Tuesday, August 25, 2015

The Red Balloon Funtenna

This sounds like science fiction, possible but improbable. But the idea already moved from the hypothetical to field trials. Security researchers at Manhattan startup Red Balloon Security, have discovered how to make common household devices and appliances (printers, washing machine, air conditioner) broadcast signals that can be detected miles away. More here.
It's 2015, every electronic device in your home more complicated than a pair of scissors has a circuit board in it. Mounted to the circuit board are capacitors, resistors, inductors and transistors. These electrical components emit radio waves. They're doing it right now. But right now the emissions are random. they may contain patterns, but it's wholly a byproduct of their primary function. In another setting we would call it RF interference. Ang Cui and his team have developed a method to deliberately use this RF noise to transmit data.

They presented their findings at the Blackhat conference in Las Vegas in August. Prior to that they demonstrated the technology to reporters including CNN. The story was carried by The Guardian Newspaper, and even the MIT Technology Review. Now while Red Balloon is trying to use this scare tactic to sell "defensive" software, the threat is quite real. But Cui knew that. He demonstrated it on an HP printer back in 2012 with researcher Salvatore Stolfo when they were both at Columbia University. More here.

In their new demo they hacked a Pantum laser printer and by driving a chip's energy output back and forth they were able to transmit radio waves carrying binary data. It is a scenario that proves the ability to steal data using devices that aren't even connected to the Internet. The Red Balloon team calls it a "funtenna."

However, the emission is amplitude modulated. So it can be detected with an off the shelf AM radio. If you get near a device and the device is the source of patterns of radio signals it may be hacked. But many devices emit patterns of signals coincidentally... the only way to tell if it's been hacked is if that behavior changes. But most users aren't listening at all. Cui was quoted as saying "You have network detection, firewalls... but this transmits data in a way that none of those things are monitoring... This fundamentally challenges how certain we can be of our network security."