(Link to a program that does this.)

  • onlooker
    link
    fedilink
    arrow-up
    10
    ·
    3 years ago

    Apparently, there are SO many ways to do this. If anyone is interested in this sort of thing, check out the papers made by Ben-Gurion University’s Cyber-Security Research Center. They discovered all kinds of methods which can be used to steal data, which are, but are not limited to:

    • using Keyboard LEDs
    • heat emanations
    • screen brightness

    Seriously, it’s as insane as it is fascinating. They even know how to extract data through a Faraday cage. Their latest discovery seems to be this article and their previous ones can be found towards the bottom of the same page.

    • ᗪᗩᗰᑎ
      link
      fedilink
      arrow-up
      2
      ·
      3 years ago

      By listening to the sound of your typing - https://github.com/ggerganov/kbd-audio - although it works best/only with mechanical keyboards in a noise-free environment.

      That said, and not to discount the possibility, but most of these techniques are generally impractical and tend to require mostly perfect conditions - like the source code linked above working with mechanical keyboards.

  • DessalinesA
    link
    fedilink
    arrow-up
    6
    ·
    3 years ago

    10 kB / s isn’t bad. I wonder if there’s some other innovative way to do this, like with cameras instead of microphones, so pictures, or video.

    • m-p{3}
      link
      fedilink
      arrow-up
      3
      ·
      3 years ago

      I wonder how fast data could be transferred over a series of QR Codes being scanned sequentially.

      You also have the benefit of choosing how resilient the data transfer should be to loss by adjusting the error correction level at the detriment of how much data per QR code you can transmit.

    • AgreeableLandscape
      link
      fedilink
      arrow-up
      2
      ·
      edit-2
      3 years ago

      I once saw a project being shared on Reddit that encodes arbitrary data as a video of coloured blocks. It’s apparently pretty robust to compression/transcoding, as the OP uploaded a generated video to YouTube and still managed to decode it after it’s been processed. I seem to have lost the link to it though :(

  • AgreeableLandscape
    link
    fedilink
    arrow-up
    3
    ·
    edit-2
    3 years ago

    A research group once, I shit you not, put varying CPU loads on a target airgapped computer and “transmitted” data encoded as fan noises going high and low. There have also been cases of getting GPG keys in lab settings by literally listening to the tiniest of noises made by the processor as it works! (I believe it’s coil whine? But I can’t seem to find the article explaining it) Information leakage is an absolute nightmare to try and completely prevent if your attacker is determined/skilled enough.

  • pinknoise
    link
    fedilink
    arrow-up
    3
    ·
    edit-2
    3 years ago

    If you’r ok with the lower bandwith you can also use >17kHz which old folks can’t really hear :D

  • dozens
    link
    fedilink
    arrow-up
    2
    ·
    3 years ago

    I worked on a POC app a couple years ago using the LISNR sdk to authenticate touchless payments.

    It’s a neat technology.

    https://lisnr.com/