In enterprise environments, it's long been accepted that keeping a particular machine "100%" safe requires little more than keeping it off of an external or internal network, making sure to disable its network devices - wired or otherwise - and of course, disabling its optical drives and USB ports. A machine can't get infected when all of its data transmission lines are closed, right?
Wrong, according to security consultant Dragos Ruiu and the league of colleagues that side by his research. Three years ago, Ruiu's MacBook Air was acting strange. The oddities began with an auto-updated EFI firmware, and later moved on to the disabling of the ODD and removal of some data. Typical trojan behavior - but this was no ordinary trojan.
When trying to get down to the bottom of the issue, Ruiu did what any security analyst would do: He removed points-of-entry into the computer one-by-one. He disabled the network, had the machine's Wi-Fi and Bluetooth cards removed, and even went as far as to unplug its power cord since, oddly enough, data could potentially be delivered that way.
Security consultant Dragos Ruiu - Credit Flickr: Foxgrrl
After all this, Ruiu's problems remained. After restoring his notebook, and keeping it off the network, his computer became infected almost immediately. Imagine installing a fresh copy of Windows, only to discover that registry access has been restricted. That's a situation Ruiu found himself in.
Ultimately, the problem stems from what he calls "badBIOS", where computers can use high-frequency noise to transmit data from one PC to another, over "air-gapped" machines (machines not connected to others). Further, bugs like this could be transmitted through connected speakers and microphones.
Is this the making of a great Halloween story, or what?
As complex as badBIOS is, it didn't come from nowhere: Ruiu established that it's initially delivered via USB. While that might not seem so surprising, we're not dealing with a simple autorun mistake or something of that nature - this goes beyond simple data stored on the USB device. Through the use of a potential buffer overflow via the USB connection, the bug can be planted that way. At this point, Ruiu isn't entirely clear on how this works, but he hopes to make use of some high-tech USB analyzing equipment soon to help figure it out.
What's disturbing about all of this is that despite how outlandish it seems, it's possible. It's a little scary, then, to consider the fact that PCs entirely off of a network with USB/ODDs disabled might still not be safe. Are we going to have to design our chassis in the future to block such transmissions? Let's hope not.
I'm not buying it. Seems to me that the machine was likely infected with something that resided in a tiny hidden partition or perhaps a piece of flash memory in the system, i.e. the BIOS EEPROM. Which would explain how the machine was infected again even after being completely isolated from the outside world.
Marco ChiappettaManaging Editor @ HotHardware.com
Follow Marco on Twitter
I am not fully understanding the article. What do you mean by through connected speakers and microphones? Are you saying that an infected computer can use its speakers to transmit the bug via high frequency speaker noise an another computer could get infected by listening to it through its microphone? If that is the case it definitely sounds very odd. How long would it take to transmit an average sized bug in this way? Would the computer to be infected require the microphone to already be on? Will the microphone need software to understand the "noise" it is listening to and then convert it to 1's and 0's? So many questions.. Even if this is possible it sounds like it would require the "perfect storm" or an alignment of planets for this to work...
Sounds fake to me.
Reportedly, this is NOT a Halloween hoax... there's a bit of feasibility here but it does seem thin.
Editor In Chiefhttp://hothardware.com
Amazing. Malware being transmitted over the power line or the air?
so from some reading ive done his evidence is thin because hes really the only to report on it. However hes respected enough to where its doesnt seem like a sci-fi movie virus. But yes its to some degree feasible. In the end really the moral of the story here applies to a lot things. Don't download things from websites you dont trust. For phones dont download apps from 3rd party markets or sketchy websites. And in this case DONT STICK THINGS IN YOUR COMPUTER FROM UNTRUSTED PEOPLE!! its really fairly simple solution. Oh and keep a close eye on your laptop in public
I transmit data over power lines every day.
Dogs are great judges of character, and if your dog doesn't like somebody being around, you shouldn't trust them.
Even if it could transmit data via speakers/microphone, there is nothing on the other PC telling it to listen to that data. If there WAS something telling it to listen, it would have to be the malware doing it in the first place, making it pointless to have to listen for the "rest" of it.
My thoughts exactly. Wonder what that's about.
Not that he mentioned using a Macbook. Apple's been notorious for leaving microphones open despite the user turning it off, just look at the Siri debacle on the iPhone. Since the computer is always listening for new information at a low level, you could theoretically get direct CPU access though low level systems like a microphone. But yes, ridiculously impossible in terms of variables you have to account for, the virus would have to be several hundred MB of code even in the best scenarios.
That's a bit of information we're lacking for sure. I'm hoping that we'll learn a lot more in the next month, because at this point there are more questions being generated than answers.
well thats basically it. It mentions in the article that it would have first be transmitted via an infected usb device. so its not like they can just magically transfer a virus all willy nilly. you have to be infected first thru a physical device as mentioned then a person in control of the malicious code could then send commands or other malware via the microphone or speaksers or some kind of frequency.
Doesn't have to be malware, apple always has their microphones on to minimize issues initializing the device. If you turn on speech recognition services in android or windows then other oses are at risk too.
I'm with Marco here. I call BS.
There is no way an isolated computer that is legitimately clean of any virus is going to get reinfected.
There are so many different locations this virus could store itself. In the BIOS rom, in a vga rom, or any other storage for that matter. It just sounds like an other root kit.
For all we know the guy is installing a bad driver that is already infected with the virus when he reinstalls the OS.
The electronics inside of a computer without a radio (wireless adapter) cannot produce RF, at least not without causing damage to itself. And the worst they would be able to do with that RF is cause interference with wireless networks, assuming they could even hit the right frequency. You device will just ignore this noise.
If we are talking EMI... the device would fry it's internal components before producing enough EMI to have any effect on an other device that was 2 inches away.
This just isn't possible. Everyone thinks wireless is Magic, well I just so happen to be a wireless network engineer...
BS Flag is waiving violently!
Also to touch on the whole audio theory...
The only way, one computer could produce a sound through the speakers and have an effect on ANY other computer would require:
1. The device producing the sound is already infected with the virus.
2. The second device is already infected with a virus that runs an application in the background that is specifically listening for the sound that the first device is going to produce.
3. The sound will have to be at a frequency humans can hear.
Speakers were designed for humans to hear, and they only work inside the narrow scope that we are able to hear sounds. Most speakers are not about to produce sounds at a frequency we cannot hear. We can hear in a range from 12Hz up to 20Khz. The range of a speaker in a portable device is much less. The range in high end audio equipment can reach the upper end of our range or hearing, but not the lower end. Highly specialized and very expensive speakers design for use by professionals, like biologists, exist to produce sound beyond our range of hearing, but you're not gonna find that in any normal persons home.
4. The sound will have to be loud enough for the microphone and humans to hear.
Most microphones are not going to be able to hear anything that you can't hear yourself. Only very high end microphones can pick up on sounds that are not loud enough for the human ear to detect and even then to pinpoint said sound would require professional equipment and an isolated sound chamber(check out how bang and olufsen tests their speakers for clarity some day). On top of that, if the noise is too quiet, it will be attenuated by other sounds waves in the air and the microphone will not be able to hear it. Basically, you would absolutely hear the device making this suspected noise.
Again, BS flag is still waving.
This would imply there is some secret backdoor phrase that you could say to cause mass devastation on all of these devices.
Also, how many times do you have to repeat yourself to your phone before it understands you?
How clearly and loudly do you need articulate?
Do you really think you would not hear the command that causes your device to implode?
NEWS TIPS |
This site is intended for informational and entertainment purposes only. The contents are the views and opinion of the author and/or hisassociates. All products and trademarks are the property of their respective owners. All content and graphical elements areCopyright © 1999 - 2014 David Altavilla and HotHardware.com, LLC. All rights reserved. Privacy and Terms