Sciam - cover

From the May 2009 Scientific American Magazine | 12 comments

How Hackers Can Steal Secrets from Reflections ( Preview )

Information thieves can now go around encryption, networks and the operating system

By W. Wayt Gibbs   

 


JEN CHRISTIANSEN (photoillustration of reflection); DIGITAL VISION/GETTY IMAGES (man with glasses)

e-mail print comment

Key Concepts

  • Even with the best network security, your electronic data may not be safe from a
    determined hacker.
  • Researchers have extracted information from nothing more than the reflection of a computer monitor off an eyeball or the sounds emanating from a printer.
  • These attacks are difficult to defend against and impossible to trace.

More from the Magazine

Through the eyepiece of Michael Backes’s small Celestron telescope, the 18-point letters on the laptop screen at the end of the hall look nearly as clear as if the notebook computer were on my lap. I do a double take. Not only is the laptop 10 meters (33 feet) down the corridor, it faces away from the telescope. The image that seems so legible is a reflection off a glass teapot on a nearby table. In experiments here at his laboratory at Saarland University in Germany, Backes has discovered that an alarmingly wide range of objects can bounce secrets right off our screens and into an eavesdropper’s camera. Spectacles work just fine, as do coffee cups, plastic bottles, metal jewelry—even, in his most recent work, the eyeballs of the computer user. The mere act of viewing information can give it away.

The reflection of screen images is only one of the many ways in which our computers may leak information through so-called side channels, security holes that bypass the normal encryption and operating-system restrictions we rely on to protect sensitive data. Researchers recently demonstrated five different ways to surreptitiously capture keystrokes, for example, without installing any software on the target computer. Technically sophisticated observers can extract private data by reading the flashing light-emitting diodes (LEDs) on network switches or by scrutinizing the faint radio-frequency waves that every monitor emits. Even certain printers make enough noise to allow for acoustic eavesdropping.

Graphic - Get the Rest of the Article
Graphic - Subscribe     Graphic - Buy this Issue
Already a Digital subscriber? Sign-in Now
If your institution has site license access, enter here.

Read Comments (12) | Post a comment


Share
Propeller    Digg!  Reddit delicious  Fark 
Slashdot    RT @sciam How Hackers Can Steal Secrets from ReflectionsTwitter Review it on NewsTrust 
sharebar end

You Might Also Like


Discuss This Article


Click here to submit your comment.

VIEW:

2,573 characters remaining
 
  Email me when someone responds to this discussion.
 

risk free issuefree gift
Sciam - cover Email:
Name:
Address:
Address 2:
City:
State:  
spacer

Subscription Center




Editor's Pick

  • Adapting to the Freshwater CrisisForward-thinking experts are getting a better handle on the growing global water shortage and coming up with innovative approaches to ensuring the security, safety and sustainability of this resource

Newsletter

Technology Newsletter

Get weekly coverage delivered to your inbox


 Podcasts

  • 60-Second Earth     RSS  · iTunes The Jellyfish Menace
    click to enable

    Download

  • 60-Second Science     RSS  · iTunes Plants Share Light If Neighbor Is Related
    click to enable

    Download





ADVERTISEMENT
 
 


Also on Scientific American


© 1996-2009 Scientific American Inc. All Rights Reserved. Reproduction in whole or in part without permission is prohibited.
ADVERTISEMENT