Godlike Hack Steals Encrypted Keys by Watching LED From 16 Meters Away (futurism.com)

submitted 1 year ago* (last edited 1 year ago) by PhantomPhanatic@lemmy.world to c/cybersecurity@sh.itjust.works

3 comments fedilink hide all child comments

Link to the paper: https://eprint.iacr.org/2023/923

top 3 comments

sorted by: hot top controversial new old

[-] mo_ztt@lemmy.world 6 points 1 year ago

In one, they say they were able to hijack an Internet-connected security cam and capture footage of the power LED of a smart card reader 16 meters away. After processing and analyzing the footage, the team was able to recover the 256-bit key.

Wow! That's incredibly impressive.

In another study, they were able to take iPhone footage of the power LED of Logitech speakers that were hooked up to an USB hub that was also charging a Samsung Galaxy S8 smart phone. From looking at the speakers' power LED and analyzing its colors and brightness, the team says they were able to uncover the 378-bit key for the Samsung Galaxy — a remarkable scenario because the key was solved indirectly by looking at another connected device.

Holy shit! That's unbelievable! By which I mean: I don't believe you.

[-] PhantomPhanatic@lemmy.world 1 points 1 year ago* (last edited 1 year ago)

Power fluctuations on a USB hub indicate power draw and can be directly related to data sent over the bus. I can totally believe this.

This video explains the method in more detail: https://youtu.be/ITqBKRZvS3Y

[-] Amilo1591@lemmynsfw.com 3 points 1 year ago

The part about hacking Galaxy S8 keys by looking at a speaker connected to same usb.. I think it's very far fetched.

S8 has a battery that is constantly charged by usb cable. When you unlock the phone, power draw doesn't change except maybe for a brief second when key is entered.

this post was submitted on 17 Jun 2023

10 points (81.2% liked)

Cybersecurity

5583 readers

13 users here now

c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.

THE RULES

Instance Rules

Be respectful. Everyone should feel welcome here.
No bigotry - including racism, sexism, ableism, homophobia, transphobia, or xenophobia.
No Ads / Spamming.
No pornography.

Community Rules

Idk, keep it semi-professional?
Nothing illegal. We're all ethical here.
Rules will be added/redefined as necessary.

If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.

Learn about hacking

Hack the Box

Try Hack Me

Pico Capture the flag

Other security-related communities !databreaches@lemmy.zip !netsec@lemmy.world !cybersecurity@lemmy.capebreton.social !securitynews@infosec.pub !netsec@links.hackliberty.org !cybersecurity@infosec.pub !pulse_of_truth@infosec.pub

Notable mention to !cybersecuritymemes@lemmy.world

founded 1 year ago

MODERATORS

kid@sh.itjust.works

Lanky_Pomegranate530@midwest.social