Researchers Turn Hard Drives Into Covert Listening Devices

Spinning hard drives are no longer the backbone of the average computer thanks to the increasing affordability and capacity of solid-state NAND chips. However, the spinning drive is far from dead — if you need the most bang for your storage buck, traditional hard drives are still king. It turns out those spinning drives might have another trick up their sleeves. Researchers from the University of Michigan Zhejiang University in China have shown that hard drives can also become eavesdropping devices.
Turning a hard drive into a listening device doesn’t have anything to do with its data storage capabilities. Instead, the team leveraged the sensors that help control the position of the read head above the platters. The head needs to be in precisely the right spot on the track to operate — even a few nanometers can be the difference between perfect functionality and a corrupted file. The drive’s internal sensors generate what’s called a Positional Error Signal (PES), and this is how the researchers extracted sounds from the hard drive.
In a proof of concept experiment, the team installed modified firmware on the drives that could record the PES measurements. Using that data, the researchers created high-quality recordings of human voices. In another test, the PES data was sufficient to reconstruct music playing near the hard drive. It was so accurate that the music ID app Shazam was able to identify the song.

There are a few notable drawbacks to this eavesdropping method. For one, you need physical access to the hard drive to implant the malicious firmware. Then, you need a package on the computer with internet access to send the PES data. It’s not impossible — state actors have been known to intercept computers and implant bugs before sending them along to the target. The other issue is the sounds near the hard drive need to be rather loud. For human speech, you’re looking at 75dB minimum, which is like having an almost-argument within a few feet of a hard drive. To ID music, it needs to be playing at about 90dB. That’s like a lawnmower.
So, your hard drive probably isn’t spying on you. It could, though, if you were an attractive-enough target.
Continue reading

NASA Discovers Vital Organic Molecule on Titan
In the latest analysis, researchers from NASA have identified an important, highly reactive organic molecule in Titan's atmosphere. Its presence suggests the moon could support chemical processes that we usually associate with life.

New Intel Rocket Lake Details: Backwards Compatible, Xe Graphics, Cypress Cove
Intel has released a bit more information about Rocket Lake and its 10nm CPU that's been back-ported to 14nm.

Google Uncovers iPhone Exploit That Can Steal Data Over Wi-Fi
According to Ian Beer of Google's Project Zero security team, the flaw allowed him to steal photos from any iPhone just by pointing a Wi-Fi antenna at it.

Paleontologists Might Have Discovered the Largest Dinosaur That Ever Lived
Scientists excavating a new species of dinosaur in Argentina have reported that the specimen might be the largest that ever lived. Even if it doesn't set a record, the animal was much bigger than anything alive today.