Realtek's audio chips -- found in Macs and many PCs -- can repurpose your laptop's headphone jack to serve as a mic jack, and capture audio through your headphones.
The attack targets people who have already taken the paranoid step (once demonstrated by Edward Snowden) of ripping out their laptop's mic; but when such a person is targeted, the attack can work silently and without any outward indication; it relies on the fact that headphones' membranes vibrate in the presence of external sound (just like mics' membranes) and the magnets in headphones convert those vibrations to electrical signals that can be detected by the headphone jack.
There’s no simple software patch for the eavesdropping attack, Guri says. The property of RealTek’s audio codec chips that allows a program to switch an output channel to an input isn’t an accidental bug so much as a dangerous feature, Guri says, and one that can’t be easily fixed without redesigning and replacing the chip in future computers.
Until then, paranoiacs take note: If determined hackers are out to bug your conversations, all your careful microphone removal surgery isn’t quite enough—you’ll also need to unplug that pair of cheap earbuds hanging around your neck.
Great. Now Even Your Headphones Can Spy on You [Andy Greenberg/Wired]
(Image: Amy Gilson, CC0)
Of course they announced it at the end of the day on Friday, that’s what you do with bad news.
Iowa state court officials contracted with Coalfire to conduct "penetration tests" on its security; as part of those tests, two Coalfire employees broke-and-entered the Adel, Iowa courthouse, and were caught by law-enforcement, whose bosses in Dallas County were not notified of the test.
Eleanor Saitta's (previously) 2016 essay "Coercion-Resistant Design" (which is new to me) is an excellent introduction to the technical countermeasures that systems designers can employ to defeat non-technical, legal attacks: for example, the threat of prison if you don't back-door your product.
Life isn’t getting any less hectic, and pressure cookers are a quick, healthy solution for a growing number of kitchens. But if you thought your Instant Pot was versatile, there’s a major upgrade on the market: The Yedi 9-in-1 Total Package Instant Programmable Pressure Cooker. If you’ve somehow never used a pressure cooker before, try […]
When it comes to data analytics or deep learning, there’s one language behind the apps and algorithms that power the biggest companies of today: Python. The best part about this tool is that as versatile as it is, it’s actually fairly easy to learn. But mastery? For that, you need more than just a beginners’ […]
Your smartphone’s GPS is a modern necessity for some trips, but how do you use it safely? It’s been a problem ever since phones went mobile. A certain phone mount even shelled out the money for a commercial during the Big Game, so clearly there’s a market for the solution. Turns out there are a […]