youtube.com
motherboard.vice.com
I guess anons were wrong. You really can't beat the botnet now. You thought open source and special software tools can protect you. You thought encryption and reflashing your hardware with custom firmware can protect you. You thought VPNs can protect you. You thought disconnecting from the internet can protect you. Some autists even tried Faraday cages to avoid airgap hacks. But now, comes along the MAGNETO method from Israel. They can now airgap your devices even if they are in Faraday cages. What do we do now Sup Forums?
Now even Faraday Cages Can't Stop the Botnet
Jonathan Thomas
Other urls found in this thread:
arxiv.org
en.wikipedia.org
twitter.com
Juan Lewis
I wonder what rms has to say about this
Cameron Thompson
>hey user might as well give up and give us all your data
fuck off cia/nsa
Hudson Evans
>Israeli security researchers
OK.
Anyway, the approach they propose, if it works, which it almost certainly doesn't, would be completely negated by just using a steel cage, which you should honestly already be doing for other reasons.
Landon Davis
>we can circumvent physics
>it'd be easier for everyone if you just didn't try to resist
Aiden Miller
wow, it's nothing.
Austin Campbell
I have never trusted computers and have no data worth hiding
Jacob Turner
>requires them to have physical access to the system so they can install the malware in the first place
Andrew Turner
this
where do these researchers most likely get their money from? government grants
govt. buys their good name and has them say things that keep too afraid to resist
it's like the weed myth
>dont grow a single plant dude they have planes that can detect them from 10000ft!
>actually all they have is regular thermal sensors that can detect the heat coming from running an entire room full of lights
James Cruz
>vice.com
Brandon Lee
if you invent your own computer, you'll know its free of backdoors
you'll have to use organic non-backdoored ingredients but in the end you'll be certain its clean
Owen Adams
It's not caged. They used a desktop system. This means it has a connection over the electric outlet to the outside world. Using the eletric line to transfer information is old shit.
Brayden Bennett
>Our method is based on an exploitation of the magnetic field generated by the computer CPU.
>Unlike electromagnetic radiation (EMR), low frequency magnetic radiation propagates though the air,
>penetrating metal shielding such as Faraday cages (e.g., compass still works inside Faraday cages).
this is legit
Parker Martin
I want off this ride
Daniel James
en.wikipedia.org
>used for shielding sensitive electronic equipment against static or low-frequency magnetic fields
The solution.
Levi Williams
>caged computer requires malware infection
>distance of 100cm
>increasing CPU intensity adds noise and detracts from accuracy
>data exfil at 1-40 bits/sec
So in short, a number of other security measures must fail before this becomes relevant. Creative to read the field like that, but depends on so many other things that it's pretty much nothing
John Jackson
everything accept for the first physical access to the target could be improved with time.
Kevin Parker
or, you can create random magnetic noise
Hunter Stewart
Absolute madness.
you would be surprised at how close computers can be to an outside wall
Leo Gomez
Indeed, but it'd take some serious kit to isolate a single field at long distance with numerous other fields likely to be interfering with it. By the time such kit exists, processors may well be built with mu-metals purely to counteract this, or companies with the capital to spend (and defend) could enhance security themselves. I really don't think this type of attack will ever be an issue
Ethan Sullivan
yeah, the minute they published that article the method was dead in real world use.
Cooper Butler
There should be firmware and hardware built to send off spoof and fake EM signals. Get to work now Sup Forums
Carter Foster
>12-15 cm
>on a pre-infected machine
if you have an infected machine within a faraday cage, you already are compromised
Jose Lopez
/bread
John Williams
You probably wouldn't be able to legally make and sell such a device.
The FCC has very strict rules when it comes to devices that emit EMF noise, since it can interfere with pacemakers and other electronics.
Henry Cruz
remember usb sticks? far from dead even when people know
You want your cpu to randomly burn your battery?
The point is to be able to use a compromised system savely. Airgap is much easier than verification if a system is clean.
Colton Ortiz
Which of course requires they somehow get the malware on the PC first. Call me when they do that remotely.
Nolan Scott
Fucking jews. They're cyber security and hacking game is other worldy right now. How'd they dominate this field as well so fast
Luis Anderson
a compromised system cannot be used safely EVER
Any part of the infected PC are to be considered infected, including the fucking screen and peripherals
if you're going to the extent of putting your machine in a faraday cage, you're not taking chances
Evan Gutierrez
this malware could easily be integrated by intel
or injected by microsoft with an update
selling backdoors as a service to governments probably is a thing
Cooper Lee
>solution
>build NSA centers with walls of speakers playing white noise
Zachary Diaz
This, or someone pluggin a compromised device into the machine.
Aka, bad security practices.
Liam Lopez
>Guri and his fellow Ben-Gurion researchers have shown, for instance, that it's possible to trick a fully offline computer into leaking data to another nearby device via the noise its internal fan generates, by changing air temperatures in patterns that the receiving computer can detect with thermal sensors, or even by blinking out a stream of information from a computer hard drive LED to the camera on a quadcopter drone hovering outside a nearby window. In new research published today, the Ben-Gurion team has even shown that they can pull data off a computer protected by not only an air gap, but also a Faraday cage designed to block all radio signals.
Jack Clark
Go back to pen and paper for anything sensitive.
Jayden Martin
This paper is schiestery as shit. I've actually worked on magnetic shields, and high sensitivity equipment, and all I can say is
1) Their claims are dubious at best. Not that it isn't a possible attack vector, but that what they're describing is possible with anything south of a SQUID on the other side of the wall from the server.
2) If you want to shield from it
>Build you fucking enclosure out of steel
depending on total flux of source, I've designed shields for 1+ tesla source-field intensities that required 1/8" thick steel at most
>Stamping steel Not enough?
Go electrical steel. that shits stops magnetic fields dead on. I have an N45 NdFeB 3" x 3" x 2" magnet I keep in a 1/8" thick enclosure of Core steel and I can barely measure 10 mT on the outside of it.