Through the eyepiece of Michael Backes’s small Celestron telescope, the 18-point letters on the laptop screen at the end of the hall look nearly as clear as if the notebook computer were on my lap. I do a double take. Not only is the laptop 10 meters (33 feet) down the corridor, it faces away from the telescope. The image that seems so legible is a reflection off a glass teapot on a nearby table. In experiments here at his laboratory at Saarland University in Germany, Backes has discovered that an alarmingly wide range of objects can bounce secrets right off our screens and into an eavesdropper’s camera. Spectacles work just fine, as do coffee cups, plastic bottles, metal jewelry—even, in his most recent work, the eyeballs of the computer user. The mere act of viewing information can give it away.
The reflection of screen images is only one of the many ways in which our computers may leak information through so-called side channels, security holes that bypass the normal encryption and operating-system restrictions we rely on to protect sensitive data. Researchers recently demonstrated five different ways to surreptitiously capture keystrokes, for example, without installing any software on the target computer. Technically sophisticated observers can extract private data by reading the flashing light-emitting diodes (LEDs) on network switches or by scrutinizing the faint radio-frequency waves that every monitor emits. Even certain printers make enough noise to allow for acoustic eavesdropping.
Outside of a few classified military programs, side-channel attacks have been largely ignored by computer security researchers, who have instead focused on creating ever more robust encryption schemes and network protocols. Yet that approach can secure only information that is inside the computer or network. Side-channel attacks exploit the unprotected area where the computer meets the real world: near the keyboard, monitor or printer, at a stage before the information is encrypted or after it has been translated into human-readable form. Such attacks also leave no anomalous log entries or corrupted files to signal that a theft has occurred, no traces that would allow security researchers to piece together how frequently they happen. The experts are sure of only one thing: whenever information is vulnerable and has significant monetary or intelligence value, it is only a matter of time until someone tries to steal it.
On supporting science journalism
If you're enjoying this article, consider supporting our award-winning journalism by subscribing. By purchasing a subscription you are helping to ensure the future of impactful stories about the discoveries and ideas shaping our world today.
From Tempest to Teapot The idea of stealing information through side channels is far older than the personal computer. In World War I the intelligence corps of the warring nations were able to eavesdrop on one another’s battle orders because field telephones of the day had just one wire and used the earth to carry the return current. Spies connected rods in the ground to amplifiers and picked up the conversations. In the 1960s American military scientists began studying the radio waves given off by computer monitors and launched a program, code-named “Tempest,” to develop shielding techniques that are used to this day in sensitive government and banking computer systems. Without Tempest shielding, the image being scanned line by line onto the screen of a standard cathode-ray tube monitor can be reconstructed from a nearby room—or even an adjacent building—by tuning into the monitor’s radio transmissions.
Many people assumed that the growing popularity of flat-panel displays would make Tempest problems obsolete, because flat panels use low voltages and do not scan images one line at a time. But in 2003 Markus G. Kuhn, a computer scientist at the University of Cambridge Computer Laboratory, demonstrated that even flat-panel monitors, including those built into laptops, radiate digital signals from their video cables, emissions that can be picked up and
decoded from many meters away. The monitor refreshes its image 60 times or more each second; averaging out the common parts of the pattern leaves just the changing pixels—and a readable copy of whatever the target display is showing.
“Thirty years ago only military suppliers had the equipment necessary to do the electromagnetic analysis involved in this attack,” Kuhn says. “Today you can find it in any well-equipped electronics lab, although it is still bulky. Sooner or later, however, it will be available as a plug-in card for your laptop.”
Similarly, commonplace radio surveillance equipment can pick up keystrokes as they are typed on a keyboard in a different room, according to Martin Vuagnoux and Sylvain Pasini, both graduate students in computer science at the Swiss Federal Institute of Technology in Lausanne. The attack does not depend on fluctuations in the power supply, so it works even on the battery-powered laptops you see by the dozen in any airport terminal.
Vuagnoux and Pasini showed off the feat in an online video recorded last October. They are now preparing a conference paper that describes four distinct ways that keystrokes can be deduced from radio signals captured through walls at distances up to 20 meters. One of the newer methods is 95 percent accurate. “The way the keyboard determines which key is pressed is by polling a matrix of row and column lines,” explains Kuhn, who proposed (but never demonstrated) one of these methods a decade ago. “The polling process emits faint radio pulses, and the position of those pulses in time can reveal which key was pressed.”
Last May a group led by Giovanni Vigna of the University of California, Santa Barbara, published details of a fifth way to capture typing that does not require a fancy radio receiver; an ordinary webcam and some clever software will do. Vigna’s software, called ClearShot, works on video of a victim’s fingers typing on a keyboard. The program combines motion-tracking algorithms with sophisticated linguistic models to deduce the most probable words being typed. Vigna reports that ClearShot reconstructs the typed text about as quickly as human volunteers do, but not quite as accurately.
It might seem implausible that someone would allow their own webcam to be used against them in this way. It is not. Gathering video from a webcam can be as simple as tricking the user into clicking on an innocuous-looking link in a Web page, a process known as clickjacking. Last October, Jeremiah Grossman of WhiteHat Security and Robert Hansen of SecTheory revealed details of bugs they discovered in many Web browsers and in Adobe’s Flash software that together allow a hostile Web site to collect audio and video from a computer’s microphone and webcam. Just a single errant click launches the surveillance.
Eye See You Still, Backes points out, “almost all these interception methods are accessible only to experts with specialized knowledge and equipment. What distinguishes the attack based on reflections is that almost anyone with a $500 telescope can do it, and it is almost impossible to defend against completely.”
Backes, a fellow of the Max Planck Institute for Software Systems in Saarbrücken, Germany, who made a name for himself at IBM’s research lab in Zurich before entering academia, spends most of his time working on the mathematics that underlies cryptography. But every year he works on a new project with his students just for fun. This year they wrote computer code that translates an audio recording of a dot-matrix printer—the noisy variety that is still often used by airlines, banks and hospitals—into a picture of the page that was being printed at the time. Based on the success of that work, Backes’s group has been performing experiments to determine whether the method could be extended to retrieve text from recordings of ink-jet printers. “Obviously, this is much harder because ink-jets are so quiet,” Backes says.
Last year the idea for the annual fun project dawned on Backes as he was walking past the office where his graduate students were furiously typing away. “ ‘What are they working on so hard?’ I wondered,” Backes says. As he noticed a small blue-white patch in a teapot on one student’s desk and realized it was the reflection of the computer screen, the idea struck. “The next day I went to a hobby shop and bought an ordinary backyard telescope [for $435] and a six-megapixel digital camera.”
The setup worked surprisingly well. Medium-size type was clearly legible when the telescope was aimed at reflections in a spoon, a wine glass, a wall clock. Nearly any shiny surface worked, but curved surfaces worked best, because they revealed wide swathes of the room, thus eliminating the need for a peeping hacker to find a sweet spot where the reflected screen is visible. Unfortunately, all of us who use computer screens have nearly spherical, highly reflective objects stuck to our faces. Could digital secrets be read off the eyes of their beholders?
Backes knew he would need a bigger telescope and a more sensitive camera to find out. Because eyeballs are rarely still for more than a second or so, the shutter speed on the camera would have to be fast to reduce motion blur. “For eyes, it is the brightness of the reflected image, not its resolution, that limits how far away a spy can be,” Backes says.
He bought a $1,500 telescope and borrowed a $6,000 astronomical camera from the Max Planck Institute for Astronomy in Heidelberg, Germany. Now he was able to make out 72-point text in the eye of a target 10 meters away.
He figured he could do even better by borrowing something else from astronomy: a process called deconvolution that removes blur in photographs of distant galaxies. The idea is to measure how a point of light in the original image (such as a star or a reflected status LED on a monitor) smears when captured by the camera. A mathematical function can then reverse the blurring to restore the point, sharpening the rest of the image at the same time [Purchase the digital edition to see related sidebar]. The deconvolution software lowered the threshold of legibility to 36-point type at 10 meters for a telescope that could easily be hidden inside a car. A van-size telescope could do even better.
Backes will present his results this month at the IEEE Symposium on Security and Privacy, but he already has ideas for further improvement. “A real attacker could train an invisible laser on the target,” he notes. That would enable autofocusing on the eyeball and better deconvolution of the motion blur. Spies could take advantage of software from HeliconSoft that can assemble one clear image of an object by combining many partially blurry images; only those regions that are in focus are retained. They could also exploit software for high dynamic-range imaging that uses similar techniques to create one high-contrast photograph from images shot with a variety of exposures.
A Blind Defense Protecting ourselves against our overly communicative computers is much harder in some ways than defending against spam, phishing and viruses. There is no convenient software package one can install to dam the side channels. On the other hand, it is not clear that anyone is actively exploiting them. Backes and Kuhn say it is safe to assume that military organizations have used the techniques to gather intelligence, but they can cite no specific examples.
The blinds in Backes’s office were drawn as we discussed these possibilities, and curtains are one obvious way of frustrating a reflection thief. But Backes points out that it is naive to expect that people will always remember, or be able, to cover their windows. Although many laptop users apply “privacy filters” to their screens to protect against over-the-shoulder eavesdropping, these filters increase the brightness of the reflection on the viewer’s eyes, thus making the hacker’s job easier.
Flat-panel displays emit polarized light, so a polarizing film on a window could in principle block reflections from every screen in the room. In practice, however, this fix does not work. Small variations in the polarization angle of displays are common, and the resulting small mismatches let enough light escape that a good telescope can still make out the screen.
Compared with conventional forms of computer espionage, side-channel attacks do have a couple of major limitations, Kuhn notes. “You have to be close to the target, and you must be observing while a user is actively accessing the information. It’s much easier if you can instead convince someone to open an e-mail attachment and install malicious software that opens a back door to their entire system. You can do that to millions of people at once.”
For that reason, side-channel hacks are unlikely to become as common as spam, malware and other assaults through the network. Instead they will likely be used to infiltrate a few highly lucrative targets, such as the computers of financiers and high-level corporate and government officials. In these cases, side-channel leaks probably offer the easiest way to bypass elaborate network security systems and do it without leaving any trail that a security team could trace after the fact. Anecdotal evidence suggests such surveillance is already taking place. “Some people in investment banks cite cases where information has disappeared, and they are certain it wasn’t a traditional attack such as a software hack or the cleaning lady duplicating a hard disk,” Kuhn says. “But to my knowledge, no one has ever been caught in the act.”
This story was originally printed with the title "How to Steal Secrets without a Network"