UGN Security

LED's Give Away Computer Secrets

Posted By: Le4rner

LED's Give Away Computer Secrets - 03/08/02 02:21 AM

LED's Give Away Computer Secrets

Scientists have discovered that it's possible to track data being transmitted by computers, simply by monitoring the LED flashing lights on devices like modems and keyboards. It is frightening how much information can be gained in this manner.

"It requires little apparatus, can be done at a considerable distance, and is completely undetectable," writes Joe Loughry. "In effect, LED indicators act as little free-space optical data transmitters, like fiber optics but without the fiber."

Loughry says that the devices most at risk for leaking information this way include systems like ATM machines, which use long-distance proprietary networks. Covering or deactivating the LEDs, or keeping them far from windows, is the best defense.
Posted By: Le4rner

Re: LED's Give Away Computer Secrets - 03/08/02 02:22 AM

Here is some work for ya Gizzy! laugh
Posted By: Snake

Re: LED's Give Away Computer Secrets - 03/09/02 12:35 PM

dude, i didnt know that sort of **** was possible, ive noticed that within the last month there has been a huge amount of new ways of hacking and lots more security flaws in stuff discovered. Its kind freaky knowing just my monitor flicking is giving some guy a look at what im doing, typing in a password to my online banking account and whatnot.
Posted By: thebluegiant

Re: LED's Give Away Computer Secrets - 03/09/02 04:51 PM

ZDNet says : The best security warning of the week, however, must be a new scientific paper from reputable engineering types, which unveils the threat posed by exposed LEDs -- yes, those inoffensive little red lights that make your computer room look like a Christmas tree when you turn the lights off. The co-author of this masterpiece of deduction has discovered that you can decode the data passing through, say, a modem or router simply by reading the blinking lights on the front of it, much in the same way that Sherlock Holmes was able to follow Watson's exact train of thought by observing his facial expressions and the objects upon which his eyes alighted around the room. The existence of this insidious lapse apparently occurred to the co-author as he was passing the time one day by staring for several hours at the blinking lights on his modem.

There's only one problem with this, of course -- as the paper makes clear, the exploit only works if you're basically standing across the room, in the dark, and your target is a 9600bps modem, which is unlikely these days to be carrying any data of significance. These modems are at risk from up to 10 metres, in the dark, after which the signal quality drops radically; at faster rates, or if the lights are on, you no doubt need to place your spy device right next to the LED. On the other hand, it might just be easier to con somebody into telling you their password, or just read what they're typing on the screen.

If you're interested in this type of stuff look up Van Eck phreaking.
a quick definition from :
van Eck phreaking

Van Eck phreaking is a form of eavesdropping in which special equipment is used to pick up telecommunication signals or data within a computer device by monitoring and picking up the electromagnetic fields (EM-fields) that are produced by the signals or movement of the data. This electromagnetic radiation is present in, and with the proper equipment, can be captured from computer displays that use cathode ray tubes (CRTs), from printers, and from other devices.

Here is an example: The image on a CRT is created by electron beams that scan across the screen in a series of horizontal lines from left-to-right and top-to-bottom, in the same way you read a page of text (except much faster). This occurs at a specific frequency for each individual monitor; there are only a few standard frequencies in existence, and every monitor uses one of them. The intensity of the electron beams determines the relative red, blue, and green brightness for each pixel (picture element) on the screen. As a result, the CRT produces a modulated EM field that contains all the information in the image displayed on the screen at any moment. This information looks like a meaningless, irregular waveform if viewed directly on an oscilloscope. But, like a television (TV) signal, it can be demodulated with special equipment, and the image on the screen thereby retrieved, from some distance away.

However, I think that Ck once told me that PGP had a mode that defeated this somehow, never checked and don't remember how though.
Posted By: Le4rner

Re: LED's Give Away Computer Secrets - 03/10/02 01:34 AM

PGP is dead man. Also I read this same flickering could be used at ATM's from across the street....
Posted By: thebluegiant

Re: LED's Give Away Computer Secrets - 03/10/02 05:16 AM

Bah, development on PGP will probably die, but you can still get the program, so it's still valid.

And as far as I could tell from reading the writeup they never actually show any hard proof that this works over 30 meters (that's as far as they gave definite results to) and even then there's serious degredation in quality. I could very easily have missed somethign though, please say if I did so. It may be possible to do this, but I'll be hella surprised if it turns out to be as large of a threat as many people are making it out to be.
Posted By: Gremelin

Re: LED's Give Away Computer Secrets - 03/10/02 05:39 AM

yah i'm goinna ask them if i can mirror a download on ugn, just for like their approval and **** heh
© 2018 UGN Security Forum