Paranoid or Prepared? The spies on your desk
ຕາມປົກກະຕິແລ້ວຂ້ອຍຈະໄດ້ຮັບຄໍາຖາມກ່ຽວກັບເຫດຜົນທີ່ຂ້ອຍມີສະຕິກເກີຢູ່ເທິງ sensor ແສງສະຫວ່າງໃນຄອມພິວເຕີແລະໂທລະສັບຂອງຂ້ອຍ. Some think I don’t know the difference between a light sensor and a camera and try to explain to me that this is not a camera. What they don’t know is that ambient light sensors can be used with machine learning methods to extract data like they are weak cameras.
I generally hear from people: “But we have nothing to hide!” Well, you have more to hide than you think, and your data can be combined with other data collected from you elsewhere to produce intelligence at a level you can’t even imagine possible. ແລະ ຜູ້ ທີ່ ຮວບ ຮວມ ຂໍ້ ມູນ ບໍ່ ຈໍາ ເປັນ ຕ້ອງ ປະ ຕິ ບັດ ດ້ວຍ ເຈດ ຕະ ນາ ດີ. ຂໍ້ ມູນ ຂອງ ທ່ານ ສາ ມາດ ຖືກ ຮວບ ຮວມ ໂດຍ ຜູ້ ຂູ່ ເຂັນ ທີ່ ແຕກ ຕ່າງ ກັນ, ວິ ໄຈ ໂດຍ ໃຊ້ AI, ແລະ ໃຊ້ ເພື່ອ ຈຸດ ປະ ສົງ ແລະ ແຮງ ກະ ຕຸ້ນ ທີ່ ແຕກ ຕ່າງ ກັນ.
ໃນ ຄວາມ ປອດ ໄພ ທາງ ອິນ ເຕີ ແນັດ, ພວກ ເຮົາ ຄິດ ວ່າ ຖ້າ ຫາກ ການ ໂຈມ ຕີ ແບບ ຫນຶ່ງ ເປັນ ໄປ ໄດ້ ແລະ ມີ ໂອ ກາດ ທີ່ ຈະ ດໍາ ເນີນ ການ ໂຈມ ຕີ ນັ້ນ, ແລ້ວ ອາດ ມີ ແຮງ ກະ ຕຸ້ນ ທີ່ ຈະ ດໍາ ເນີນ ການ ໂຈມ ຕີ ເຫລົ່າ ນັ້ນ. ພວກ ເຮົາ ບໍ່ ຄິດ ວ່າ ຜູ້ ທີ່ ສາມາດ ຮວບ ຮວມ ຂໍ້ ມູນ ໄດ້ ມີ ເຫດຜົນ ທີ່ ຖືກຕ້ອງ ທີ່ ຈະ ເຮັດ ເຊັ່ນ ນັ້ນ. ພວກ ເຮົາ ບໍ່ ໄດ້ ຄິດ ວ່າ ມັນ ເປັນ ພຽງ ແຕ່ ກຸ່ມ ດຽວ ຫລື ຫນ່ວຍ ງານ ດຽວ ເທົ່າ ນັ້ນ ທີ່ ໃຊ້ ຄວາມ ອ່ອນ ແອ ເພື່ອ ຮວບ ຮວມ ຂໍ້ ມູນ ນັ້ນ.
ຂ້າງ ລຸ່ມ ນີ້ ແມ່ນ ລາຍ ຊື່ ຂອງ ສິ່ງ ອື່ນໆ ທີ່ ສາມາດ ໃຊ້ ເພື່ອ ສອດ ແນມ ເບິ່ງ ທ່ານ ຊຶ່ງ ທ່ານ ອາດ ບໍ່ ຮູ້ ວ່າ ມີ ຄວາມ ສາມາດ ນັ້ນ.
ຜູ້ ກ່າວ ປາ ໄສ ໃນ ໂທລະພາບ ຂອງ ທ່ານ ສາມາດ ຟັງ ທ່ານ ໄດ້
I am one of those who usually choose a TV model without a microphone or camera before I need to physically remove those devices. I also have a home firewall and a secured internal network, but I have learned throughout the years not to only rely on logical controls. However, based on a WikiLeaks release in 2017 and documents from 2014, the CIA (in cooperation with MI5) turned speakers in certain TV models into microphones to collect data. They even developed a fake off mode to show that the TV is off when they collect those conversations. If you think your TV might listen to your conversation, it is better to unplug it when not in use. It also saves you some energy because plugged devices even while not in use may consume some electricity.
Your tablet or laptop light sensor can capture your hand or your image
I always adjust screen light manually, and I believe I have a good reason for that.
The ambient light sensor is used to measure the amount of light and to adjust the brightness of the screen. Ambient light sensors can be used to capture images or keystrokes to steal passwords and data. A group of MIT researchers recently created a proof of concept by using an Android tablet’s hand gestures captured by the ambient light sensor to capture touch interactions.
Your mouse may listen to your conversation
This one is outrageous! A mouse doesn’t have a microphone or even a speaker to be turned into a microphone to listen to anything. However, there is a side channel attack known as “Mic-E-Mouse” that enables an attacker to listen to your conversations through your mouse.
A high performance gaming mouse (high DPI) can be hijacked by its optical sensor, so when you talk, voice vibrations can be measured with these sensors. Using machine learning algorithms and data from mouse sensors, security researchers can identify intelligible speech from vibrations.
Side channel attacks are a type of physical attack that measures changes in device output while a device performs an action. This type of attack is usually more sophisticated and targets certain assets like encryption keys. However, if an attack method is developed for certain types of devices, it won’t be very difficult to expand it to other similar devices and even automate it.
Motion sensors (gyroscope) can be used to record your voice
Now that we learned your mouse can be used to record your talking, it’s good to know that motion sensors can also be used for the same purpose. This is important as almost all modern smart devices like phones and tablets have a gyroscope or motion sensor. The sensor acts as a vibrating device, making it perfect for side-channel attacks and to capture voice, as sound waves can produce tiny vibrations.
Your hard disk drive (HDD) noise can be captured to steal sensitive data
Now that we’ve learned about side channel attacks, there is a type of attack called DiskFiltration developed by a group of Israeli researchers that can capture sensitive data from the sound of a hard disk drive working. This type of attack is sophisticated and aims at devices with an air gap. ດ້ວຍອຸປະກອນທີ່ມີຊ່ອງຫວ່າງທາງອາກາດ,, ອຸປະກອນບໍ່ໄດ້ເຊື່ອມຕໍ່ກັບເຄືອຂ່າຍໃດໆເຊັ່ນ ອິນເຕີເນັດ ແລະ ຕາມປົກກະຕິແລ້ວຈະຖືກເກັບໄວ້ໃນສະຖານທີ່ທີ່ປອດໄພ.. ອຸປະກອນທີ່ມີຊ່ອງວ່າງທາງອາກາດບໍ່ຈໍາເປັນຕ້ອງມີພູມຕ້ານທານຕໍ່ການໂຈມຕີທາງອິນເຕີເນັດ.. ຕົວຢ່າງຂອງການໂຈມຕີເຫຼົ່ານີ້ແມ່ນ Stuxnet, ຊຶ່ງເປົ້າຫມາຍລະບົບນິວເຄລຍຂອງອີຣານທີ່ມີຊ່ອງຫວ່າງທາງອາກາດທັງຫມົດ..
ໃນການໂຈມຕີແບບນີ້,, ຜູ້ບຸກໂຈມຕີຕິດເຊື້ອອຸປະກອນດ້ວຍໂປຣແກຣມທີ່ປ່ຽນແປງວິທີການດໍາເນີນງານຂອງອຸປະກອນ.. malware ສາມາດຖືກນໍາເຂົ້າມາໃນລະບົບໂດຍຜູ້ບຸກລຸກຫຼືຜ່ານວິທີອື່ນ.. ອຸປະກອນນີ້ມີຊ່ອງຫວ່າງທາງອາກາດ,, ດັ່ງນັ້ນ malware ຈຶ່ງບໍ່ສາມາດສົ່ງສິ່ງໃດອອກໄປທາງນອກໄດ້.. However, ມັນເຮັດໃຫ້ອຸປະກອນດໍາເນີນງານໃນບາງວິທີເພື່ອໃຫ້ແຂນຂັບລົດເຄື່ອນເຫນັງໃນແບບແຜນສະເພາະ.. A nearby smartphone or device that is not air gapped can be used to capture the sound of the hard disk drive to decode it back to data while it is written or read on disk effectively removing the air gap.
Your computer fan can compromise your data
You have an SSD on your system and don’t use a cheap and noisy HDD. So if your device is air gapped, then sensitive data cannot be exfiltrated. Well! Another group of Israeli researchers invented a method for you. Although your SSD doesn’t have an arm to rotate to make noise like with an HDD, your computer fan can be used to capture sound to compromise sensitive data from your air gapped computer. ໃນການໂຈມຕີແບບນີ້,, malware first infects the air gapped system (perhaps by an intruder to a secured facility), ແລ້ວ ຄວາມ ໄວ ຂອງ fan ເຢັນ ຈະ ປ່ຽນ ໄປ ໃນ ບາງ ແບບ . ສຽງ ສາມາດ ສົ່ງ ຂໍ້ ມູນ ໄປ ຫາ ເຄື່ອງ ຟັງ ທີ່ຢູ່ ໃກ້ໆ.
ສັນຍານ WiFi ສາມາດ ເຫັນ ຜ່ານ ຝາ ຂອງ ທ່ານ
ສັນຍານ WiFi ສະທ້ອນ ຈາກ ມະນຸດ ໃນ ຫ້ອງ. ນັກຄົ້ນຄວ້າ ສາມາດ ເຫັນ ຜ່ານ ຝາ ເພື່ອ ຈະ ຮູ້ ວ່າ ມີ ຈັກ ຄົນ ຢູ່ ໃນ ຫ້ອງ ແລະ ລະບຸ ຕົວ ບຸກຄົນ ໂດຍ ການ ເຄື່ອນ ໄຫວ ແລະ ທ່າ ທາງ ໂດຍ ບໍ່ ຈໍາ ເປັນ ຕ້ອງ ມີ ກ້ອງຖ່າຍຮູບ.
Post Disclaimer
The views, information, or opinions expressed are solely those of the author and do not necessarily represent those of his employer or the organizations with which he is affiliated.
The information contained in this post is for general information purposes only. The information is provided by Farhad Mofidi and while he strives to keep the information current and accurate, he does not make any representations or warranties of any kind, express or implied, regarding the completeness, accuracy, reliability, suitability or availability of the website. Farhad makes no representations or warranties. or any information, products or related graphics contained in any Post for any purpose.
Also, AI may be employed as a tool to provide suggestions and improve some of the contents or sentences. The ideas, thoughts, opinions, ແລະ ຜະລິດຕະພັນສຸດທ້າຍແມ່ນຕົ້ນສະບັບແລະມະນຸດສ້າງຂຶ້ນໂດຍຜູ້ຂຽນ.