| |
|
|
| |
|
|
always knew this was possibleeee
Data exfiltrators send info over PCs' power supply cables
Malware tickles unused cores to put signals in current
f you want your computer to be really secure, disconnect its power cable.
So says Mordechai Guri and his team of side-channel sleuths at the Ben-Gurion University of the Negev.
The crew have penned a paper titled PowerHammer: Exfiltrating Data from Air-Gapped Computers through Power Lines that explains how attackers could install malware that regulates CPU utilisation and creates fluctuations in the current flow that could modulate and encode data. The variations would be "propagated through the power lines” to the outside world.
PowerHammer attack
Put the receiver near the user for highest speed, behind the panel for greatest secrecy
Depending on the attacker's approach, data could be exfiltrated at between 10 and 1,000 bits-per-second. The higher speed would work if attackers can get at the cable connected to the computer's power supply. The slower speed works if attackers can only access a building's electrical services panel.
The PowerHammer malware spikes the CPU utilisation by choosing cores that aren't currently in use by user operations (to make it less noticeable).
Guri and his pals use frequency shift keying to encode data onto the line.
After that, it's pretty simple, because all the attacker needs is to decide where to put the receiver current clamp: near the target machine if you can get away with it, behind the switchboard if you have to.
With power supplies now representing a data exfiltration vector, defending yourself requires hermit-like separation from the world: you have to do without wireless connections, use a fanless computer, block the USB ports, install machines in a windowless room with any LEDs covered by black tape, make sure nobody can sense a PC's magnetic fields, and disconnect the speakers.
If you see a developer in cave with a big stack of pre-charged batteries, this is why. |
|
|
|
| |
|
| There are no conversations. |
| |
|
|
|
|
| Orison Swett Marden |
Your expectations opens or closes the doors of your supply, If you expect grand things, and work honestly for them, they will come to you, your supply will correspond with your expectation. |
| Drew Gilpin Faust |
As a scholar, you don't want to repeat yourself, ever. You're supposed to say it once, publish it, and then it's published, and you don't say it again. If someone comes and gives a scholarly paper about something they've already published, that's just terrible. As a university president, you have to say the same thing over and over and over. |
| Andy Rooney |
Computers may save time but they sure waste a lot of paper. About 98 percent of everything printed out by a computer is garbage that no one ever reads. |
| Tyler Hamilton |
If you do have a team where every rider has a huge list of results, that means everybody wants to do the race for themselves. The strongest team in the Tour is not the strongest team on paper. |
| Naima Adedapo |
No matter what as an artist that's always what you want to do, you want to connect to the audience, you want to be able to send whatever message it is that you're singing about, you want to be able to convey that - and not make them feel - you want them to feel it, you want them to feel what you feel. |
| Jeff Gannon |
All my stories were usually titled, 'White House Says,' 'President Bush Wants,' and I relied on transcripts from the briefings. I relied on press releases that were sent to the press for the purpose of accurately portraying what the White House believed or wanted. |
| Frank Iero |
I love players like Thurston Moore. I mean, you can put notes down on a sheet of paper, and if you practice and get your chops up, you can play like an Eddie Van Halen or a Steve Vai. But nobody can do what Thurston Moore does; he's his own guy. He talks through his instrument in a language that's all his own. |
| Sarah Wayne Callies |
Your work isn't just to learn and say the lines. Your work is to figure out what the chatter in your brain is, that's going on under the lines. It doesn't matter whether you're speaking or not speaking because your mind is working the way your character's mind would work. |
| Stephen Cambone |
There is a reasonable concern that posting raw data can be misleading for those who are not trained in its use and who do not have the broader perspective within which to place a particular piece of data that is raw. |
| Mencius |
A trail through the mountains, if used, becomes a path in a short time, but, if unused, becomes blocked by grass in an equally short time. |
|
|
|
|
Paper is online here: https://arxiv.org/abs/1804.04014
This is a really cool idea but I wonder if there isn't usually an easier way to get data from an infected computer given that you have the chance to install malware.
This post is a comment.
|
| |
|
|
|
Scientists Create DNA-Based Exploit of a Computer System
Archeron an hour ago 18
Archeron writes: It seems that scientists at University of Washington in Seattle have managed to encode malware into genomic data, allowing them to gain full access to a computer being used to analyze the data. While this may be a highly contrived attack scenario, it does ask the question whether we pay sufficient attention to data-driven exploits, especially where the data is instrument-derived. What other systems could be vulnerable to a tampered raw data source? Perhaps audio and RF analysis systems? MIT Technology Review reports: "To carry out the hack, researchers led by Tadayoshi Kohno and Luis Ceze encoded malicious software in a short stretch of DNA they purchased online. They then used it to gain 'fu...
|
| |
|
|
|
A Coal Power Plant is Being Reopened For Blockchain Mining
Sure, you could mine bitcoin on that old PC in your garage, or you could use a whole power station to do it. That's the idea behind the Blockchain Application Centre -- an Aussie tech initiative that will see one of the country's now-shuttered coal-fired power plants reopened to provide cheap power for blockchain applications. It's the work of Australian tech company IOT Group, which has partnered with local power company Hunter Energy on the project. According to The Age, Hunter Energy will recommission the Redbank power station in the Hunter Valley, two hours drive north of Sydney. Once the power plant is reopened (expected to be completed within 12 months), it will offer wholesale or "pre-grid" power prices to blockchain comp...
|
| |
|
|
|
Hacked Water Heaters Could Trigger Mass Blackouts Someday
At the Usenix Security conference this week, a group of Princeton University security researchers will present a study that considers a little-examined question in power grid cybersecurity: What if hackers attacked not the supply side of the power grid, but the demand side? From a report:
In a series of simulations, the researchers imagined what might happen if hackers controlled a botnet composed of thousands of silently hacked consumer internet of things devices, particularly power-hungry ones like air conditioners, water heaters, and space heaters. Then they ran a series of software simulations to see how many of those devices a...
|
| |
|
|
|
|
False power is power you give to an external source.
|
| |
|
|
|
Researchers Created ‘Quantum Artificial Life’ For the First Time
“Our research brought these amazingly sophisticated events called life to the realm of the atomic and microscopic world …and it worked.”
For the first time, an international team of researchers has used a quantum computer to create artificial life—a simulation of living organisms that scientists can use to understand life at the level of whole populations all the way down to cellular interactions.
...
|
| |
|
|
|
|
The power lines are on fire and I have work to do...
|
| |
|
|
|
I am speaking mostly about group and formal interaction rather than intimate one on one. I'm saying that our primal instinct to gain association with strong people makes relationship a game when I would prefer it to be more authentically selfless. If relationship is led so much by our instinct to increase our power, how can we call it love. Plot twist: love is power
This post is a comment.
|
| |
|
|
|
|
i didnt really realize how far back 50 cent went until i saw that dude from the supreme team talkin about how hes gangster.. all that name dropping in power of the dollar tho.. lol
|
| |
|
|
|
ThinkLynx, I summon your techno-mechanical wisdom. I need something that vibrates and is battery powered for a costume. I don't want to spend more than $15 +/- $7. I also am not confident enough as a man to buy the obvious choice.
I could technically rig up a power supply if there's some great option, but I don't want to electrocute myself...again...
|
| |