Gairoscope: Injecting Data from Air-Gapped Computers to Nearby Gyroscopes (opens in new tab)

(techcrunch.com)

20 pointsBerazu3y ago8 comments

8 comments

Pretty sure this is the same researcher that publishes a new way to theoretically exfiltrate data over every possible signal medium every 3-6mo.

fortran773y ago

Mordechai Guri: https://cyber.bgu.ac.il/advanced-cyber/airgap

This one looks more "plausible" than some of his others. The MEMS gyroscope is considered a "safe" device on iOS and Android and can be accessed with Javascript.

dclowd99013y ago

Ok, but how do you get the data broadcasting code onto the airgapped computer?

If this was handed to me by our internal info sec team, I’d have to downgrade it to “non-urgent”.

tony-allan3y ago

According to the research paper it is assumed that malware is on the airgapped system and now needs to exfiltrate the sensitive information:

"Our malware generates ultrasonic tones in the resonance frequencies of the MEMS gyroscope."

https://arxiv.org/pdf/2208.09764.pdf

rapjr93y ago

I get that young male PhD students find spying on people fascinating. I used to be fascinated by it also, until I became a sys admin and learned that people are immeasurably boring. But why is this research being encouraged? Do we really need more ways to attack computers and data? It's already obvious they will never be secure.

dharmatva3y ago

Things end up being useful in unexpected ways in the future.

Thorrez3y ago

This isn't relevant to spying on regular people. Regular people don't have air-gapped computers.

fortran773y ago

I'm not sure this guy's sex and age are relevant.

j / k navigate · click thread line to collapse

8 comments

jamesmunns3y ago

Pretty sure this is the same researcher that publishes a new way to theoretically exfiltrate data over every possible signal medium every 3-6mo.

fortran773y ago

Mordechai Guri: https://cyber.bgu.ac.il/advanced-cyber/airgap

This one looks more "plausible" than some of his others. The MEMS gyroscope is considered a "safe" device on iOS and Android and can be accessed with Javascript.

dclowd99013y ago

Ok, but how do you get the data broadcasting code onto the airgapped computer?

If this was handed to me by our internal info sec team, I’d have to downgrade it to “non-urgent”.

tony-allan3y ago

According to the research paper it is assumed that malware is on the airgapped system and now needs to exfiltrate the sensitive information:

"Our malware generates ultrasonic tones in the resonance frequencies of the MEMS gyroscope."

https://arxiv.org/pdf/2208.09764.pdf

rapjr93y ago

dharmatva3y ago

Things end up being useful in unexpected ways in the future.

Thorrez3y ago

This isn't relevant to spying on regular people. Regular people don't have air-gapped computers.

fortran773y ago

I'm not sure this guy's sex and age are relevant.

j / k navigate · click thread line to collapse