Your HDD as an accidental microphone

Oliver Davis
Oliver Davis

We’re used to attaching peripherals to our computers, when we have a need for them to interact with the world around them. An Arduino Uno needs a shield to turn on the lights, for example. Just sometimes though there is the potential for unintended interaction between a computer and the real physical world which surrounds it, and it’s one of those moments that [Alfredo Ortega] has uncovered in his talk at the EKO Party conference in Buenos Aires. He demonstrates how a traditional spinning-rust computer hard disk interacts with vibration in its surroundings, and can either become a rudimentary microphone, or be compromised by sound at its resonant frequency.
It seems that you can measure the response time of the hard drive head during a read operation without requiring any privilege escalation. This timing varies with vibration, so can be used to reconstruct the sound that the drive is facing. Thus it becomes a microphone, albeit not a very good one with a profoundly bass-heavy response. He goes on to investigate the effect of sound on the drive, discovering that it has a resonant frequency at which the vibration causes it to be unreadable.
Sadly the talk itself appears not yet to be online, but given that previous years’ EKO talks are on YouTube it is likely that when the dust has settled you will be able to see it in full. Meanwhile he’s posted a video demonstration which we’ve posted below the break.

https://hackaday.com/2017/10/08/your-hard-disk-as-an-accidental-microphone/

All urls found in this thread:
https://hackaday.com/2017/10/08/your-hard-disk-as-an-accidental-microphone/
https://www.youtube.com/watch?v=ntw32kYDryM
https://www.malwaretech.com/2015/04/hard-disk-firmware-hacking-part-1.html
https://www.youtube.com/watch?v=tDacjrSCeq4
Jeremiah Johnson
Jeremiah Johnson

It's a magnetic tape disc, and just like the fucking ceramics of 7000 years ago, which were made by rotation, they capture sound.
That's obvious.

Blake Diaz
Blake Diaz

Everything captures sound, yet this experiment also demonstrates that the resonating sound causes the disc to be unreadable and eventually the OS disconnects it.

Jaxon Diaz
Jaxon Diaz

I want to see quality of the recordings.

Carson Perez
Carson Perez

I would too. The waveform didn't look like it gave much information away. It's still pretty interesting.

Hudson Baker
Hudson Baker

Glow in the dark agencies have probably known about this for decades.

Cameron Gutierrez
Cameron Gutierrez

true

Austin Anderson
Austin Anderson

HDD-microphones.pdf
(((You))) probably use this to identify hard drives which have had all identification removed from them. Simple solution is replace the platter head when you remove identification from a drive. Well maybe not that simple.

Jeremiah Kelly
Jeremiah Kelly

is ssd confirmed now for less cia niggers than hdd?

Ryan Harris
Ryan Harris

Hell no. SSD's by default have the "S.M.A.R.T" backdoors. Along with the firmware backdoors if you have access to the pci-e space to flash it. Atleast with older HDD's you can avoid such things.

Luis Hall
Luis Hall

Ramdisk is what you want.
- io speed faster than SSD
- data destruction more reliable than HDD

Jacob Stewart
Jacob Stewart

S.M.A.R.T. is as old as SATA. What da fuk HDD do you use that doesn't have this?

Chase Turner
Chase Turner

PDF slides mention something about using this in remote cloud environment, but data centers have so much noise, staff is forced to wear ear protection. Good luck recording anything useful there.

Elijah Parker
Elijah Parker

SSD's come with proprietary firmware running on low power CPUs that handle all the trickery it takes to fool windows into using the disc. The filesystem you choose to run in software on your OS is imitated on the drive, but the firmware uses a different drive-dependent filesystem that can access over provisioned areas as well as the cache. FOSS SSDs are made by that one company in Worst Korea and are expensive, but modular. HDD can be less CIA, but it usually doesn't matter since storage isn't the biggest attack surface.
lol
measuring hard drive models by ear

Colton Cox
Colton Cox

what is a IDE drive
The noise doesn't matter. It's better to use this as a method of getting a certain oscilation of noise to identify the drive like a UUID. As a malware vector or spying vector it's implausable without much effort.
But this is easly gotten around by changing the drive physically after you purchase it like a single platter being replaced.

Nicholas Peterson
Nicholas Peterson

judging by video https://www.youtube.com/watch?v=ntw32kYDryM , it's enough to block sound by hand to change response time, so it's not very useful for reliable identification. Still a data-point though, I guess.

I am not familiar with nitty-gritty details, how do syscalls work over the network?
Will secure NAS with massive raid and lots of caching placed in soundproof room save me?

Jose Bennett
Jose Bennett

No I was thinking if someone got physical access you could sound test it for unique identification. Kinda like n-s-yayyy-kun admited here . But something to track hard drives with identification removed as mentioned here

You're safe from network attack using your hardrive to listen to you for now?

Andrew Wright
Andrew Wright

https://www.malwaretech.com/2015/04/hard-disk-firmware-hacking-part-1.html

Logan Watson
Logan Watson

But think of the tracking. What if someone deleted the data on the drive before you could backdoor/get to it and it was unidentifiable. You could sound test it for a UUID from the factory if n-s-yayyy-kun. I have no doubt (((they))) already do such things.

Adam Diaz
Adam Diaz

S.M.A.R.T. was even available on many IDE drives. Please tell me you're larping and not using some 800MB drive from the 90's.

Zachary Garcia
Zachary Garcia

You can't just use one btw. You need atleast four or so unless you want to airgap a compromised drive across everytime to access pictures and shit.

Matthew Brown
Matthew Brown

access pictures

user...

Sebastian Kelly
Sebastian Kelly

(You) don't understand what that picture of why not both meant, did (you)?

Jordan Jackson
Jordan Jackson

at least it isn't as bad as electromagnetic leaks and TEMPEST vulnerabilites

Asher Jenkins
Asher Jenkins

Tempest encompasses shit like this. It's not squarely aimed at unintentional RF transmissions.

Mason Thompson
Mason Thompson

https://www.youtube.com/watch?v=tDacjrSCeq4
kek'd

Xavier Turner
Xavier Turner

not using a zip drive

Robert Richardson
Robert Richardson

not using a faraday cage enclosed and waxed DRAM as a drive

Cameron Johnson
Cameron Johnson

using magnetic storage

David Robinson
David Robinson

"S.M.A.R.T" backdoors
ayy lmao

Adrian Hill
Adrian Hill

Wasnt this proven to be a load of shit

Cameron Williams
Cameron Williams

tfw I can read the labels on this pic
what did the chans do to me

Adam Lewis
Adam Lewis

I remember using one back in the 90's, and it had SMART.

Tyler Price
Tyler Price

All storage is magnetic you egg

Mason Green
Mason Green

It sounds like bullshit to me but I have no proof and I've seen these 1337 researchers do some really crazy wizardry

Disable AdBlock to view this page

Disable AdBlock to view this page