A team led by Ang Cui (previously) -- the guy who showed how he could take over your LAN by sending a print-job to your printer -- have presented research at Defcon, showing that malware on your computer can poison your monitor's firmware, creating nearly undetectable malware implants that can trick users by displaying fake information, and spy on the information being sent to the screen.
It's a scarier, networked, pluripotent version of Van Eck phreaking that uses an incredibly sly backchannel to communicate with the in-device malware: attackers can blink a single pixel in a website to activate and send instructions to the screen's malware.
What's more, there's no existing countermeasure for it, and most monitors appear to be vulnerable.
In practice, Cui said this could be used to both spy on you, but also show you stuff that’s actually not there. A scenario where that could dangerous is if hackers mess with the monitor displaying controls for a power plant, perhaps faking an emergency.
“Can I get you to shut down the power plant?” Cui asked rhetorically, with a sly smile. “I can do that.”
The researchers warn that this is an issue that could potentially affect one billion monitors, given that the most common brands all have processors that are vulnerable.
A Monitor Darkly: Reversing and Exploiting Ubiquitous On-Screen-Display Controllers in Modern Monitors
[Ang Cui, Jatin Kataria and Francois Charbonneau/Defcon]
Hackers Could Break Into Your Monitor To Spy on You and Manipulate Your Pixels
(Image: Madonna in Oslo - Game Over, Ivar Abrahamsen, CC-BY-SA)
Behold, the Blue Marlin, a “semi-submersible heavy lift ship” that is capable of hoisting and transplanting other, full-sized ships (that is ships as big or bigger than a US Destroyer-class vessel) all around the oceans.
Mister Alphabet is an action-figure designed to cleverly bend and contort into every letter of the Latin alphabet; the website is long on trademark warnings and arty Instagram photos, but short on details, like, “Is this an object of commerce?” and “If so, where does one buy it?” (via Kottke)
Phone chargers usually only deliver a few volts of juice at a feeble amperage, but they’ll deliver a lot more if you give them the chance. The BBC writes that a UK man died in the bathtub after being shocked by a charger connected to an extension cord. Richard Bull, 32, died when his iPhone […]
Maybe it’s entirely because of podcast ads, but drag-and-drop tools like Squarespace have gotten immensely popular in recent years. While it’s definitely a great tool for any non-coders who want to get a small website up and running quickly, managing content with a primarily visual interface can become a pain once you have more than […]
When you can’t wait for the world’s longest meeting to end, the mindless leg bouncing makes your boredom obvious and just annoys everybody else. Everyone knows the TPS reports need the damn cover sheet, but some sadistic colleague keeps forgetting, probably on purpose just to eat into your lunch hour. Enough is enough!While serving a […]
What could be more fun than a slingshot that shoots tiny airplanes? A slingshot that shoots tiny glowing airplanes of course! These toy planes are outfitted with ultra-bright LEDs, so you can fly all night without losing them in the trees.Whether you are a regular-sized child, or an overgrown adult one, these light-up flyers offer […]