0
16

[–] Donbuster [S] 0 points 16 points (+16|-0) ago 

While this seems terrifying at first glance, after all, it could be used to exfiltrate data from an airgapped system, I ask, as I always have, "Great, you have a way to get data off an airgapped system. So how are you going to get your malware ONTO the system?" Seems to me like that is the much larger problem to solve here.

0
8

[–] tame 0 points 8 points (+8|-0) ago 

Well you only need physical access to the system once, rather than on an ongoing basis, so it's still useful. Imagine you get in as an air conditioning tech (say) using social engineering and you mange to infect a server room computer. You then don't need to penetrate the actual server room again.

0
1

[–] DickHertz 0 points 1 points (+1|-0) ago 

You don't get once and if you have physical access then you've already overcome a much bigger challenge. Also how many server rooms or data centers have you been in that have Windows?

0
2

[–] squishysquid 0 points 2 points (+2|-0) ago 

my favorite is the us gov method, intercept your installation cds in the mail.

[–] [deleted] 0 points 1 points (+1|-0) ago 

[Deleted]

0
6

[–] Donbuster [S] 0 points 6 points (+6|-0) ago 

An airgapped system in this context is one that is intentionally not connected to any network. In most cases, no networking hardware is present, so the only way to get data onto and off of the system is via physical access. Which makes attacks by anyone but an insider virtually impossible, and data exfiltration without regular physical contact to collect the data pretty damn hard. This is just a proof of concept for making that last part easier.

0
0

[–] Jixijenga 0 points 0 points (+0|-0) ago 

Yeah. It's kinda hard unless it's physically put on or there's some zero day fuckery but still, best to watch everything and assume a breach is an inevitability.

0
1

[–] Donbuster [S] 0 points 1 points (+1|-0) ago 

Even zero day fuckery isn't an option if you can't send any kind of packet to the system; If you want to get something on an airgapped system, you have to either put it on there yourself, or use social engineering to make someone else physically put it on there.

0
4

[–] Cargo_Cult 0 points 4 points (+4|-0) ago 

Also you can get data from the led on a router, you can get credit card information from the power consumption of an atm and you can identify someone by the way he's typing on a keyboard. Even on TOR.

0
3

[–] Donbuster [S] 0 points 3 points (+3|-0) ago 

0
1

[–] poopsicles 0 points 1 points (+1|-0) ago  (edited ago)

This falls into the its so impractical no one will use it category

4000bps lol

0
1

[–] Alopix 0 points 1 points (+1|-0) ago 

Researchers prove that a light can be used as a signalling device.

Brilliant.

0
0

[–] Donbuster [S] 0 points 0 points (+0|-0) ago 

To be fair, its talking about it being precise enough to transfer data at a reasonable bandwidth, and it being possible to hijack it via software. But effectively, yes.

0
1

[–] leweb 0 points 1 points (+1|-0) ago 

Easy solution: just wrap the whole computer in tape (except the vent holes). Mine is already halfway there anyway.

0
0

[–] B3bomber 0 points 0 points (+0|-0) ago 

Most motherboards have a power cable to the external LED light that shows HDD activity. I unplug that shit because it's bright enough to read a fucking book anywhere in the room when it's plugged in.

0
1

[–] xbryn 0 points 1 points (+1|-0) ago 

It shows a hacked computer broadcasting the data through a computer’s LED light, with a drone flying nearby reading the pattern.

Why not just have the drone record the screen?

0
1

[–] Donbuster [S] 0 points 1 points (+1|-0) ago 

What if it's a headless server? Or there's a privacy shield on the monitor. Both are very possible for a system important enough to be airgapped

[–] [deleted] 0 points 1 points (+1|-0) ago 

[Deleted]

[–] [deleted] 0 points 1 points (+1|-0) ago 

[Deleted]
load more comments ▼ (10 remaining)