If you think you are safe from hackers by simply disabling your wifi, think again. Researchers at the Georgia Institute of Technology are investigating why computers emit low-power electronic signals even when they are disabled from internet access. These “side-channel signals” make it possible for hackers to obtain information from the computer even when all transmitting signals are turned off.
According to PHYS, the Georgia Institute of Technology is warning of the possibility of “coffee shop hackers.” These would-be hackers do not obtain information via standard radio or wifi signals, but rather by monitoring low-power electronic signals that computers emit. Surprisingly, researchers found that these side-channel signals could be picked up from multiple feet away. This means a hacker in an adjacent, but separate room, could be mining data from computers in the other room.
The researchers point out that there are a variety of methods a hacker could utilize to monitor these low-power signals when they are out of a room as well.
“Electromagnetic emissions can be received using antennas hidden in a briefcase, for instance. Acoustic emissions – sounds produced by electronic components such as capacitors – can be picked up by microphones hidden beneath tables. Information on power fluctuations, which can help hackers determine what the computer is doing, can be measured by fake battery chargers plugged into power outlets adjacent to a laptop’s power converter.”
To complicate matters further, the researchers say there is currently nothing that can be done to block the computer from emitting this information, it is simply part of the computer processing the information. However, they are hoping to use the research to provide software and hardware makers with information on how to ensure the side-channels are as weak as possible.
“It is not really possible to eliminate all side-channel signal. The trick is to make those signals weak, so potential attackers would have to be closer, use larger antennas and utilize time-consuming signal analyses. We have found that some operations are much ‘louder’ than others, so quieting them would make it more difficult for attackers.”
PC World notes that one particularly interesting find was in regards to users running spellcheck. Milos Prvulovic, one of the researchers, notes that there’s not a lot of signal that comes from a computer running a word processing program when it is running without spellcheck turned on. However, when the program was turned on, “things get noisy.” In fact, Prvulovic said spellcheck made the side-channel signals so loud that they could be picked up on an AM radio.
“It turns out that spellchecking is orders of magnitude more activity than you would normally get for just a simple key pres. Modern software does a lot of stuff that is convenient but horribly computationally intensive. That creates differences that can be picked up.”
Therefore, it is easy to see that programs designed to make life a little easier for users could have a very real downside for consumers worried about computer security.
Remember, computers come in many forms. From your smartphone to laptop, even the smallest computers are not immune to the potentially side-channeling hacker. What do you think about the possibility of new age hackers using programs to read these passive signals emitted by computers?