×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

LED Lights: Friend or Foe?

michael posted more than 12 years ago | from the brilliant-deductions dept.

Security 606

elfdump writes: "In an article (pdf) soon to be published in ACM Transactions on Information and Systems Security, security researchers have discovered that data transmitted through modems and routers can be remotely reconstructed from the equipment's LED status indicators. According to experiments, their light-to-information retrieval method is successful even when the light is captured 'at a considerable distance' from the source. If you want to prevent people from spying on your data, you may want to tape up those blinking LEDs!"

cancel ×
This is a preview of your comment

No Comment Title Entered

Anonymous Coward 1 minute ago

No Comment Entered

606 comments

AMAZING BUSINESS OPPORTUNITY!!!!! READ NOW!!!! (-1)

RoboTroll (560160) | more than 12 years ago | (#3118021)

Would you like to get tens of thousands of new visitors to your web site
daily?

Below is everything you will ever need to market your product or service
over the Internet! Beside that...It's the only real way to market on the
Internet...Period!

HOW WOULD YOU LIKE TO HAVE YOUR MESSAGE SEEN BY OVER
14 MILLION TARGETED PROSPECTS DAILY?


EARN MEGA-PROFITS WITH THE RIGHT FORMULA

If you have a product, service, or message that you would like to get out
to Thousands, Hundreds of Thousands, or even Millions of people, you
have several options. Traditional methods include print advertising, direct
mail, radio, and television advertising. They are all effective, but they all
have two catches: They're EXPENSIVE and TIME CONSUMING. Not
only that, you only get ONE SHOT at making your message heard, by
the right people.

Now this has all changed!

Thanks to the top programmers in the world and their NEW EMAIL
TECHNOLOGY, You can send over 14,000,000 Emails Daily for FREE...
Without getting terminated from your current Internet connection!

It's very simple to do and you can be increasing sales within minutes of
installing this new extraordinary software!

To find out more information, Do not respond by email. Instead, Please
visit our web site at:

http://www.cybernetemail.com/addresses.htm

Want to be removed from our list?
Simply send an email to us at removes@cybernetemail.com and
type "remove" in the "subject" line and you will be removed from any
future mailings.

Cybernet Marketing

Troll 29 of 131 from the annals of the Troll Library [slashdot.org] .

WAPs + Airport (3, Funny)

francism (563893) | more than 12 years ago | (#3118033)

So I should put big, bulky Duck Tape over my beautiful Airport Base Station? No way! Plus, I get poor enough reception in some parts of my own house, never mind my neighbors spying on me. ;-)

ummm...doubtful (-1, Informative)

Bandman (86149) | more than 12 years ago | (#3118037)

I'm gonna have to call Bullsh*t on this one. I've seen my lights blink, and I don't think that there's any way...
I'm throwing in the towell and saying I don't think so....

Tested up to 56k... (2)

pieterh (196118) | more than 12 years ago | (#3118091)

The article looks real, but is probably about 5 years too late. I don't know of many people who use external modems. As for routers: the theoretical upper limit is 10Mbs, so my 100Mbps network is safe.

Re:ummm...doubtful (2)

garcia (6573) | more than 12 years ago | (#3118105)

even if it did work, wouldn't it be easier to just find some other method of stealing the information? Who the hell would want to sit there and reconstruct the data sent from blinking lights?

Just my worthless .02

Agreed (1)

z84976 (64186) | more than 12 years ago | (#3118129)

The light blinks ON when data is going, OFF when it's not. Might make a nice indication of when there is data, but not what that data was.

That's about like seeing the patterns of red and green traffic lights and claiming you can deduce the type of cars on the road.

Re:Agreed (1)

-brazil- (111867) | more than 12 years ago | (#3118198)

The light blinks ON when data is going, OFF when it's not.


In most devices, but not all. Apparently most dialup modems and some routers indicate every bit recieved. Are you sure that your light is constantly on when recieving data and not actually flashing a full copy of your data? Your eyes sure can't tell the difference.

Re:ummm...doubtful (4, Informative)

swagr (244747) | more than 12 years ago | (#3118163)

Many LEDs have a response time of around 8 nano seconds, which means they can blink roughly 12.5 million times a second. Enough to transmit 12.5 Mb/s of data. If your on a 10Mb network then that's plenty good for the spy. If your on a 100Mb/s network, the spy is out of luck.

Re:ummm...doubtful (2)

Zaknafein500 (303608) | more than 12 years ago | (#3118169)

I would have to agree with you on this one. Even if the router were only serving a 1.5Mbit T1, that's still 1.5 million bits per second. I have a hard time believing that an LED can blink fast enough to reliably recreate that data.

Re:ummm...doubtful (1)

tomstdenis (446163) | more than 12 years ago | (#3118171)

I agree, considering the lights don't blink for each bit sent. All you would know is when the modem is receiving/sending.

Tom

Re:ummm...doubtful (5, Insightful)

pmz (462998) | more than 12 years ago | (#3118181)

It really can be done.

For example, in high school, I attached an LED to the output of a radio or microphone (can't remember which) and then aimed it at a solar cell attached to the input of a speaker. And it worked! I'm not sure if the quality was good enough to capture a modem signal, but it was certainly a poor-man's wireless speaker.

If the spy has more sensitive equipment, and if the LED on a modem really is tied to the phone line, then there should be nothing stopping the spy from capturing the transmission and decoding it later.

Re:ummm...doubtful (5, Informative)

CaseyB (1105) | more than 12 years ago | (#3118189)

I've seen my lights blink, and I don't think that there's any way... I'm throwing in the towell and saying I don't think so....

"+1, informative"? Heh, mods are on crack again.

Have a look into a Toslink digital audio connector some time. It's using a plain old LED to transmit information. It looks to the naked eye like it's on solid, there's no flicker whatsoever. What would you "think" if you saw that? Your gut reaction is totally off base here.

Thanks slashdot moderators (4, Funny)

Anonymous Coward | more than 12 years ago | (#3118195)

For modifying someone's unsubstantiated "hunch" as informative.

I've seen my lights blink, and I don't think that there's any way
Yes, and I've looked on a CD and I just don't see any data on it.

I'll take that risk. (2, Funny)

Corpset (149041) | more than 12 years ago | (#3118039)

I imagine it would need a lot of things to actually monitor my leds so I'm not worried. Plus, I like too look at them and I won't let them take that away from me :)

And...? (1)

proverbialcow (177020) | more than 12 years ago | (#3118043)

I don't do anything interesting with my data anyway. Any corporation/government agency, if they want to go through all that time and trouble, is welcome to whatever they can get. My credit card info gets encrypted before it gets sent, and that's the only thing I do that's worth stealing.

This is rubbish (0)

Anonymous Coward | more than 12 years ago | (#3118050)

The data is only ip(ppp) data anyway. Which is available on the internet. It won't give you any access to data such as credit card numbers.
You might as well just tap the phone line.

And this is news? (0)

slowhand (191637) | more than 12 years ago | (#3118051)

I've read blinking eyes on women in bars from 5 meters for years. Typically the message comes thru...

bullshit (1)

Deadplant (212273) | more than 12 years ago | (#3118053)

reconstruct the data from the flashing lights??? whatever. That's so ridiculous it's laughable.

If that was possible you would have discovered a spectacular new way to compress data at 1000-1 or better. My DSL modem sends a 1500 byte packet and the light blinks... now reconstruct that packet for me from that single blink... I don't think so.

Re:bullshit (1)

Deadplant (212273) | more than 12 years ago | (#3118090)

never mind... i should read the articles before posting...

I guess I'll go throw a towel over my modem now.

Re:bullshit (0)

Anonymous Coward | more than 12 years ago | (#3118110)

Ever heard of optical networking? Ever seen an optical digital audio connector? What do you suppose they use? LEDs.

Re:bullshit (5, Informative)

k2enemy (555744) | more than 12 years ago | (#3118126)

if you read the article, they implemented this at speeds up to 56k and said the physics should hold up until 10mb. look up at the light in your bedroom. you would probably say that its on. but its really flashing on and off faster than you can see. same thing with that led on your modem. when you see one blink it is most likely a lot of blinks faster than your eye can see, but not faster than optical equipment can see.

Re:bullshit (0)

Anonymous Coward | more than 12 years ago | (#3118127)

What appears to your naked eyes and your slow human mind as one blip of the light is, in fact, perhaps thousands of on/off's per second. A proper monitoring rig could definitely pick this up.


Don't be fooled by your human weaknesses!


blakespot

Re:bullshit (5, Insightful)

jweb (520801) | more than 12 years ago | (#3118151)

reconstruct the data from the flashing lights??? whatever. That's so ridiculous it's laughable.

Isn't this how fiber optic cable works? Light pluses traveling down a thin strand of glass to transmit data at high speed over long distances.

I'm not claiming to be an engineer or scientist, but I guess I could see how it might be possible (probably with the same type of fiber-optic reader) to decode some of information from your LED.

If anyone has more techincal info, please post.

And what about IR? (2, Interesting)

zmokhtar (539671) | more than 12 years ago | (#3118156)

Good point. Besides, if this is possible, then why in the world are IR transfers so slow? I want 100mbps transfers from ipaq to ipaq over a blinking LED!

LED Mods (1)

Kerell (562903) | more than 12 years ago | (#3118054)

I wonder who is going to be the first company to release a LED mod to stick on your modem to give random flashes of light( or gimmick it to appear as if you are getting tottaly different data)

Re:LED Mods (4, Funny)

Maran (151221) | more than 12 years ago | (#3118155)

Yeah, but then you get some wag at the manufacturer who programs the LEDs to make it seem as if you spend your entire time looking at porn, downloading strange software and sharing your semi-legal files with other geeks.

(Remembers where he's posting)

Never mind!

Maran

Confusion? (0)

Anonymous Coward | more than 12 years ago | (#3118056)

what if we went LED mad, covering our gear with hundreds of flashing flickering lights :) - ok lame attempt at first post....

Hmm (1)

NorthDude (560769) | more than 12 years ago | (#3118057)

Reminds me of that flash light I got when I was young, with a litte button-switch to do Morse code... Maybe we could all sit in front of a modem and do some IP over flashlight things...

Yikes... (5, Funny)

mystery_bowler (472698) | more than 12 years ago | (#3118059)

At one time I worked with what I thought was a highly paranoid CIO for a manufacturing company. He had custom-made black plastic covers made for every modem in the modem pool (this was waaaay back) for this very reason.

I tried not to think about it but he was convinced that eventually someone would create technology that would re-construct the data transmission based on those LEDs.

If he's reading this (and he knows who he is), you paranoid sod, damn you for being right. *grin*

Re:Yikes... (5, Funny)

DiveX (322721) | more than 12 years ago | (#3118074)

"custom-made black plastic covers made for every modem"

You mean electrical tape?

Re:Yikes... (-1)

Pen1s Goat Guy (535580) | more than 12 years ago | (#3118131)

Late at night the boss then proceeded to sneak in and wire leads to the LEDs in order to monitor the voltage being passed through. Numerous differenent results were gained from this method.

Wow! (1)

zmokhtar (539671) | more than 12 years ago | (#3118064)

Wow, that's impressive. I've always wondered why they don't use incandescent bulbs for these applications (tiny flashlight bulbs, the downsind I guess is heat and power consumption). I wonder if manufacturers will switch to something like that to lower the maximum flicker rate. Then again, someone might be able to use the dimming of the light to collect the same data. That makes me wonder, I wonder if those home networks that run over the electrical wires could be tapped by observing any light in the house.

Re:Wow! (2)

Enry (630) | more than 12 years ago | (#3118108)

Incandescent lights burn out. LEDs last just about forever (or at least the life of the product).

Mmm hmm. (1, Interesting)

FlorentinePogen (536380) | more than 12 years ago | (#3118065)

Yeah. If the lights on my switch are any indication, I'm getting about 20bps throughput on my network. Last I checked, the LEDs simply indicated activity, they didn't represent the binary pattern of data going through the ports or any other pertinent information.

Re:Mmm hmm. (1, Informative)

bzant (256795) | more than 12 years ago | (#3118179)

In the article the authors defined 3 classes of lights, only category III leds can be sniffed, link status (Cat I) and network activity (Cat II) lights can not be. The RD and SD lights on modem are classed as Category III, and then can be sniffed.

reminds me of Cryptonomicon (3, Funny)

Fraize (44301) | more than 12 years ago | (#3118066)

...where the main character, in fear of his computer being Van Eck phreaked, redirects output from a decryption program to turn on-and-off his scroll-lock key in morse-code.

Re:reminds me of Cryptonomicon (1)

Rollo (9875) | more than 12 years ago | (#3118173)

Ah, the Covert Channel method. Security Through Illumination rather than Obscurity...

ObLEDs: I'm doubtful. Of course, the lights give away that something is sent, which - in some cases - might be considered a vulnerability

LED's magically decrypt your data? (1, Insightful)

gehirntot (133829) | more than 12 years ago | (#3118068)

It is a good practise to encrypt all of your data to begin with. Even if it should be possible to reconstruct any kind of data from the LEDs, they will not magically decrypt the network packets.


On my network, you will not find any unencrypted packets, but for ARP and DNS.

erm.... (1, Insightful)

President Chimp Toe (552720) | more than 12 years ago | (#3118070)

I can see the light

Therefore, I can access the router/switch. Maybe I have to break some glass cabinet first..... but that is probably about as noticeable as putting a great big frigging light detection source right in front of the glass cabinet.

OK, so I can see the lights, therefore I can access the device. Can you think of an easier way of accessing data than blinking LEDs?

Here.. Look into this live fiber.. (1, Insightful)

jabber01 (225154) | more than 12 years ago | (#3118075)

Ok, so by sensing the LED, you can tell that transmission took place.. So what? The LED's don't indicate the data pattern, just the transmission pattern.. You can't tell a 1 from a 0 by looking at the LEDs..

It makes more sense to SQID the CRT from a mile away..

Re:Here.. Look into this live fiber.. (2, Insightful)

SkyLeach (188871) | more than 12 years ago | (#3118165)

Sure you can. Don't you know that a 1 in a pulse and a 0 is nothing. The light only flashes on a pulse (1).

The number 50 as it is seen in pulses: (| is a positive pulse and _ is no pulse).

||__|_

As seen in an led (keep in mind that your eye will only see two flashes (if that).

[flash][flash][pause][pause][flash][pause]

And this doesn't happen anywhere near as quickly as the light pulses in fiber optics. Another thing that makes it easy to read is that you only have to read one wavelength. This is like fiber technology from 10 years ago.

One thing the article doesn't mention is that many of the hubs/switches/routers out there don't actually pulse for every bite, just when a packet goes over the line. I think they will all quickly start flashing only for packets now, not bytes.

Re:Here.. Look into this live fiber.. (3, Informative)

delphin42 (556929) | more than 12 years ago | (#3118178)

if you looked at the article you would know that they claimed the information was subtlely encoded into the light. The light may be on, anytime there is a transmission, but the intensity varies slightly whether there is a 1 or a 0. That's what the article claims anyway, and I'm pretty sure it would depend on the specific hardware.

Oh geez... (1)

Reedo (234996) | more than 12 years ago | (#3118076)

The light on your modem flashes when you're receiving data. It's no more telling than that.

China Air Force One (1)

RobertTaylor (444958) | more than 12 years ago | (#3118077)

Ah! So thats why that bloke was busy covering up all the LED's on the plane with tape...

New spy device?! ;)

arrch! (3, Funny)

digitalsushi (137809) | more than 12 years ago | (#3118082)

ibm defaced my slashdot page! :'(

Re:arrch! (0)

Anonymous Coward | more than 12 years ago | (#3118112)

not mine, but then again I have images2.slashdot.org in my hosts file pointing to 127.0.0.1

Actually (2, Funny)

Corby911 (250281) | more than 12 years ago | (#3118083)

It makes quite a bit of sense if you think about it. Audiophiles have been using optical output for years (essentially just an LED and a bit of fiber optic cable). What really caught me off gaurd was the distance they were able to capture the data from. Apparently for some, they found they could capture data from "at least across the street".

Almost makes me wish someone cared enough to spy on me so I could prevent it (Duct tape to the rescue!).

Beez

Hrm (1)

rmadmin (532701) | more than 12 years ago | (#3118084)

I'm thinking their talking specific model of hardware or something. My crappy USR modem sits under my desk anyway. But regardless, is this like packet sniffing, but more.. 'light sniffing' or eh.. I dunno. Anyways, what they going to steal of my IP_masq network? My dad downloading p0rn?

Could be a hoax, but here's a simple solution: (3, Informative)

eples (239989) | more than 12 years ago | (#3118085)


Just put a tiny capacitor on your Tx and Rx LEDs.
It's a hoax anyway... ;)

Maybe, but I doubt it. (1)

Kronos666 (555566) | more than 12 years ago | (#3118086)

Well, it could happen, but seriously. Would anyone want to spend months and more than ten thousand dollars just to steal my credit card number? Anyway, I'm not even sure it's possible. Prove to me that the blinking lights are synchronized with the hard drive. Hell, when it works a lot, it just stays on all the time! How do you want to get data from that??

Typo (1)

Kronos666 (555566) | more than 12 years ago | (#3118121)

BTW, I made a mistake, I meant a modem, not a hard drive. Thought I'd say it before somebody started throwing insults at me for not reading the article. :)

24 FPS != millisecond precision (0)

babychess (452803) | more than 12 years ago | (#3118088)

According to the graphics on page 2 in the paper, the optical signal from the LED changes several times during one millisecond. Videocameras only record 24 images per second. You'd need a pretty high-tech optical device to even see the LED blinking.

Strange that they say such detection does require little apparatus.

Wow... (1)

voice of unreason (231784) | more than 12 years ago | (#3118092)

If true, this is one of the neatest hacks i've heard off. Still, it's hard to imagine that you could get that much info, I mean, lights don't blink all that much. Still, they say they've done it. perhaps there are fluxes in the LED's too small for the naked eye to see or something?

Das Blinkenlights (5, Funny)

mrneutron (61365) | more than 12 years ago | (#3118096)

I knew I should have heeded this warning:

ACHTUNG! Alles touristen und non-technischen peepers!
Das machine control is nicht fur gerfinger-poken und mittengrabben. Oderwise is easy schnappen der springenwerk, blowen fuse, und poppencorken mit spitzensparken.

Der machine is diggen by experten only. Is nicht fur geverken by das dummkopfen. Das rubbernecken sightseenen keepen das cotten picken hands in das pockets, so relaxen und watchen das blinkenlights.

Sex Lies and Videotape (0, Offtopic)

TrollMan 5000 (454685) | more than 12 years ago | (#3118097)

Woman: So how do you explain the pr0n you've downloaded?

Man: What pr0n? How do you know?

Woman: With this (shows him videotape). I've been taping the blinking lights on your router!

Unlikely (2, Informative)

inicom (81356) | more than 12 years ago | (#3118100)

(having not yet read the article) the premise is unlikely since most LED's on front panels are designed to stay on for longer than the actual activity lasts - in order to present useful information. If there was a one-to-one correspondence between the data and the LED - it would usually appear to a human viewer as an always-on-but-dim LED since the blink-on time would be so short.

To put it another way - there's a buffer before the LED.

For old times sake (1, Offtopic)

Gaewyn L Knight (16566) | more than 12 years ago | (#3118101)

What an appropriate article... Now we will have to change the old Blinkenlichten so as to protect our information...

ACHTUNG! ALLES LOOKENSPEEPERS!
Das computermachine ist nicht fuer gefingerpoken und mittengrabben. Ist easy schnappen der springenwerk, blowenfusen und poppencorken mit spitzensparken. Ist nicht fuer gewerken bei das dumpkopfen. Das rubbernecken sichtseeren keepen das cotten-pickenen hans in das pockets muss; relaxen und watchen das blinkenlichten.

From: [tuxedo.org]
http://www.tuxedo.org/~esr/jargon/html/entry/blink enlights.html

Did anyone else notice this? (1, Offtopic)

Ghoser777 (113623) | more than 12 years ago | (#3118103)

I was reading another slashdot story (I think the one about gpl violations), and I saw a business add in the middle of the post! I was like, "WTF"? I was really scared for the future of slashdot... but after reloading and checking some other stories, the add was gone. So, am I hallucinating, or is someone playing with the slashcode and, more importantly, is this something we'll actually see in the future (please say no... please say no...)

Preparing to lose karma for a noble cause...
F-bacher

You missed the story several days ago. (0, Offtopic)

Erv Walter (474) | more than 12 years ago | (#3118125)

Check the list of old stories for the details of the new adds that are being implemented and the subscription system you can use in order to avoid them.

The current poll is also related to these new adds.

Re:You missed the story several days ago. (-1, Offtopic)

Anonymous Coward | more than 12 years ago | (#3118174)

Ah thanks. I saw the poll aout subscriptions, but I didn't think it was already implemented (nor that it would have random ads... which I guess is less annoying). At least they aren't pop ups... but how long till there are easy ways to parse out adds the same way you disable pop ups (of course it would have to be site specific, but it shouldn't be that hard)? Maybe I'll have to use links more...

Posting anonymously to protect my precious Karma
F-bacher

Simple math says no (0)

Anonymous Coward | more than 12 years ago | (#3118107)

Say you're routing 10 mbit/s To read the data from your led, you would have to be able to register 10 million "frames" of led capture every second. And that is supposing that the led is actually capable of blinking this fast (which I think it's not).

Now, if it was a modem running at 300 bps, then maybe.

Hey, a new application for this: (1)

FlorentinePogen (536380) | more than 12 years ago | (#3118113)

Forget the iPod for piracy, just take one of these LED readers and use it to copy data off hard drives by reading the blinking hard drive LED on the front of cases! Imagine the possibilities! Next: LEDs a violation of the SSSCA...

I call BS on this one... (1, Troll)

MentlFlos (7345) | more than 12 years ago | (#3118115)

Ok, First off LED's as a status indicator just blink when there is activity. For example, a packet has been sent or received. Now how many variations can one packet have? I'm not even going to try to figure it out.

I can only think of one way this can happen. If someone wires up the LED's so that they are hooked directly to the transmit and receive wires so they do actually blink out the bits. Then one would need to send data slow enough so the LED (and receiver) can make out the individual pulses. In this respect, stupid=yes, impossible=no.

Or like usual, I could be just blowing smoke out my ass...

Re:I call BS on this one... (1)

MentlFlos (7345) | more than 12 years ago | (#3118150)

Oh, and to make it even more fun, my cisco router has one light per AUI port. Some times I'm not even sure why it is blinking :)
(not to mention the serial ports which have NO stats lights...)

According to the article (2, Informative)

Erv Walter (474) | more than 12 years ago | (#3118158)

I'm not an electrical engineering expert, so I could have misinterpreted the story. However, as I read it, they claim that for cost saving reasons, the LEDs that just show status are internally electrically connected or at least influenced by the part of the circut that handles the data flow. In other words, the LED is not showing just generic activity, but is actually showing the bit flow.

I'm not sure I believe them though.

Re:According to the article (1)

MentlFlos (7345) | more than 12 years ago | (#3118199)

::or at least influenced by the part of the circut that handles the data flow::

LOL, One would hope or else these stats lights would be very pretty yet quite useless. :)

Early April fools joke? (1)

Reedo (234996) | more than 12 years ago | (#3118116)

But I'm looking at my calendar and it appears that April 1st is nearly a month away yet.

Personal exposure (1)

cisko (35325) | more than 12 years ago | (#3118119)

Hmm. I like having my desk next to a window, I bet you could see the LEDs on the switch and DSL modem from outside. So someone could be "Loughry/Umphress Phreaking" my data xfer.

On the other hand, the DSL connection is on an exposed box on the back of the house. So there are probably easier ways to do the same thing...

Geez... (1)

InterruptDescriptorT (531083) | more than 12 years ago | (#3118124)

Does this mean I'm going to have to gouge out my own eyeballs or risk violating the DMCA when I go for job interviews and see the lights on the companies' hubs?

What is this world coming to?

Results (0)

Anonymous Coward | more than 12 years ago | (#3118132)

"None of the Lan interface cards tested, including 10mbit/s Ethernet and 16mbit/s Token Ring Adapters, were found to broadcast any recognizable data. However the most interesting part of the article maybe where it discusses the implications of ATM DES encryptors that have LEDs that blink on the basis of the unencrypted data, hence you could use the LED to read the data.

Before calling it a hoax, read the article! (2)

albat0r (526414) | more than 12 years ago | (#3118133)

I know, I've thought the same before reading the entire .pdf... But hey, before saying it's a hoax, go read what you're talking about!

I know it sounds crazy, but it seems to be true!

At least, it's easy to fix this security problem... Where have I put that damn duck tape?

Tempest (5, Interesting)

Bruce Perens (3872) | more than 12 years ago | (#3118138)

Look around for info on the U.S. government's declassified Tempest program. That shows how you can really do this, by sampling the radio emissions of the equipment. Any rapid switching creates radio waves, if you don't shield them effectively you may indeed leak information off site. There have been demonstrations of reading a CRT by the video monitors radio emissions.

To do this with an LED would require that the LED be actually driven by the data signal. Most of them go on at the start of the packet or byte and go off at the end, they don't go on for 1 and off for 0. So, you might be able to do a little traffic analysis, but you would not be able to recover the data.

Bruce

Yeah right. (1)

augustz (18082) | more than 12 years ago | (#3118139)

My switch blinks steadily when I'm doing 100 Mbit switched transfers. There is NOTHING that can be determined from this 2 baud blinking. They're probably talking about old analog modems which run slow and tie the LED right to the TX and RX lines.

Take a hint from Apple... (1)

teamhasnoi (554944) | more than 12 years ago | (#3118145)

On all the new g4 towers (I'm not sure about the others..) the power LED glows and fades. Why not adapt this to other LEDs? That would make it harder to scan, and also make your stuff more 'mod'. Who actually needs to see the LED blink for every bit that goes though your NC or modem? As long as I see there's something going on back there, I know its (usually) working..

There must be meaning behind this maddness (0, Troll)

Simpler (558434) | more than 12 years ago | (#3118146)

Let's do a quick calculation to see if this is feasible.

Let's assume you've got a slow connection on your average modem and you're running your dialup at 33Kps. This means that you're looking at having that blinking light going through on-off cycles every 1/33000 of a second if you can read the data accurately.

Considering the quality of your average LED inside the modem, I'd be amazed if they can blink on-off distinctly more than 100 times a second. Anything faster else would blur.

.... and what do you do with an invalid checksum on the IP packet? Phone the guy's house up and ask them to resend the packet?

This conspiracy theorist should concentrate on finding meaning in radio waves from space.

Ridiculous! (0, Flamebait)

Beetjebrak (545819) | more than 12 years ago | (#3118148)

The lights on my switch indicate activity, they don't flicker to the beat of my bits. Even if they did, there'd probably be too much static and other interference on them to reliably deduce data from them. On hubs it's even worse. You get all traffic flowing through all ports in both directions, try deciphering that! This story is, as far as I'm concerned, major bull and it's not even April 1st yet!

Anything's Possible but... (1)

||Plazm|| (76138) | more than 12 years ago | (#3118153)

I have a friend that has a top security clearance working for a big company and he says he's not allowed to have a phone near his workstation because you could use the phone to pick up the frequencies that the monitor is giving off and reconstruct data from that. But at least that seems somewhat viable. Flashing LED's is pretty damn ridiculous, especially since this article is being published in the ACM.

Multitasking (1)

telstar (236404) | more than 12 years ago | (#3118154)

I can see how this might (very small might) be an arguable ability if somebody is only using one network application, but the second you multitask, you've got lights blinking in no meaningful sequence. I fail to see how they can separate pr0n from that 1.4gig VCD being downloaded at the same time.

And what about my Xmas tree? (1)

librex (562462) | more than 12 years ago | (#3118157)

Next year I wont put any of those damn blinking lights up on the tree, way too risky. And I dont want to accidently insult the leader of an alien race or something.. And by the way, I guess the same goes for HDD? Can you reconstruct the data pattern based on the terrible noise a HDD is making while it defragments (yet again..) my NTFS partition?

A quick solution (5, Funny)

smaughster (227985) | more than 12 years ago | (#3118162)

Just hide your hub in a teddy bear, noone will point his eavesdropping device on such an innocent toy, would they?

Tempest (0)

Anonymous Coward | more than 12 years ago | (#3118166)

Someone must be ingesting an illegal substance when concocting this post AND someone else is doing the same when posting it to Slashdot.

The government has done alot with reconstructing data from electronic emissions. Large sections of the Intelligence community do this type of work on a day to day basis. Interpreting data remotely from the emissions your CRT produce is old hat, but blinking LEDs are just that.

The government may be looking over your shoulder at your email, getting a warrant to bug your keyboard and search your hard drive after seizing your computer, but how many does that truly apply to ? For the rest, it's simpler to generate this type of FUD and cause geeks to become paranoid in the hope that we'll be good ;-)

Sniffing GigabitEthernet... (2, Insightful)

forged (206127) | more than 12 years ago | (#3118175)

...let alone OC-x, would be like trying to drink from a fire hose :) Besides, if LEDs would blink so well that you can reconstruct the signal with consumer-grade equipment, wouldn't we all be using optical networks by now?!

What? (0)

Anonymous Coward | more than 12 years ago | (#3118177)

This is rediculous. It's almost crazy enough to have Katz as a contributor. Where'd they get the idea for this? From that kid in Afgahnistan using his C64 to watch DivX movies?

Only applicable to low data rates and short range (2, Informative)

cybergibbons (554352) | more than 12 years ago | (#3118191)

I don't think we have too much to worry about here. They have proved it to work (supposedly, no evidence) on 56kbps. Most results are for 14.4kbps or less. This is for modems - generally they have TD/RD lights which are direct indications of the RS232 lines, so show data.

NICs, routers, switches, and hubs, tend to slow down the light flashes, or flash to packets, rather than bits. It makes it far easier to see what is going on. An LED would have difficulty keeping up with the high data rates as well (as well as any driver circuits).

It could be possible on a switch that has activity lights for all the network to ascertain which ones have most traffic, and hence gateways/DNS servers, but these things are generally found out in much easier ways.

It seems as if most of the posts before this are from people who didn't read the article, and are claiming it can't be true. RTFA.

who cares? (1)

edstromp (522727) | more than 12 years ago | (#3118192)

And if they find out all I do is read slashdot all day, what are they going to do?

Privacy certainly has it's points, but if they want to know that badly where I was surfing, I'd just as soon let them find out for that kind of effort.

RIAA (1)

telstar (236404) | more than 12 years ago | (#3118193)

Does the RIAA know about this? They might be able to get the courts to ban LEDs since apparently now their music is being distributed via light.

CRT's can nail you too (5, Informative)

phr2 (545169) | more than 12 years ago | (#3118197)

Here's a paper [cam.ac.uk] by the amazing Markus Kuhn (who has done many other brilliant security hacks besides this) showing how CRT display contents can be reconstructed from the light given off by the screen, even when the light is reflected diffusely off a wall. It makes me glad I use an LCD monitor.

This is the stupidest thing I've ever heard (1)

Clay Mitchell (43630) | more than 12 years ago | (#3118202)

I've never complained about content on Slashdot before, with the exception of Jon Katz' drivel.

But this is the dumbest thing I've ever heard. No, data can not be constructed from watching the LED's. Who's the marketing genius who came up with this idea? The only things that could be told:

1) You are connected.
2) You are sending data (maybe)
3) You are receiving data (maybe)

Does anybody really think that those little blinky lights are going fast enough to transmit any data? If so, are you on crack!? The only thing data that isn't transmitted too fast is like a 300 baud modem. And I certainly hope nobody's using that anymore. Somebody probably wrote this crap up so they could get marks on a performance review or something.

Soembody needs to have a bag of STFU and stop posting this ignorant imbecility.

Some communucation is possible (1)

asmithmd1 (239950) | more than 12 years ago | (#3118204)

What they are talking about is that it is possible to send some data using this back channel, not that you could see the actual data going through the device. Why someone would want to do this I don't know. Maybe you could tap out an SOS using Morse code to the guys in the NOC if your VoIP phone wasn't working

Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...