I can even put data back into the computer by mashing a keyboard with meat-sticks on the end of my arms.
posted by blue_beetle at 11:27 AM on February 22, 2017 [13 favorites]

I figure most people fall into one of the following camps:
- install it themselves because: shiny!
- the screensaver turned itself on. Computers? They're magic.
- the screensaver turned itself on. IT department? Arbitrary and capricious.
posted by wotsac at 11:29 AM on February 22, 2017 [1 favorite]

Kudos for the Space Camp reference. That movie is still a guilty favorite.
posted by xedrik at 12:15 PM on February 22, 2017 [2 favorites]

>Lol, now you mention it, the blatant in-your-face changing 2D barcode as a screensaver idea might just be ridiculous enough to work.

This is exactly how the old Timex DataLink watches worked, except the barcode was just a synchronized varying brightness signal from your monitor.
posted by ArgentCorvid at 12:36 PM on February 22, 2017 [1 favorite]

I could imagine setting an LED so it blinked really, really fast so the blinking looked 'normal' but was actually operating at much greater bandwidth. I couldn't do it, but I could imagine it...
posted by unearthed at 12:53 PM on February 22, 2017 [1 favorite]

I can imagine (and could probably hack up something that almost worked) blinking an LED with data at close to the 4000 bps they mention. The LED would just look like it was on but dim most of the time because it'd basically be the same type of PWM signal used to dim LEDs in general. What shocks me is that pulses that fast can be read from a diffused, cheap LED even up close, much less at a distance.
posted by Clinging to the Wreckage at 1:07 PM on February 22, 2017

Anyone care to guess at the potential baud rate of a blinking light?

Well, I actually did that once in a machine language class. We built a system that transmitted data across the room using a photocell to read a blinking light. If I recall correctly, about 10 bits per second. It probably could have gone faster, but we hadn't built any system to do error checking on the receiving end and request re-transmission of missed bits, so we played it safe by leaving the light on a long time.

EDIT "By transmitting data from a computer’s hard drive LED with a kind of morse-code-like patterns of on and off signals, the researchers found they could move data as fast as 4,000 bits a second, or close to a megabyte every half hour."

Pff. Damn kids. What's your goddamn hurry? 10 bps is plenty fast enough if you're not just screwing around. And get off my lawn.
posted by Naberius at 1:29 PM on February 22, 2017 [1 favorite]

Not that much of a break-through: I am reminded of the not-that-slow networking built into some Apple laptops in the mid-90s, via the IR port: http://lowendmac.com/2015/irtalk-irda-and-the-mac/
posted by wenestvedt at 1:39 PM on February 22, 2017 [1 favorite]

You know, I bet you don't even need line-of-sight to the LED as long as the room is dark enough and you have a sensitive receptor at the bottom of a long tube. And it's not just the hard drive LED; my router (which is its own little computer, and which is remotely updated by my cable company) has blinking lights too, and other people have mentioned screensavers - it would be trivial to encode data in color or brightness changes.
posted by Joe in Australia at 1:57 PM on February 22, 2017 [2 favorites]

I left it at 'line of sight' and not 'direct line of sight' hoping that might be imply that, yes, those damned bright LEDs that are all over computer equipment can do a fair bit of bouncing off white walls.
posted by wotsac at 7:07 PM on February 22, 2017

This sounds remarkably like the paranoia of the people who are worried that smart electric meters are going to reveal all their most dire secrets, like they run the air conditioner in the summer and turn on lights when it gets dark.
posted by Kid Charlemagne at 7:29 PM on February 22, 2017

That'd work a lot less well with a big enough cap on the hot side of the LED ... running several bits together.

The malware can't get around that. Sure it could be mod'd with physical access, but that's always game over anyway.
posted by Twang at 9:51 PM on February 22, 2017

smart electric meters are going to reveal all their most dire secrets, like they run the air conditioner in the summer and turn on lights when it gets dark

... and when they watch TV, how often and at what times they use hot water, when they get a new computer, which video games they play, when they go on vacation, exactly what hours someone is home, when and for how long they sleep, whether they sleep soundly or turn on a light in the middle of the night, when they have visitors who don't like the thermostat turned down so far at night, and other such minutiae of no consequence that could be deciphered by varying degrees of clever analysis.

But no, this story is not much like that, it's more of interest to people who have valid professional reasons to use terms like "air gap".
posted by sfenders at 4:49 AM on February 23, 2017 [4 favorites]

>Lol, now you mention it, the blatant in-your-face changing 2D barcode as a screensaver idea might just be ridiculous enough to work.

This is exactly how the old Timex DataLink watches worked, except the barcode was just a synchronized varying brightness signal from your monitor.

ha! this is also how you sync your Whatsapp account from your phone to their webapp.
posted by numaner at 9:48 AM on February 23, 2017

"The pinpoint flickers, emitting from the LED hard drive indicator that lights up intermittently on practically every modern Windows machine, would hardly arouse the suspicions of anyone working in the office after hours. "

No the disk light would not arouse suspicion. No suspicions at all..... even if THERE IS A DRONE OUTSIDE YOUR FRICKIN' WINDOW PANE FOR NO PARTICULAR REASON.
posted by storybored at 12:23 PM on February 23, 2017

4-6Kbps is not fast. Unless of course you're downloading Apple ][ warez.
posted by pashdown at 1:18 PM on February 23, 2017

Or say, a few certificates, ssh keys, passwords...
posted by wotsac at 2:34 PM on February 23, 2017

aka "Optical Tempest", although this is a nice side-channel version.

You can get away without (human) noticeable flickering by phase-shift-keying instead.
posted by nickzoic at 3:01 AM on February 24, 2017 [1 favorite]