Researchers Steal Data From Computer Using Monitor Brightness

Researchers Steal Data From Computer Using Monitor Brightness

The conventional wisdom of computer security holds that the most sensitive data should live exclusively in “air-gapped” systems without a network connection. Still, no security protocol is completely foolproof. We’ve seen a few methods of extracting data from air-gapped systems, and the latest is particularly insidious. Researchers from Ben Gurion University have devised a way to leak data from a computer via changes in display brightness.

Similar to some past methods of data extraction, the system demonstrated by Ben Gurion University requires some planning. It’s not (thankfully) a vulnerability in any software or hardware that someone can exploit to steal data. Instead, an attacker would need access to the computer to install a piece of malware. They could also use social engineering to get someone who has legitimate access to an air-gapped system to load malware.

The exploit developed by the team takes the data from the secure system and encodes it as binary. To exfiltrate the data, you need a camera near the system that can see the screen. By making subtle changes in the monitor’s RGB color values, the malware sends the 1s and 0s visually. The changes can also flip on and off as fast as the monitor refreshes. Someone sitting at the computer won’t notice anything amiss, but their actions could slowly trickle out on a video feed. Even looking at static screen images of “0” and “1” signals would not tip anyone off.

You can see the technique at work in the video above. The variations in the “filtered” side are almost imperceptible, so no one has any hope of spotting them unaided. The complicated setup is a drawback of this attack, and you’re also not going to get a lot of data. Under ideal conditions, the Ben Gurion University team was able to extract 5 bits per second from the air-gapped machine. That’s about 60 times slower than an old-fashioned Bell 300 baud dial-up modem from the 1970s. This is enough to grab text from the system, but that’s it.

This is not something you need to worry much about — there are much easier ways to steal data from devices that connect to the internet. This approach also requires a lot of setup and planning just to steal a few bits of data. Still, it’s just one more thing for people in highly secure facilities to worry about.

Continue reading

Razer Updates Raptor 27 Gaming Monitor: Higher Refresh Rate, Price
Razer Updates Raptor 27 Gaming Monitor: Higher Refresh Rate, Price

The company has just announced a new version of its premium gaming monitor with faster refresh and the option to ditch some of those LEDs with a custom stand. However, the Raptor 27 doesn't come cheap.

Samsung Announces New, Less Curvy Odyssey Gaming Monitors
Samsung Announces New, Less Curvy Odyssey Gaming Monitors

The 2020 Odyssey release focused on curved display panels. The latest ones are all flat, but they've still got various high-end gaming features.

China’s Tencent Adds Face Scanning to Monitor Children Gaming
China’s Tencent Adds Face Scanning to Monitor Children Gaming

Dozens of mobile games will now use facial recognition to make sure no one underage is playing games too late at night. This is only the start, and Tencent says its "Midnight Patrol" technology is coming to more games soon.

You Can Now Pre-Order a $17,500 3D Holographic Monitor, Not That You Should
You Can Now Pre-Order a $17,500 3D Holographic Monitor, Not That You Should

A company called Looking Glass Factory has just unveiled its second-generation holographic displays. They aren't cheap, but the technology is mature enough that designers or animators might actually want to drop the cash on one.