Researchers from several different universities demonstrated the hacking technique during a recent cybersecurity conference. They warned that a hacker could get acoustic leakage by studying any livestream or recording that took place near the monitor.
Distance and low-quality microphones offer no real defense against this. The researchers were able to catch the sounds made by the monitor from low-quality microphones as far as 30 feet away.
This security loophole is called a physical side channel. It reveals data through unavoidable interactions between the hardware and the computing process.
It turns out that many power supply boards in most monitors generate high-frequency sounds as they render the data onto your screen. The tone and pitch of the whine change based on the amount of power it uses at any given time. (Related: SCARY: Computer experts show how easy it is to hack off-the-shelf smart devices like baby monitors and home security cameras.)
Led by researchers from Tel Aviv University (TAU), the study evaluated several dozen LCD monitors of different sizes and from different manufacturers based on their physical side channels. They reported that every single screen gave off an acoustic signature.
Once they acquired the signals from the TV, the researchers applied a program that made different patterns of alternating lines of opposite color. They recorded the acoustic information of this changing pattern, as well as the patterns of commonly used websites and the faces of people.
These ultrasonic recordings served as training data for machine learning algorithms. As they learned from the experience, the algorithms began to churn out more accurate copies of the data on the monitor.
The trained AI could identify certain images and websites with at least 90 percent accuracy. Sometimes, it could even predict the content of screens based on sounds that the algorithm had not encountered during training.
The researchers upped the ante by teaching the algorithms how to identify sounds associated with letters and words. They found that the AI could reliably predict the presence of words if they were written in large font.
The physical side channel is not just limited to the monitors of desktops and laptops. While mechanical keyboards generate more noise that can be heard by human ears, the onscreen keyboards of smartphones and tablets also make identifiable noise.
To make matters worse, the microphone inside your smartphone or webcam is sensitive enough to pick up the ultrasonic noise made by your digital keyboard. The researchers claim that a hacker could get a good glimpse of the screen by recording the sound output of your phone and giving the data to the right algorithms.
The study also brought up several potential ways to protect against this malevolent kind of electronic surveillance. One is to find a way to shield the electronic parts inside your monitor. This makes the appliance more expensive to build, however, so manufacturers are unlikely to do this.
Another way is to create software that can change the sounds given off by a monitor over its physical side channel. This gives the hacker gibberish sound that mean nothing. However, these software must be embedded into every vulnerable app or program.
PrivacyWatch.news has more helpful articles to secure your computer against hackers.
Sources include: