Researchers Turn Hard Drives Into Covert Listening Devices

Researchers Turn Hard Drives Into Covert Listening Devices

Spinning hard drives are no longer the backbone of the average computer thanks to the increasing affordability and capacity of solid-state NAND chips. However, the spinning drive is far from dead — if you need the most bang for your storage buck, traditional hard drives are still king. It turns out those spinning drives might have another trick up their sleeves. Researchers from the University of Michigan Zhejiang University in China have shown that hard drives can also become eavesdropping devices.

Turning a hard drive into a listening device doesn’t have anything to do with its data storage capabilities. Instead, the team leveraged the sensors that help control the position of the read head above the platters. The head needs to be in precisely the right spot on the track to operate — even a few nanometers can be the difference between perfect functionality and a corrupted file. The drive’s internal sensors generate what’s called a Positional Error Signal (PES), and this is how the researchers extracted sounds from the hard drive.

In a proof of concept experiment, the team installed modified firmware on the drives that could record the PES measurements. Using that data, the researchers created high-quality recordings of human voices. In another test, the PES data was sufficient to reconstruct music playing near the hard drive. It was so accurate that the music ID app Shazam was able to identify the song.

Researchers Turn Hard Drives Into Covert Listening Devices

There are a few notable drawbacks to this eavesdropping method. For one, you need physical access to the hard drive to implant the malicious firmware. Then, you need a package on the computer with internet access to send the PES data. It’s not impossible — state actors have been known to intercept computers and implant bugs before sending them along to the target. The other issue is the sounds near the hard drive need to be rather loud. For human speech, you’re looking at 75dB minimum, which is like having an almost-argument within a few feet of a hard drive. To ID music, it needs to be playing at about 90dB. That’s like a lawnmower.

So, your hard drive probably isn’t spying on you. It could, though, if you were an attractive-enough target.

Continue reading

Windows Timeline Is About to Lose Cross-Device Sync
Windows Timeline Is About to Lose Cross-Device Sync

The company had to circle back just hours after posting the changelog to explain what it's doing with Timeline. While it's not completely removing the feature, it's about to become much less useful.

Windows 10 Now Active on 1.3 Billion Devices, Says Microsoft
Windows 10 Now Active on 1.3 Billion Devices, Says Microsoft

Like a number of other technology firms, Microsoft has the global pandemic to thank for its windfall. It turns out people buy more computers when they're stuck at home.

Why You Should (Or Shouldn’t) Root Your Android Device
Why You Should (Or Shouldn’t) Root Your Android Device

A rooted Android device is more powerful, but it's also more risky. That's nothing to worry about if you can't even root your phone, an increasingly common occurrence.

Roku Upgrades Its Best-Selling Streaming Device With the Streaming Stick 4K
Roku Upgrades Its Best-Selling Streaming Device With the Streaming Stick 4K

The upgraded device earned its “4K” suffix through added support for Dolby Vision and HDR 10+.