A team led by Ang Cui (previously) -- the guy who showed how he could take over your LAN by sending a print-job to your printer -- have presented research at Defcon, showing that malware on your computer can poison your monitor's firmware, creating nearly undetectable malware implants that can trick users by displaying fake information, and spy on the information being sent to the screen.
It's a scarier, networked, pluripotent version of Van Eck phreaking that uses an incredibly sly backchannel to communicate with the in-device malware: attackers can blink a single pixel in a website to activate and send instructions to the screen's malware.
What's more, there's no existing countermeasure for it, and most monitors appear to be vulnerable.
In practice, Cui said this could be used to both spy on you, but also show you stuff that’s actually not there. A scenario where that could dangerous is if hackers mess with the monitor displaying controls for a power plant, perhaps faking an emergency.
“Can I get you to shut down the power plant?” Cui asked rhetorically, with a sly smile. “I can do that.”
The researchers warn that this is an issue that could potentially affect one billion monitors, given that the most common brands all have processors that are vulnerable.
A Monitor Darkly: Reversing and Exploiting Ubiquitous On-Screen-Display Controllers in Modern Monitors
[Ang Cui, Jatin Kataria and Francois Charbonneau/Defcon]
Hackers Could Break Into Your Monitor To Spy on You and Manipulate Your Pixels
(Image: Madonna in Oslo - Game Over, Ivar Abrahamsen, CC-BY-SA)
A couple of years ago, I was asked if I’d like to review the reMarkable tablet. If you’re unfamiliar with it, the reMarkable is an E Ink slate and pen solution that provides a digital note taking and sketching solution that feels eerily close to writing on paper. I was excited to take it for […]
Samsung’s latest phones have a “portrait” mode that cleverly fakes the look of a shot taken with a fancy lens on a full-frame sensor. But a picture they used as an example in an ad turns out to be a stock photo taken with a high-end DLSR. Moreover, the photographer, Dunja Djudjic, has a blog […]
16 thousand people have watched this ambient yet vaguely sinister YouTube video alerting viewers to the existence of “illuminati pyramid” clocks. I recently found a 1984 Seiko original at a garage sale for $2—my new favorite toy!—and thought I’d share the ancient wisdom. Best of all, it preserves bacon much better than the late-2000s replica. […]
Take a scroll through any app marketplace and you’ll see that the doors are wide open for any game these days – and any game developer. Like any creation, virtual or analog, it all starts with an idea. And if you’ve got one of those, the Complete Unity Game Developer Bundle can walk you the […]
At the rate the world is shrinking, you don’t need to be a globetrotter for a second language to be a useful skill. And if you’re looking to learn that second language (or a third, or fourth), uTalk Language Education is the learning program that makes progression not only easy but fun. If you can’t […]
Smokers on the go can breathe a little easier. With an innovative, easy-loading spiral design, the Twisty Glass Blunt offered a smoother, more consistent draw than conventional pipes. Now the Twisty Glass Mini delivers the benefits of its heavy-duty sister pipe in a more discreet package. For those that haven’t already made the Twisty Glass […]