Discussion in 'Article Discussion' started by Gareth Halfacree, 1 Nov 2013.
Audio-based networking threat discovered.
Is it the 1st of April or something?
This sounds like some science fiction ****.
Quickest fix: disconnect or disable the microphone.
It's a clever idea, though - effectively a new use for old-school tech
"Preventing infected systems from cooperating is a challenge, too, with network traffic continuing to flow on an infected system despite the removal of all network-related devices - and even the power cord - until the speakers and microphone were detached."
WTF? Zombie computers?????
Where 'quick' doesn't necessarily imply it doesn't take a long time. The malware prevents you from making changing to system settings, or reverts those changes, so if you try to disable the microphone in software (or even the soundcard itself in the BIOS, if possible) it'll silently undo that for you. If you're talking about a desktop, sure, you can just unplug the microphone - but it ain't so easy on a laptop, and is pretty likely to be impossible without cracking the case, cutting some cables and voiding your warranty.
No, just a laptop with a fully-charged battery.
It's got to be a hoax.
One virus that can infect PC & Mac hardware? Gain entry via any operating system? Reprogram USB Flash controllers? Infect a new machine via audio only? Infect an air-gapped clean machine with an MSDN obtained OS?
I'm not buying it.
Now that's clever and a whole heap of nasty.
Part of me wants to congratulate the people who wrote the malware for being so damn clever; the other part wants to beat them senseless for being such cruel *******s.
It doesn't say anything about infecting a machine via audio, only that two infected computers can communicate via audio.
You might want to re-read the article: several of the things you're not buying aren't actually claims made anywhere in it.
i'd be surprised if the default speakers in a PC generate accurate enough sound to allow much throughput even if you could standardise it and make an IP over audio protocol, and i suspect apart from maybe laptops most PCs don't have a mic by default.
I can see uses for IP/A but i don't see it being practical in any large environment, like broadcast/non-switched networking, once you add more machines your noise level goes up and impacts the throughput for all nodes. In most environments with multiple machines, you'd get all sorts of issues with background nosie and echoes too.
This sounds like a really cool proof of concept but with limited real world applications, all wrapped up in malware.
Looks like Skynet is upon us, Happy Halloween everybody!
This kinda smells of the Stuxnet worm, only a more advanced version.
He's claiming a machine can be infected without connection to any network (An air-gapped laptop of a friend installing an MSDN obtained OS)
He's claiming flash drive controllers can be re-programmed, and has apparently bricked several during re-flash operations.
He's claiming PC & Mac hardware is susceptible.
He's claimed Linux and Windows is susceptible (Says it's a hardware attach vector). Did he mention OSX I can't recall? So maybe I'm wrong on that one.
I didn't just read one article of his, I read several of his when talking about this 'one' virus.
surely the real test is to get recording equipment that can hear and record the highest frequencies phase shift so you can hear it, or use visual waveforms to see the data.
No, this malware does not INFECT though sound, it COMMUNICATES with other infectED rigs
The wording of the article is ambiguous, but it does say "spreads through USB sticks" and then "communicating using audio"
Is it just me that thinks he cant be much of a security researcher if he cant fully clean a network after 3 years.
Are you claiming they can't be? How exactly does a firmware update work, then? Seems to me that reprograms a writeable storage area on the flash controller with code that is then executed by the drive's processor.
You know that 'PC' (by which I assume you mean Windows) and Mac hardware is actually the same these days, right? AMD64 x86 processors? 64-bit UEFI BIOS? Intel HD or Nvidia graphics? You can boot Windows on a Mac, and you can boot OS X on (a subset of) Windows systems. They're entirely compatible, modulo some restrictions Apple puts in place on what hardware works under OS X.
Certainly wouldn't be the first cross-platform malware in history.
And yet you still persist in claiming he says it can infect via audio (which it can't - only communicate.) Also, you keep calling it a virus: it isn't. It's malware with the properties of a worm. A worm is a self-propagating standalone application; a virus requires a 'host' file which it infects.
It's because he's a security researcher that he can't. The rest of us would have copied the data out of there and wiped the drives and flashed the firmware, simple, but he's got to preserve the malware and study it. Think of it like the CDC keeping samples of dangerous viruses and bacteria.
I still think it's a bit crap. If it is a USB storage device passed infection that contains a listening component for communication, even if it has hardware level hooks, it just isn't that monumental of a breakthrough. On the other hand, if it infects at a firmware level, and is as pervasive as the researcher claims, infecting through audio, it is a masterful malware...
Separate names with a comma.