The Daily Nerd (January 8th, 2014)
Table of Contents
The Daily Nerd (January 8th, 2014) #
Security researchers have successfully broken one of the most secure encryption algorithms, 4096-bit RSA, by listening — yes, with a microphone — to a computer as it decrypts some encrypted data. The attack is fairly simple and can be carried out with rudimentary hardware. The repercussions for the average computer user are minimal, but if you’re a secret agent, power user, or some other kind of encryption-using miscreant, you may want to reach for the Rammstein when decrypting your data. This acoustic cryptanalysis, carried out by Daniel Genkin, Adi Shamir (who co-invented RSA), and Eran Tromer, uses what’s known as a side channel attack. A side channel is an attack vector that is non-direct and unconventional, and thus hasn’t been properly secured. For example, your pass code prevents me from directly attacking your phone — but if I could work out your pass code by looking at the greasy smudges on your screen, that would be a side channel attack. In this case, the security researchers listen to the high-pitched (10 to 150 KHz) sounds produced by your computer as it decrypts data.
The NSA’s elite hackers can hijack your Wi-Fi from 8 miles away
Attendees at the Chaos Communications Congress in Hamburg this weekend got a surprising rundown of the NSA’s surveillance capabilities, courtesy of security researcher Jacob Appelbaum. Appelbaum, who co-wrote the Der Spiegel article that first revealed the NSA catalog, went into further detail onstage, describing several individual devices in the catalog and their intended purposes. Alongside pre-packaged exploits that allowed control over iOS devices and any phone communicating through GSM, Appelbaum detailed a device that targets computers through packet injection, seeding exploits from up to 8 miles away. He even speculated the exploits could be delivered by drone, although he conceded that in most cases, an unmarked van would likely be more practical.
