Vulnerabilities An Airgap Won’t Secure Your Computer Anymore Published 4 years ago on January 29, 2015 By P. H. Madore Security professionals have said for years that the only way to make a computer truly secure is for it to not be connected to any other computers, a method called airgapping. Then, any attack would have to happen physically, with the attacker actually entering the room and accessing the computer that way, which is incredibly unlikely. In the case of computers containing highly sensitive information, additional, physical security can always be added in the form of security guards, cameras, and so on. Researchers at Georgia Institute of Technology have uncovered a vulnerability in all computers, however, which can be exploited regardless of an air gap. It’s a vulnerability which you’d never suspect, and it’s one that’s hard to fight against. All CPUs emit electromagnetic signals when they are performing tasks, and the first thing these researchers discovered was that binary ones and zeroes emit different levels. The second thing they discovered is that electromagnetic radiation is also emitted by the voltage fluctuations and that it can be read from up to six meters away. These signals, by the way, are known as side-channels, and they are well-documented in the cryptography field. The Least Traditional Attack You’ve Ever Seen Side channels are a powerful class of attacks that circumvent traditional security protections and access controls. Unlike traditional attacks that exploit vulnerabilities in what the system does, side channel attacks allow information to be obtained by observing how the system does it, reads their white paper. The researchers, whose names are Robert Callan, Alenka Zajic, and Milos Prvulovic, have developed software which allows them to overcome the two main problems of this type of attack: multiple weak signals and determining what is of interest and what is not, such as keystrokes. In this video, Milos demonstrates that the keystrokes can be decoded in real time from across the room. The white paper tries very hard to impress the importance of this vulnerability. An attacker who knows what they are looking for can do a great deal of damage using technology like this. They note that a vulnerability rating has been proposed recently, but that the proposal doesn’t do much in the way of providing developers of future technologies with a roadmap of improvement. The current state of the art is the recently proposed Side-Channel Vulnerability Factor (SVF), which measures how the side channel signal correlates with high-level execution patterns (e.g. program phase transitions). While this metric allows overall assessment of the “leakiness” of a particular system and application over a given side channel, it provides limited insight to 1) computer architects about which architectural and microarchitectural features are the strongest leakers, and to 2) software developers about how to reduce the side channel leakiness of their code. Nothing New Under the Sun Elsewhere, in Israel, a similar process has been developed for except it runs on a cell phone, called the AirHopper. This was done back in October to challenge a policy of letting people bring their mobile phones on secure sites as long as they locked them up in a locker before beginning work. The Israeli researchers proved that they could get data from computers that were connected to no standard network by using side-channels. With the foundations laid for this sort of compromise, one can only assume that it will be developed by governments and bad actors alike in order to further spy on communications of everyday people as well as gain access to incredibly sensitive data. Farraday Cage Remedy Conceivably, rooms containing computers or the computer cases themselves could be augmented with Farraday cages that would prevent this sort of close-range monitoring because the signals wouldn’t make it past the cage. Doing this on your home PC might seem overkill now. But as the technique gains wider usage and the technology which enables it is improved, a revival of wardriving could happen in highly populated areas, this time with the intention of stealing passwords and other sensitive data. One thing is for sure: the future of computer security will have to account for this new, universal vulnerability in some way. Images from Shutterstock. Important: Never invest (trade with) money you can't afford to comfortably lose. Always do your own research and due diligence before placing a trade. Read our Terms & Conditions here. Trade recommendations and analysis are written by our analysts which might have different opinions. Read my 6 Golden Steps to Financial Freedom here. Best regards, Jonas Borchgrevink. Rate this post: Important for improving the service. Please add a comment in the comment field below explaining what you rated and why you gave it that rate. Failed Trade Recommendations should not be rated as that is considered a failure either way. (0 votes, average: 0.00 out of 5)You need to be a registered member to rate this. Loading... P. H. Madore 5 stars on average, based on 2 rated postsP. H. Madore has covered the cryptocurrency beat over the course of hundreds of articles for Hacked's sister site, CryptoCoinsNews, as well as some of her competitors. He is a major contributing developer to the Woodcoin project, and has made technical contributions on a number of other cryptocurrency projects. In spare time, he recently began a more personalized, weekly newsletter at http://ico.phm.link Follow @HackedCom Feedback or Requests? Related Topics:airgapEditor's Pick Up Next Security Flaw Leaks VPN Users IP Don't Miss Taylor Swift Hacked on Twitter and Instagram, Naked Photographs Ransomed For Bitcoin You may like Nuclear Facilities are in ‘Denial’ to the risk of a ‘Serious Cyber Attack’ Israeli Security Lab Using Electromagnetic Waves to Extract Private Keys Career Hacker Fleeced by the FBI in Syracuse Ning Doesn’t Believe in HTTPS: Major Vulnerability for 50 Cent’s Social Network Florida Bringing Hacking Felony Charges Against 13-Year-Old CyberCaliphate Takes French TV Station Offline and Off-Air 10 Comments 10 Comments Del_Varner January 29, 2015 at 3:29 pm Umm, this is why there used to be (and maybe still are) computers that were “Tempested” or perhaps subjected to “Tempest” requirements, so they would not emit any electromagnetic radiation. Log in to Reply Icahn Breathe January 29, 2015 at 3:35 pm Let me just be the first to say this isn’t what you think it is: This requires a special program to be installed on the “target”/”monitored” laptop that emits specially coded RF when keys are typed on the keyboard. Since you have to install a special program you might as well just install a traditional keylogger. Also, I am presuming they are turning off the wireless on the laptop in order to reduce the radiation. Hardly a “coffeeshop” scenario as they present it to be in the video. Log in to Reply Mark Hahn January 29, 2015 at 3:42 pm this was embarrassingly obvious to anyone whose had even passing acquaintance with security. Log in to Reply votingmachine January 29, 2015 at 7:50 pm The strength of the signal surprises me. It may be obvious that every electrical current generates electromagnetic waves, but I would not have guessed at the 6 meter range. I would have guessed the radiative power level at MUCH lower. 5 Volts and a few micro-to-milli-Amps … across a complicated circuit. I’m still VERY skeptical. Reading keystrokes from 6 meters away may have been the limit. You don’t need a Farraday cage, just the knowledge of the distance and interference around you. And to be clear, the computer is not compromised. There is a slight leakage of information … I don’t think anyone is going to reconstruct much from the mish-mash of emitted spectrum from a computer. I typed this. Distinguishing the ASCII codes sent with an antenna from even 6 meters away is an impressive feat. I would doubt the spy could tell what I am listening to on the Sonos App though. Or what my spreadsheet is populated with. Or where the mouse curser is when I click. And once again. It is still an uncompromised computer if it has an airgap. It is just that it may be possible to spy in ways that are not yet known. Not to remotely access, but to spy unobtrusively. Even that seems impossible, in a world with a computer every 10 feet. Log in to Reply Mark Hahn January 30, 2015 at 4:17 am I think you underestimate how valuable (for compromise) it is to know anything about what a computer is doing. Consider the classic timing attack – each observation provides very, very little information, but combined with a sequence of probes, it’s very easy to infer keys (in vulnerable protocols)… Log in to Reply sirlanse January 29, 2015 at 4:01 pm It is the progress of antennas. The military has routinely separated computers from the power grid so that how much power was being drawn would not tell someone what was being computed. There are RF blocks built for water pipes, so that the people could not listen in on the pipes for RF from the computers. You should not just faraday the computer, the keyboard wire needs to be insulated as well. Log in to Reply gkumbu January 29, 2015 at 10:55 pm Correction needed: “6 or 7 feet”, not meters. Log in to Reply SamInTampa February 2, 2015 at 12:55 am Anyone remember TEMPEST? Read Masters of Deception? It is all about how close you can get to the target. This keyboard/keystroke reading and prediction news is at least 2 years old if not more.This has been well known within the security community for some time. It only scratches the surface of this topic. Log in to Reply Edm68 February 8, 2015 at 12:34 am If binary can be detected at 6 m. There is no need for 802.11 spec we could have an entirely new networking standard that just listens for cpu activity, which would be much faster. I call bs on the story. If i could get in the 6 m zone near to secure infrastructure, the target has bigger security issues. Log in to Reply Mark Cross February 8, 2015 at 4:02 pm Operation STOCKADE (MI5/GCHQ): analysis of compromising emanation from French cipher machine cables in 1960. They used broad band radio detection of the cables, and were actually able to read the original plain text along the low-grade cipher sequence. Surprisingly, murmurs of high-grade ciphers could sometimes be read from the same cable, which after comparison to the cable fed signal, gave a path to even that cipher’s plain text leakage. From 1960 to 1963 the MI5 and GCHQ could read cipher traffic to and from the French Embassy in London. wikip Peter Wright Log in to Reply You must be logged in to post a comment Login Leave a Reply Cancel replyYou must be logged in to post a comment. Cryptocurrencies Spectre And Meltdown Madness: What It Means For Ethereum Published 9 months ago on January 8, 2018 By James Waggoner To anyone who talks in terms of a cryptocurrency bubble, consider the following fun facts. In the short period of a few days following the bombshell announcement of Meltdown and Spectre, crypto prices responded in the following manner: Bitcoin +18% ETH +41% Litecoin +30% In my view, this is clear evidence of a market that is responding rationally to information coming from responsible sources. To appreciate what all the noise is about you must appreciate what Meltdown and Spectre are and why they present a danger to the big companies providing cloud storage for the corporate world. Once this is clear, then you will better appreciate why Ether’s 41%+ short-term price spike left the others in the dust. But first lets dig into the Meltdown and Spectre situation. The Secret Got Out On January 3 the secret about a new class of security vulnerabilities leaked out to the public. Not only was this seriously bad news but the leak also gave hackers advanced notice before anyone could begin to fix the twin problems. The degree of seriousness is in the fact that almost all major microprocessor chips are vulnerable. This opens the door to hackers stealing information from personal as well as cloud services. Researchers claim that Meltdown can be fixed with a patch. Shortly thereafter about every major player announced their patch. But there are two issues here. Will the patches fully solve they problem? Casting A Cloud Over The Cloud When a corporation becomes a cloud customer, even the largest share machines with other customers. This is the basic flaw in the centralized structure of cloud storage. Contrast this with the decentralized structure of blockchain technology and you begin to appreciate the force behind the sudden price spike in cryptocurrencies that we highlighted above. Even though security tools and protocols are designed to separate customers date, the recently discovered Meltdown and Spectre flaws still leave serious vulnerabilities. Meltdown, hackers could rent space on a cloud service, just like any other business customer. Once they were on the service, the flaw would allow them to grab information like passwords from other customers. Secondly, reports on cloud services like Amazon, Google and Microsoft claim that it creates as much as 30% slower computation speeds. That clearly won’t make for happy customers. Jerky NetFlix Virtually everyone reviewing the situation believes individual computer users are the least vulnerable. That may be true. Hackers are in the hunt for the biggest prize and that would be the big three cloud companies. But how do you think families are going to react if their Netflix stalls and buffers every few minutes? In the final analysis, the Meltdown flaw affects virtually every computer chip fabricated by Intel in use today. You are talking about 90% of the Internet and business world. But Meltdown is just one flaw. Spectre is the other flaw and this one is the more insidious of the two. There is no known fix. Intel, AMD and others have claimed how complex a project it would be for hackers to breech the Spectre vulnerability. That is pretty hollow comfort. After all, hasn’t the FBI security been breeched. Those guys were supposed to be airtight. Boom Days For Blockchain In so many ways, last year marked a tipping point in the spread and acceptance of blockchain technology. The uses for Bitcoin are probably best gauged by its record $20,000 price in December. For Ethereum, it may have been marked by the formation of the Enterprise Ethereum Alliance (EEA) in February and rise to over 300 members at year-end. No sooner has 2018 begun that the Meltdown and Spectre flaws created unexpected excitement for investors in cryptocurrencies. If I were a software salesman out of work, I would be sending my resume to every crypto company offering to peddle their blockchain. It could be the easiest job since selling web design services in 1995. The Ethereum platform with its smart contracts is not the only crypto capable of addressing this newly uncovered opportunity created by Meltdown and Spectre. You can safely bet this will attract many players and for good reason, today’s blockchain technology is a long way from fast enough for mass adoption. Blockchain security may be a step or two better in it present form than cloud storage, but it has its security issues as well. Building the Ethereum Moat EEA founder Jeremy Millar is clearly a brand ambassador for Ethereum. He believes that CEOs hear the chatter about blockchain and are pre sold not having a clear picture what can be accomplished or the money saved using this technology. The important thing is for IT departments to have a respected brand to attach to their recommendations. The EEA seeks to connect and inform and through this pioneering process spread the gospel of Ethereum. So far this is beginning to build a brand franchise for Ethereum. The EEA is the largest blockchain body and is committed to using open-source Ethereum technology for enterprise blockchain solutions. EEA expects to see great advances in these areas in 2018 with Ethereum technologies. It also helps when Wall Street banks uncover the potential for billions in savings on the trading desks through the applications of the Ethereum platform. So, if you though the last year held plenty of excitement, the Meltdown and Spectre flaws promise to make this year every bit as much fun. Featured image courtesy of Shutterstock. Important: Never invest (trade with) money you can't afford to comfortably lose. Always do your own research and due diligence before placing a trade. Read our Terms & Conditions here. Trade recommendations and analysis are written by our analysts which might have different opinions. Read my 6 Golden Steps to Financial Freedom here. Best regards, Jonas Borchgrevink. Rate this post: Important for improving the service. Please add a comment in the comment field below explaining what you rated and why you gave it that rate. Failed Trade Recommendations should not be rated as that is considered a failure either way. (14 votes, average: 4.14 out of 5)You need to be a registered member to rate this. Loading... James Waggoner 4.4 stars on average, based on 114 rated postsJames Waggoner is a veteran Wall Street analyst and hedge fund manager who has spent the past few years researching the fintech possibilities of cryptocurrencies. He has a special passion for writing about the future of crypto. Follow @HackedCom Feedback or Requests? Continue Reading Breaches Coders Safeguard Vulnerable Ethereum Wallets Following Security Breach Published 1 year ago on July 25, 2017 By Sam Bourgi Ethereum suffered large-scale security breaches last week after anonymous hackers targeted vulnerable wallets in the network, resulting in the loss of tens of millions of dollars. However, it didn’t take long for a volunteer group of coders to “rescue” the funds in 500 at-risk wallets before the same attackers could get to them too. White Hat Group Takes Charge The so-called White Hat Group showed initiative by “rescuing” the funds using the same techniques the thieves employed to compromise $32 million USD worth of ether from three multi-signature wallets. As of Monday, the White Hat Group of ethical hackers was in possession of $86 million worth of ether and an additional $122 million in tokens. Tokens are digital assets that are sold during an Initial Coin Offering (ICO) fundraising event. They have proven to be extremely popular. Tens of millions of dollars worth of ether and tokens have already been returned to their owners. The White Hat Group says it will issue full refunds by the end of July. Blockchain-based trading platform Coindash was also breached last week, resulting in the loss of more than $7 million worth of ether. Security Breaches Nothing New in Crypto World For all its benefits, cryptocurrency has been vulnerable to several high-profile security breaches. Last summer, Hong Kong-based Bitfinex was the target of a major attack that resulted in the theft of around $70 million worth of bitcoins. In response, the exchange announced a controversial plans to “socialize” its losses among all users. Each Bitfinex trader was docked 36% as a result. Bitcoin prices declined sharply following the attack, stopping what had been a blistering summer of gains. Ethereum Enterprise Alliance For anyone doubting the potential of the ether, take a look at the list of companies participating in the Enterprise Ethereum Alliance (EEA). The EEA is a forum that connects Fortune 500 companies, startups and academics with ethereum subject matter experts. The EEA is made up of multinational banks and some of the world’s biggest technology companies. The forum has made cyber security a top priority, according to a May 22 press release. In the release, companies like Infosys, Mitsubishi UFJ Financial Group, Synechron and others expressed their intent to contribute to the future of ethereum’s security. Important: Never invest (trade with) money you can't afford to comfortably lose. Always do your own research and due diligence before placing a trade. Read our Terms & Conditions here. Trade recommendations and analysis are written by our analysts which might have different opinions. Read my 6 Golden Steps to Financial Freedom here. Best regards, Jonas Borchgrevink. Rate this post: Important for improving the service. Please add a comment in the comment field below explaining what you rated and why you gave it that rate. Failed Trade Recommendations should not be rated as that is considered a failure either way. (0 votes, average: 0.00 out of 5)You need to be a registered member to rate this. Loading... Sam Bourgi 4.6 stars on average, based on 647 rated postsSam Bourgi is Chief Editor to Hacked.com, where he specializes in cryptocurrency, economics and the broader financial markets. Sam has nearly eight years of progressive experience as an analyst, writer and financial market commentator where he has contributed to the world's foremost newscasts. Follow @HackedCom Feedback or Requests? Continue Reading Vulnerabilities New Form of Ransomware Uses Social Media to Customize Demands Published 2 years ago on November 27, 2016 By Rebecca Campbell A new form of ransomware is reported to have been found that uses a person’s social media and computer files to customize a demand, according to cybersecurity researchers at Proofpoint. Called ‘Ransoc’ by the researchers because of its connection to social media, they found that the malware was scanning local media filenames and running several routines by interacting with Skype, LinkedIn, and Facebook profiles, infecting the system through Internet Explorer on Windows and Safari on OS X. What’s interesting about this new type of ransomware is the fact that unlike ransomware such as Locky, which encrypts a person’s files before demanding payment, Ransoc customizes its demands to its victims. After scanning a person’s computer files and social media to find potentially incriminating evidence, it then sends a penalty notice, threatening victims with court action if the amount isn’t paid. As it doesn’t encrypt a person’s files, the ransomware relies on a victim’s fear to pay the money straight away. According to Proofpoint, though, this type of penalty notice threat was widespread during 2012 and 2014; however, since then the focus has been on crypto ransomware and other malware as a way of scamming victims out of their money. Interestingly, enough, the team at Proofpoint discovered that the penalty notice only appeared if the malware was able to locate incriminating evidence on the computer. If, however, the file name was manually changed no penalty notice was triggered. Not only that, but the team found that instead of demanding the payment in bitcoin, which is what the vast amount of cybercriminals using malware demand, this one demanded payment with a credit card. Unlike bitcoin, which gives criminals anonymity, the use of a credit card means that law enforcement can potentially trace the money back to the criminals a lot easier. The fact that this method is used could suggest that the cybercriminals are happy in the belief that the victims have too much to hide to seek out help from the police. To encourage payment, though, the ransom note states that the money will be sent back to the victim if they are not caught again in 180 days. It’s safe to say that repayment never happens. All, it seems, is not lost. According to Proofpoint, the Ransoc only employs a registry autorun key to persist, so rebooting in Safe Mode should allow users to remove the malware. Featured image from Shutterstock. Important: Never invest (trade with) money you can't afford to comfortably lose. Always do your own research and due diligence before placing a trade. Read our Terms & Conditions here. Trade recommendations and analysis are written by our analysts which might have different opinions. Read my 6 Golden Steps to Financial Freedom here. Best regards, Jonas Borchgrevink. Rate this post: Important for improving the service. Please add a comment in the comment field below explaining what you rated and why you gave it that rate. Failed Trade Recommendations should not be rated as that is considered a failure either way. (0 votes, average: 0.00 out of 5)You need to be a registered member to rate this. Loading... Rebecca Campbell Follow @HackedCom Feedback or Requests? Continue Reading Recent CommentsAceBreakz on Monero Price Analysis: XMR/USD is Stable and Gunning for Potential Gains on “Bulletproofs” Technology Update DayChris G on Crypto Update: Altcoin Market Cap on the Verge of Trend Reversaldavidstewartkim on “The Core of Any Blockchain Project is Decentralization” – Jack Zhang, Lightning BitcoinDaniel Won on ICO Analysis: Dusk NetworkSholaO on ICO Analysis: Dusk Network Tron (TRX) Progressing Faster Than Anyone Predicte... Breakout Imminent Ripple Price Analysis: XRP/USD Subject to Pullback... Trade Recommendation: Stellar NEO Price Leapfrogs Market as Technical Article Co... Trade Recommendation: Ripple Market Update: U.S. Stocks Take the Plunge as Chin... Recent Posts Crypto Update: Coins Extend Losses as Bulls Fail to Show Up October 19, 2018 Selloff Resumes as Italian Budget Crisis Deepens October 19, 2018 A Tale of Two Pumps: PIVX and INS Ecosystem in Coordinated 25% Spikes on Bithumb Listing October 19, 2018 Market Update: U.S. Stocks Take the Plunge as China Selloff Intensifies; Crypto Institutional Lending on the Rise October 18, 2018 ICO Analysis: NODVIX October 18, 2018 Gemini Dollar Approaches Parity with USD After Rocketing Higher Earlier in Week October 18, 2018 Pre-Market Analysis And Chartbook: Stocks Turn Lower as Treasury Yields Eye Multi-Year Highs Again October 18, 2018 Monero Price Analysis: XMR/USD is Stable and Gunning for Potential Gains on “Bulletproofs” Technology Update Day October 18, 2018 NEO Price Leapfrogs Market as Technical Article Competition Underway October 18, 2018 Tron (TRX) Progressing Faster Than Anyone Predicted – Including Justin Sun October 18, 2018 A part of CCN Hacked.com is Neutral and Unbiased Hacked.com and its team members have pledged to reject any form of advertisement or sponsorships from 3rd parties. We will always be neutral and we strive towards a fully unbiased view on all topics. Whenever an author has a conflicting interest, that should be clearly stated in the post itself with a disclaimer. If you suspect that one of our team members are biased, please notify me immediately at jonas.borchgrevink(at)hacked.com. Trending Cryptocurrencies1 week ago Monero vs. ZCash: Privacy Coins Compared Analysis7 days ago Bitcoin Update: 2018 and 2014 Bear Market Comparison Altcoins6 days ago Electroneum’s Benchmark Month Sends ETN Coin Price Up 333% Altcoins1 week ago Bribery on Binance? DigiByte’s Jared Tate Blasts CZ Over DGB Listing Demands Altcoins7 days ago Digitex Futures (DGTX) Cements Top 100 Position with 194% Two-Week Growth Analysis1 week ago Crypto Update: Trade Setups for Bitcoin Cash and 0x Altcoins1 week ago Ripple Price Analysis: XRP/USD at Risk of September Bull Run Being Completely Deflated Bitcoin1 week ago Could Bitcoin Challenge Ethereum?