Electrical data theft exploits
This article is an interesting way of how someone can steal data though electrical outlets . Demonstrated at Black Hat 2009 by Andrea Barisani and Daniele Bianco of network security consultancy Inverse Path, it shows how easy it is to steal data without expensive equipment i.e. with just an electrical grid and line of sight of the machine/ computer in question.
To summarize … the first power line exploit allows the attacker to grab keyboard signals through unshielded cablings, and the ground wire of an electrical system which is fed to the computer. The voltage difference and fluctuations of the signals that are leaked into the ground are captured from both resistor ends and converted to letters. The attack works on computers plugged into the wall and up to 15 meters (about 49 feet).
The second exploit involves a cheap laser pointed at a shiny part of a laptop or an object sharing the same space with the laptop. A receiver is set to capture the modulations of the reflected beam caused by the vibrations from the keys being struck. The modulation is then converted to electrical signals. Between the sequence of keys and word spacing, the attacker can disseminate what text is being typed; with shiny laptop lids and hinges provide the best read vibrations.
It is advised that when working on a laptop, that your surroundings are surveyed and that there isn’t a line of sight to the laptop while moving your position frequently while typing. They go as far as to say that striking random keys and using the backspace key to delete them is a good thing.
“If our small research was able to accomplish acceptable results in a brief development time (approximately a week of work) and with cheap hardware,” they say. “Consider what a dedicated team or government agency can accomplish with more expensive equipment and effort.”
The simplicity of exploits is indicative of the fact that you don’t need to do much to steal data. However, I am not sure how realistic (or real world) this is. It may be good in theory but the scenarios/ instances have to be perfect for it to happen.
Here are some notable comments:
“Many laptops have power converters without a ground. Based on the description of the attack, it seems that not having a ground wire would prevent this method from working as well.”
“Signal obtained by potential difference from the earth outlet needs to be fed back to a computer with the right voltage with AD converter and a software code to make any intelligible sense, I personally believe this claim is far fetched, the same goes with reflected laser beam unless the person listening to the sound signals is an expert telegraph operator who can detect and memorize at least 26 different sounds, not even Thomas Edison can do it.Unless of course the sound signal from the sound card is fed to speech converter application”
“Maybe you shouldn’t be writing your quarterly report on your laptop at Panera. Seriously, the best way to protect yourself and your data is simply choose better places to work on data with sensitive information. The only reason people are able to exploit this is because users are dumb. If your information needs to be protected then your computer needs to be in a secure area- and sorry, Motel 6 wifi doesn’t count.”
“Closing the curtains would be a start!”
Links
Compromising electronimagnetic emanations of wired keyboards
Researchers find ways to sniff keystrokes from thin air
Sniffing keystrokes via laser and keyboard power
