Thursday, November 24, 2016

New hack turns headphones into a microphone.

Just when you thought you knew all the ways your PC can spy on you:

Security researchers at Israel's Ben Gurion University have created a proof-of-concept exploit that lets them turn headphones into microphones to secretly record conversations. The PoC, called "Speake(a)r," first turned headphones connected to a PC into microphones and then tested the quality of sound recorded by a microphone vs. headphones on a target PC. In short, the headphones were nearly as good as an unpowered microphone at picking up audio in a room.

I will add that there is no reason at all that -speakers- can't be made to do this. They don't have to be headphones.

"Most of today's built-in sound cards are to some degree retaskable, which means that they can be used for more than one thing. …the kernel exposes an interface that makes it possible to retask your jacks, but almost no one seems to use it, or even know about it," wrote Linux sound engineer David Henningsson. That's exactly the exploit Speak(a)r uses.

This isn't a driver fix, either. The embedded chip does not allow users to properly prevent this hack which means your earbuds or nice cans could start picking up conversations instantly. In fact, even if you disable your microphone, a computer with a RealTek chip could still be hacked and exploited without your knowledge.

Perhaps its just my tinfoil hat is a little tight, but when I see experts in a field say "no one uses this or even knows about it," my radar starts to ping and I begin thinking about back doors and three letter agencies in the USA.

Maybe might be good to put a physical "off" switch between your PC and the speakers/headphones.

Just thought y'oughta know.

The Tinfoil Phantom


Vakkotaur said...

Physical switch or a dedicated hardware (buffer) amplifier.

The Phantom said...

I'm leaning more toward switch, because speakers will produce a signal even when the power it turned off.

I agree with you that the likelyhood of getting a low-power signal like that back through an amplifier circuit is very small. Seems unlikely.

But then last week I wouldn't have thought you could run a Realtek sound chip backwards like that. So with tinfoil hat firmly seated on cranium, I conclude it's harder to get a signal through an open switch.