Q: I’ve been binge-watching spy movies lately and it got me wondering…how much of that tech stuff is really possible nowadays?
A: You mean, can Tom Cruise really run that fast or is Daniel Craig really that good a skier? Probably “yes” and “no.” Next!
Actually, between the recent spate of NSA leaks and documents published by security researchers, it turns out several movie-worthy spy tricks have been in use for years or soon will be.
Some of the coolest techniques have been demonstrated by researchers at Ben-Gurion University in Israel and specifically target “air-gapped” computers. These are computers that are not connected to the Internet making them much harder to infiltrate. The first problem is getting your spyware on the target PC in the first place – no easy task, but it’s been done before by tricking users into plugging in infected USB drives.
The second problem is getting the PC to send out passwords or encryption keys, and this is where things get interesting. No Internet? No problem! Just write data to the USB drive in a way that causes the radiation emitted by the internal circuits to spike, then measure patterns in those spikes and voila! Now you have Kim Jong-un’s Farmville password. It’s like Morse code, but instead of long and short beeps, they monitored the radio waves for low and high frequencies (bit.ly/2pXzXvu).
The same team also captured data by listening to hard drive noise (bit.ly/2peirFD), measuring the heat generated by CPUs (bit.ly/2pXBodm), and detecting changes in cooling fan sounds (bit.ly/2pXwFZ6). Ever notice your laptop getting noisy at night when you’re not even using it? An older technique turns PC video cards into FM transmitters, so a nearby phone with the right software installed can receive covert messages (bit.ly/2oYDyLq).
Elsewhere, Google presented a new method of hacking hardware at a security conference recently (bit.ly/2oFenuB). By writing to a computer’s memory in a certain way, they caused the transistors on the memory chip to leak electrical charges. Those leaked charges changed the data stored in other parts of the memory chip, giving them administrator privileges on the targeted PC. And presto! Now they have the ayatollah’s Uber password.
You’re probably thinking, “I don’t enrich uranium in the basement anymore, so I’m safe.” True enough, unless you have a TV or a phone.
That’s because a security consultant in Switzerland just proved that smart TV security has more holes in it that his homeland’s famous cheese. Smart TVs listen for over-the-air signals and connect to the strongest signal they find. Anyone with a $150 custom transmitter only needs to be closer to your house than the nearest cable provider in order to override their signal.
Since these TVs also have web browsers installed, they’re susceptible to the same security exploits that desktop browsers are. With the precision of his country’s famous timepieces, the consultant sent a signal to a TV that loaded a web page in the background, and from that page he took control of the TV. Many TVs have microphones and cameras – almost as many functions as a particular nation’s famous army knives – all of which could be controlled by a rogue signal. Watch out for that white van parked across the street (bit.ly/2pexlvw).
Lastly, the phones: Back in 2015, two researchers at a French security agency commandeered phones remotely when the phones had headphones plugged in. Some headphones have built-in microphones, so the wearer can issue voice commands to Siri or Google Now. Radio signals can travel up the headphone cords, allowing an attacker to impersonate the phone’s owner and manipulate the phone’s software (hbit.ly/2pXw61z). Now they have your Snapchat password. Ooh la la!
If you think “Surely Apple and Google have fixed that one by now,” we present a research paper published last April: bit.ly/2pXHNVS. In it, a team of computer scientists from the UK explain how a web page can tap into a phone’s motion sensors without requiring user permission. By detecting the phone’s tilt when someone enters their PIN, software can correctly guess 83% of PINs in one try and 99% in three tries. Smashing! Now they have your Twitter password.
Yes, some of that spy stuff is real, and if you don’t want to be spied on, the worst thing you can do is open a browser. So head over to askthepropellerheads.com and send us more questions…and booyah! Now we’ve got your Pokémon Go password