BitWhisper: Stealing data from the computers which are not connected with internet using heat

No matter how secure you think a computer is, there’s always a vulnerability somewhere that a remote attacker can utilize if they’re determined enough. To reduce the chance of sensitive material being stolen, many government and industrial computer systems are not connected to outside networks. This practice is called air-gapping, but even that might not be enough. The Stuxnet worm from several years ago spread to isolated networks via USB flash drives, and now researchers at Ben Gurion University in Israel have shown that it’s possible to rig up two-way communication with an air-gapped computer via heat exchange.

Researchers call this technique of harvesting sensitive data “BitWhisper.” It was developed and tested in a standard office environment with two systems sitting side-by-side on a desk. One computer was connected to the Internet, while the other had no connectivity. This setup is common in office environments where employees are required to carry out sensitive tasks on the air-gapped computer while using the connected one for online activities.

BitWhisper does require some planning to properly execute. Both the connected and air-gapped machines need to be infected with specially designed malware. For the Internet box, that’s not really a problem, but even the air-gapped system can be infected via USB drives, supply chain attacks, and so on. Once both systems are infected, the secure machine without Internet access can be instructed to generate heating patterns by ramping up the CPU or GPU. The internet-connected computer sitting nearby can monitor temperature fluctuations using its internal sensors and interpret them as a data stream. Commands can also be sent from the Internet side to the air-gapped system via heat.

The malware is able to use the heat patterns as a covert data channel between the machines, thus defeating the air-gap. The data rate between the connected and air-gapped computers isn’t particularly fast — it’s somewhere around eight bits per hour. Still, that’s enough to snatch passwords and text files over time. Because all the data theft takes place over invisible heat signals, there are almost no signs of intrusion in the secure network.

Once the malware has found a home in the air-gapped network, it can be instructed to spread to other computers in search of more heat-driven communication channels. The researchers say a secure network is vulnerable to BitWhisper anywhere an internet-connected PC is 15-inches or less away from an air-gapped system. BitWhisper can seek out new connections by sending out periodic “thermal pings” to link up nearby computers.

The researchers demonstrated BitWhisper using a computer with a USB missile-launcher toy attached. In the video above, they were able to send heat commands from the connected system over the air-gap to the isolated system and control the missile launcher. There are a lot of things that can go wrong with this system — something as small as a desk fan could break the connection. Still, it’s an ingenious proof-of-concept.

TINY CIRCULATOR IN PHONES COULD DOUBLE BANDWIDTH

Radio wave circulator developed by researchers at the Cockrell School of Engineering.

Engineers have found a way to dramatically shrink a critical component of cellphones and other wireless devices.

A much smaller, more efficient radio wave circulator has the potential to double the useful bandwidth in wireless communications by enabling full-duplex functionality—meaning devices can transmit and receive signals on the same frequency band at the same time.

The researchers did it by ditching the magnets.

“We are changing the paradigm with which isolation and two-way transmission on the same frequency channel can be achieved. We have built a circulator that does not need magnets or magnetic materials,” says Andrea Alu, an associate professor at the Cockrell School of Engineering at the University of Texas at Austin.

Since the advent of wireless technology 60 years ago, magnetic-based circulators have been in principle able to provide two-way communications on the same frequency channel, but they are not widely adopted because of the large size, weight, and cost associated with using magnets and magnetic materials.

Freed from a reliance on magnetic effects, the new circulator has a much smaller footprint while also using less expensive and more common materials.

The prototype circulator is 2 centimeters in size—more than 75 times smaller than the wavelength of operation. The circulator may be further scaled down to as small as a few microns, according to the researchers.

The design is based on materials widely used in integrated circuits such as gold, copper, and silicon, making it easier to integrate in the circuit boards of modern communication devices.

HOW IT WORKS

The researchers’ device works by mimicking the way magnetic materials break the symmetry in wave transmission between two points in space, a critical function that allows magnetic circulators to selectively route radio waves.

With the new circulator, the researchers accomplish the same effect, but they replaced the magnetic bias with a traveling wave spinning around the device.

Another unique feature is that the new circulator can be tuned in real time over a broad range of frequencies, a major advantage over conventional circulators.

“With this technology, we can incorporate tunable nonreciprocal components in mobile platforms,” says Nicholas Estep, lead researcher and a doctoral student in electrical and computer engineering. “In doing so, we may pave the way to simultaneous two-way communication in the same frequency band, which can free up chunks of bandwidth for more effective use.”

FEWER DROPPED CALLS

For telecommunications companies, which pay for licenses to use frequencies allotted by the US Federal Communications Commission, a more efficient use of the limited available bandwidth means significant cost advantages.

Additionally, because the design of the circulator is scalable and capable of circuit integration, it can potentially be placed in wireless devices.

“We envision micron-sized circulators embedded in cellphone technology. When you consider cellphone traffic during high demand events such as a football game or a concert, there are enormous implications opened by our technology, including fewer dropped calls and clearer communications,” Estep says.

The circulator also could benefit other industries that currently use magnetic-based circulators. For instance, circulators used in phased arrays and radar systems for aircraft, ships, and satellites can be extremely heavy and large, so minimizing the size of these systems could provide significant savings.

Nvidia's next-gen Pascal GPU

Nvidia's next-gen Pascal GPU will offer 10x the performance of Titan X, 8-way SLI

If Nvidia's beastly new Titan X graphics card wows you—and it should—well, hold onto your pants: The company said it's next-gen GPU technology, codenamed Pascal, will offer roughly ten times the performance of the Titan X, at least in compute tasks.

The next-generation GPU from Nvidia would also offer a host of new technologies, including 3D-stacked memory and NVLink, said CEO Jen-Hsun Huang during the GPU Technology Conference's keynote in San Jose. The GPU will essentially be a super computer, Huang said, and Nvidia is shooting for it to be ten times faster than today's Maxwell-based GPUs.

Huang also revealed that a Pascal GPU could run up to 32GB of RAM, rather than the maximum of 12GB a Maxwell-based card can use.

All-important memory bandwidth—which can choke a GPU's performance if it can't keep up—will be three times that of Maxwell. Since Pascal will feature the company's upcoming NVLink technology, which Nvidia claims outperforms PCI-E by five times, Huang says he expects to be able to run up to eight discrete GPUs in a single machine, rather than today's limit of four.

Volta

Also back on Nvidia's roadmap is its Volta chip. Volta was originally scheduled to be the follow up to its Maxwell parts but was mysteriously pulled from last year's GTC roadmap, with Pascal put in its place. The roadmap Huang showed off showed Pascal availability in 2016, with Volta slated for 2018.

No details of Volta were revealed, but that GPU was to use stacked RAM and unified memory. Pascal is now expected to be the first GPU from Nvidia to use stacked RAM chips and NVLink.