HOME  |  NEWS  |  BLOGS  |  MESSAGES  |  FEATURES  |  VIDEOS  |  WEBINARS  |  INDUSTRIES  |  FOCUS ON FUNDAMENTALS
  |  REGISTER  |  LOGIN  |  HELP
Page 1/3  >  >>
Charles Murray
User Rank
Blogger
Re: More solutions needed
Charles Murray   1/7/2014 6:49:28 PM
NO RATINGS
Good points, William K. A weak OS is the source of a lot of malware/virus problems. Windows XP was far more susceptible to malware than Windows 7, for example. The OS has a lot to do with susceptibility.

78RPM
User Rank
Gold
Re: More solutions needed
78RPM   12/20/2013 1:51:39 PM
NO RATINGS
I just got another idea. In the wav file, look for all the zero crossings of the waveform and insert the secret code at each of those points. You would need an exploit program to scan for them. SoundForge offers a way to remove DC component of the sound. So, you ask, if you need exploit software in the target, why not just put the malware there? Well, you might use this as a way of getting a coded message inside the attack target.  Of course, I'm talking about researching this as ethical hacking, not to do mischief.

78RPM
User Rank
Gold
Re: More solutions needed
78RPM   12/20/2013 1:42:45 PM
NO RATINGS
Last night I created a 1575 Hz sine wave (because it's in the audible range and divides evenly into 44,100/sec sample rate. It's a .wav file.  I used a hex editor and selected a particular repeating sequence and changed those bytes to "HELLO WORLD." Then I played the file back through a mic into SoundForge Pro 11.  I looked at the waveform of the original HELLO WORLD file and the recording.  I could see similar peaks but they were a bit distorted after traveling through two transducers (speaker and mic).  It is clear that for any chance of this working, I would have to insert periodic markers (e.g., a series of "HHHHH") so that an exploit software would be able to calibrate the rest of the file (Normalize the volume) to get the coded message to appear.  I haven't gotten that far and I can see that the task would not be trivial but it would make a great research project.

brhans
User Rank
Silver
Re: More solutions needed
brhans   12/20/2013 8:27:32 AM
NO RATINGS
Sounds like an interesting experiment 78RPM. I would expect that the variability and imprecision in sound playback and recording would make it very difficult  - particularly if it passes through a lossy compression format like mp3. Please keep us posted ...

William K.
User Rank
Platinum
Re: More solutions needed
William K.   12/19/2013 10:40:30 PM
NO RATINGS
78RPM, yes, and thanks for the better explanation of what I had perceived was able to happen. Now we can see at least one mechanism for it to happen.

78RPM
User Rank
Gold
Re: More solutions needed
78RPM   12/19/2013 9:14:09 PM
NO RATINGS
@WilliamK and @brhans, From my "handle" you can see that I have a hobby of recording extremely old records as old as the 1890s. I edit the sound files to clean up the scratchy and often terribly noisy -- er noise.  This conversation inspires me to do some experimenting. I'll take a single audio file format -- pick one; wav, aif, mp3, yadda yadda.  I'll take a single high audio frequency and look at the hex file and embed a simple message and see how it affects the audio when I blend it in.  I think it's do-able. The thing to remember is that an attacker knows a lot about his victim, like what radio station he listens to, and what kind of audio files he listens to or records. Any audio file is a binary file; and any binary file can carry a worm. Given that the audio might distort the original, it might take a large number of attempts to get the worm into the target. But persistence succeeds. A worm doesn't need enabling software on the host to do its job.

When you call for product support, remember the voice that says: "This call may be recorded for quality assurance?"  That's your attack vulnerability.  The worm enters the recording and the help desk is attacked.

mrdon
User Rank
Gold
Re: More solutions needed
mrdon   12/19/2013 4:25:26 PM
NO RATINGS
brhans,

 

Although the story could be just a high tech stunt to gain attention for the authors, the potential threat does exist. I'll keep this malware attack on the radar for good measure.

brhans
User Rank
Silver
Re: More solutions needed
brhans   12/19/2013 4:02:03 PM
NO RATINGS
@William K.: just read the research paper which is refered to in the original article.

The scientists had to write and install their own custom-made software before they could do any of this. Their windows was not capable of doing it already.

On the website of the Fraunhofer Institute (where this research was conducted), one of the scientists even says that he is "sceptical that the malware "badBIOS" exists in the manner that was discussed in the technology news articles".

There is no big scary new malware story here. It was hyped out of context. Move on.

 

William K.
User Rank
Platinum
Re: More solutions needed
William K.   12/19/2013 3:49:56 PM
NO RATINGS
@brhans: do you really believe that you know and are aware of everything that windows is doing all the time? I really do NOT believe that we are privy to that information.

brhans
User Rank
Silver
Re: More solutions needed
brhans   12/19/2013 3:21:52 PM
NO RATINGS
Are we proposing that windows (or whatever OS) has so much free time that not only is it 'listening' to my microphone, but that it can try all possible demodulation schemes to turn whatever it 'hears' into something resembling data?

Remember that turning data into some sort of waveform to be broadcast out of a speaker needs a modulation scheme. Are we using some sort of simple AM or FM? Something a bit more interesting like one of the many different kinds of QAM or OFDM ? Something else entirely ?

Whatever the scheme is, the receiving end must know what it is before it can even begin to try to demodulate the received 'sounds' back into data.

So if the receiving end is somehow not only 'listening' on the microphone, but also knows exactly what to do what what it 'hears', then you've already been infected with something which can only have arrived over a much less new and exciting vector.

This is not a 'weakness in the bloated OS' waiting to be exploited - it is a functionality which would have to be deliberately added.

All you have to do is actually read the paper linked in Cabe's aticle and you find near the top of the page labeled 760 "All participants must have installed a compatible acoustic communication system, either by infection of a malware or actively installed".

In other words, other than the speaker/microphone hardware, the capability to perform this sort of communication was not already existing and it could there not be used to 'infect' new hosts 'over-the-air' which are not already 'infected'.

Page 1/3  >  >>


Partner Zone
Latest Analysis
In this new Design News feature, "How it Works," we’re starting off by examining the inner workings of the electronic cigarette. While e-cigarettes seemed like a gimmick just two or three years ago, they’re catching fire -- so to speak. Sales topped $1 billion last year and are set to hit $10 billion by 2017. Cigarette companies are fighting back by buying up e-cigarette manufacturers.
Microchip recently released the 3D TouchPad, the first USB PC Peripheral device that couples 2D multi-touch input with 3D air gesture technology. The company seeks the help of developers to further enhance the capabilities of the technology.
Made by Monkeys highlights products that somehow slipped by the QC cops.
To give engineers a better idea of the range of resins and polymers available as alternatives to other materials, this Technology Roundup presents several articles on engineering plastics that can do the job.
Mac Cameron of Stratasys describes the company’s Connex3 technology, which allows users to 3D-print complex parts in one build with no assembly required.
More:Blogs|News
Design News Webinar Series
10/7/2014 8:00 a.m. California / 11:00 a.m. New York
9/25/2014 11:00 a.m. California / 2:00 p.m. New York
9/10/2014 11:00 a.m. California / 2:00 p.m. New York
7/23/2014 11:00 a.m. California / 2:00 p.m. New York
Quick Poll
The Continuing Education Center offers engineers an entirely new way to get the education they need to formulate next-generation solutions.
Oct 20 - 24, How to Design & Build an Embedded Web Server: An Embedded TCP/IP Tutorial
SEMESTERS: 1  |  2  |  3  |  4  |  5  |  6


Focus on Fundamentals consists of 45-minute on-line classes that cover a host of technologies. You learn without leaving the comfort of your desk. All classes are taught by subject-matter experts and all are archived. So if you can't attend live, attend at your convenience.
Next Class: 10/28-10/30 11:00 AM
Sponsored by Stratasys
Next Class: 10/28-10/30 2:00 PM
Sponsored by Gates Corporation
Next Class: 11/11-11/13 2:00 PM
Sponsored by Littelfuse
Learn More   |   Login   |   Archived Classes
Twitter Feed
Design News Twitter Feed
Like Us on Facebook

Sponsored Content

Technology Marketplace

Copyright © 2014 UBM Canon, A UBM company, All rights reserved. Privacy Policy | Terms of Service