News

Researchers eavesdrop via headphones by changing sound ports on PC

By admin
Spread the love

Researchers at Israel’s Ben-Gurion University have developed software that allows them to make the output port work as an input port in computers with Realtek audio chips. That way they can pick up sound with connected headphones.

In their research they mention that it has long been known that speakers can act as microphones, because they convert sound waves into electrical signals. According to the researchers, this alone does not pose a security risk, because usually no speaker is connected to a microphone input. To make their software, called ‘Speake(a)r’, work, the researchers use a feature that is part of the Intel HD Audio specification. This makes it possible to assign a new function via software to an audio connection of a PC, for example from output to input. They demonstrate this using Realtek audio chips.

The researchers report that this method only works with the passive speakers that are found in headphones and not with active speakers that are equipped with an amplifier. These occur, for example, in computer boxes. By taking advantage of the fact that sound ports can take on a new function, because they have both a dac and an adc, the researchers were able to pick up intelligible sound at a distance of several meters. Headphones offered about the same sound quality at a distance of three to five meters as a microphone at a distance of nine meters.

Possible countermeasures, according to the researchers, are turning off the sound hardware in the BIOS or not connecting headphones, but this is not a user-friendly option. A better option would be to develop a custom driver to prevent or strictly enforce the assignment of a new function to a sound port. In addition, security software could use API monitoring to detect such changes.

The researchers at Ben Gurion University have been focusing on this type of research for some time now. For example, they devised a way to send data via radio waves with a USB drive and a method to steal data via the sound of a hard disk.

Demonstration of the Speake(a)r method

You might also like
News

Rumor: Apple is working on its own applications based on a large language model

News

EU Council determines position on security requirements for digital products

News

Samsung develops first GDDR7 chips, mentions bandwidths of up to 32Gbit/s per pin

News

ASUS will produce and support NUC mini PCs after Intel exit

News

Meta introduces open source language model Llama 2, works on PCs and phones

News

Logitech acquires stream controller maker Loupedeck