Hot Air Hackers / Jess Amspec

The hot air emitted by the computer can reveal the user's private information

The most secure computers in the world cannot Google anything because they are not connected to the Internet or any other network. The US military and its National Security Agency (NSA) rely on this security measure, known as "air gapping". So does the "intercept", The Intercept, the news agency founded by Glenn Greenwald, which played a central role in exposing the NSA's extensive surveillance program. But nothing stands in the way of desire. A group of doctoral students from Ben Gurion University of the Negev announced that they could extract information from a computer "insulated in air" by reading the encoded messages in the heat emitted from its processor as if they were smoke signals.

All computers include heat sensors, which sense the heat emitted by the processor and turn on the fans so that components are not damaged. To succeed in breaking into an office environment, the hacker would have to infect two neighboring desktop computers with malware: one isolated and the other connected to the Internet. The software will be able to take control of them and allow them to decode information encoded in the sensor data. A virus carrying the software could infect the computer connected to the Internet quite easily. To infect the second, isolated computer, a portable memory device or other piece of hardware would have to be connected to it, which is not easy in well-secured facilities.

If the hacker searches for a password stored on the isolated computer, the malware can instruct its CPU to perform operations in a pattern that will reveal the password characters. Each burst of activity will produce a gust of hot air, which will reach the computer connected to the network. Its heat sensors will record one bit of information. After some time you will receive a series of bits representing the password. The computer connected to the network will then be able to send this information to the person who asked to discover it. The computer scientists named their exercise BitWhisper.

It sounds very slow, and it really is slow. The hacked computer can transmit a maximum of eight bits per hour, and it and its online host cannot be more than 40 centimeters away. But this rate is enough to obtain the necessary information, says Israel Mirsky, one of the participants in the study, which was presented at the Information Security Conference of the Society of Electrical and Electronics Engineers (IEEE) held in Verona in July 2015. "You don't need more than five bits," he says, to convey a simple message From the online computer to the disconnected computer, such as a command that will activate an information destruction algorithm.

BitWhisper may seem too complicated, after all, if you managed to infect your computer with malware using a memory device, why bother transmitting signals through heat? Mirsky says that this method allows a hacker to control an isolated computer without sitting right next to it. Also, a computer overheating is not unusual, and it is possible that a hack will not be noticed, says Anil Madhavpadi, who studies unconventional ways of transferring information at the University of Cambridge and was not involved in the research. "In general, as computers become faster and the information stored in them becomes more valuable," he explains, "even the most hidden and slow information transfer channels are useful to hackers, as they can simply sit and let them run for hours or even days and siphon important information without being detected. "

It is, of course, very easy to prevent such a hack: move the isolated computers away from any computer connected to the network, or place an isolation sheet between the computers. Given the conditions that BitWhisper will have to operate in in the real world, it seems that it would be easier to search for a human whistleblower.

The article was published with the permission of Scientific American Israel