快猫短视频

Telltale flashes

Are computers beaming out secrets like demented lighthouses?

THE flashing lights on computers, modems, network switches and even keyboards could be broadcasting your personal data around your office or home鈥攐r even out of the window.

After testing a number of computer systems and pieces of peripheral equipment such as modems for 鈥渙ptical leakage鈥, two American engineers have found that blinking LEDs can flash out sensitive data in the computer equivalent of Morse code.

In a project undertaken in their spare time, Joe Loughry of Lockheed Martin Space Systems in Denver, Colorado, and David Umphress of Auburn University in Alabama have tested various computer systems over the past eight years. They have identified 14 different electronic devices that are used in hundreds of thousands of homes and offices that are vulnerable to 鈥渙ptical snooping鈥. These include Internet routers鈥攅xchanges for Internet messages鈥攁nd various modems made by the big names in the field. But their list is by no means comprehensive, and hundreds of devices could be vulnerable.

The pair found that the LEDs on some equipment transmit information in uncoded 鈥減lain text鈥 format. The flashing LEDs often indicate that the device is active and is transmitting or receiving data鈥攁llowing technicians to diagnose problems.

In most cases, encrypting the data before it passes through the vulnerable device would prevent anyone gleaning data from this optical signal. However, one encryption device was found to flash the signals in plain text from its fascia LEDs. This machine was once used to encrypt information transmitted to and from high street cash machines.

鈥淭hat particular device is no longer in use anywhere, as far as I know,鈥 Loughry told 快猫短视频. 鈥淲e wouldn鈥檛 have mentioned it otherwise, as it would be irresponsible to do so.鈥 They didn鈥檛 have the money to buy any more recent equipment, he added.

So how might hackers get at these signals? The tiny LEDs on modems aren鈥檛 particularly bright, so Loughry鈥檚 detection device uses a telescope to focus the signals onto a photodiode, which is connected in turn to an oscilloscope. The oscilloscope records the varying waveform of the light signal, so the data can be analysed later.

The cheap receiver successfully retrieved information from vulnerable devices at a range of about 20 metres. But Loughry reckons serious snoopers might build bigger versions using 30 to 40-centimetre astronomical telescopes. 鈥淭hese would be no bigger than man-sized, and would work reliably out to a distance of a mile or so,鈥 he predicts.

To underline the risk posed by LEDs, Loughry and Umphress have developed a computer virus which uses a keyboard鈥檚 鈥渃aps lock鈥 LED to surreptitiously transmit data. 鈥淭his method may provide enough information to compromise identity verification systems based on the way you type, or on the generation of cryptographic keys,鈥 Loughry says. 鈥淚t potentially affects hundreds of millions of devices.鈥

  • More at:

More from 快猫短视频

Explore the latest news, articles and features