A Web-Based Modem

If you are beyond a certain age, you will recall when getting on the Internet was preceded by strange buzzing and squawking noises. Modems used tones to transmit and receive data across ordinary telephone lines. There were lots of tricks used to keep edging the speed of modem up until — at the end — you could download (but not upload) at a blazing 56,000 bits per second. [Martin Kirkholt Melhus] decided to recreate a modem. In a Web browser. No kidding.

We started to say something about a modem in the cloud, but that wouldn’t really be accurate. The modem uses the HTML 5 audio API, so it really runs in the browser. We would have been really surprised if [Martin] had cooked up a modem able to interact with a real modem, but as you might expect, the browser modem only communicates with other instances of itself. If you want a brief introduction to HTML 5 audio, you might enjoy the video below.

Still, the work is impressive and if you look at the code on GitHub, it isn’t as complicated as you’d expect. You can also check out a live demo. The tones reminded us of some of the multitone encodings that ham radio operators use, such as MFSK.

Although this might not be of great practical value for most people, it did make us think. A secure air-gapped computer with a speaker could broadcast out data using something like this with no more than a web page exploit. We wonder if you could shift the tones up high enough that most people couldn’t hear it? If you want to pull off a similar trick with an Arduino on one side, you can.

We covered how modem technology drove the modern phone landscape way back when. Of course, these days, a modem is more likely to connect to the Internet than the phone lines.

42 thoughts on “A Web-Based Modem

    1. Or completely on point if you want to do an attack to an air-gapped computer. No Internet for air-gapped you say – a lot of programs these days use HTML pages for documentation. Just embed this software to those pages.

      1. OK… You’re the malicious HTML manual-page and the “air gap” is a 2KM thick plain/pure concrete wall encircling you….
        Go talk to that wall and if it responds with words to you… then I’m gonna rethink my entire world view!

        in other words:
        Unless they left speakers and a microphone attached to their air-gaped PC…. even then wouldn’t they find “bleeeeeep blooooop aaa krshhhhhhhhhhhhhhh affffffffffffffffffff eeeeeeeeeeeeeee uuuuuuuuuuuuuu eeeeeeeeeeee uuuuuuuuuu” Just a little suspicious?

        1. I will just leave three links. Imagine what combining them together can do:
          http://smus.com/ultrasonic-networking/
          https://techcrunch.com/2017/09/06/hackers-send-silent-commands-to-speech-recognition-systems-with-ultrasound/
          https://nakedsecurity.sophos.com/2017/01/13/tor-users-at-risk-of-being-unmasked-by-ultrasound-tracking/

          Yes, you need a speaker on the attacked computer for that air-gap attack to work. But with these nice examples on the Internet, the attack can be done by a primary school children with interest in hacking.

  1. ATL3
    sets Highest speaker volume
    ATM2
    sets Speaker always on
    ATX0
    sets Do not look for dial tone or busy signal
    ATS11=50
    sets Duration of dialing tones to 50 milliseconds
    ATDT745084576293847271938474038282818293948484738291010293847575

      1. “supposed to”. I’ve seen saying yes and no. One saying crank down your speed to 9600 (14.4K is the fastest fax I’ve seen out there – not sure why they stopped there…), but even then it could be a crap shoot since transcoding can really make a mess of things. There’s T.38, but I haven’t tried that.

  2. Could this interact with a real modem? I don’t know if HTML5 can read from the microphone but it could conceivably generate the dial tone, receive an incoming modem signal and start requesting stuff over AJAX.

    1. “but as you might expect, the browser modem only communicates with other instances of itself.”
      Not quite. Think of it like a Virtual Machine, or at best a very abstract version of one of those redbox tone-dialers.

  3. This is a fun toy project, but people tend to underestimate what can be done using speaker and a microphone these days. I played quite a bit with gnuradio and you can recreate 2400-9600 bps link using standard modules in gnuradio-companion. You don’t even have to write any code. Start with a simple BPSK, when it works, PSK8, then maybe even QAM16.

    1. It’s not like someone setting up an air gapped computer doesn’t at some point use some sort of media on it or maybe even plug it into a network for initial software installation. That is how you get the html/javascript onto it. It’s not like “air gapped” computers get all there software by manual input to start with!

  4. I feel like dial-up speeds should be used as punishment. No ISDN bullshit either lol. Make em watch porn in realplayer or tug it to a cascaded pile of .gifs haha
    That was how it was…and we LIKED it (channeling my best Dana Carvey).

    1. ASCII PORN OR NOTHING!!!

      I maybe too young to have been around in those days… however that didn’t stop the experience via a 56K US-robotics modem… or
      causing my care-workers back in 1998 to have a massive phone bill for the amount of hidden downloading of questionably legal material… When I was only 9.

      Sssssh…. I probably still have a copy of the Anarchist cook book somewhere… Still yet to sort through that historic file collection or wipe it all, assuming it survived a few part-backups.

      1. Lol totally hear ya. One of my first job’s real perks was the printer. I had to recycle many 3 ring binders of old pheaking mags and urban exploring zines the last time we moved. Ah ASCII pr0n. An art form unto itself. Kinda like digital cave paintings haha.

  5. What he’s done is barely better than a late 1970s modem. He’s only implemented multi-frequency coding – very similar to DTMF or the Bell 201 300 baud standard. The historical phone line computer modems got much more complex very quickly moving to more efficient modulation schemes. I’m not sure it’s fair nor accurate to associate what he’s done with those technologies.

    Here is a great visual explanation of modem tones:

    1. He is MOdulating and DEModulating analog(audio) signals to pass information. The very name and definition of the devices in question. Its very fair and accurate to compare them.

      I suspect that overhead from the environment for HTML5 would make a “real” modem with modern modulation and speeds impossible.

  6. Data rates mayh be very low, but curious how you’d recognize it for what it was if say used as a means of low scale data exfiltration. Obviously better solutions exist.

    Another thought, if the ultrasonic bit works, similar to some recent claims of malware propagating that way, I bet Google and other advertisers will jump on this as a means of location tracking in stores. So much for disabling wifi/BT to prevent that when you leave the mic enabled in your browser for voice searching.

  7. Didn’t you all have the TI-99/4A with RF modulator, tape drive, speech synthesizer, 32KB memory expansion card and the good ol’ acoustic coupler that you had to actually put the phone on (I think they called it something different and man I forget and had to go online and look). Man, that was a 300 baud modem that I’m not finding the name. Seems like it had something with phone in the name or something different. I still have one toy box I haven’t dug into in 25+ years and I wonder if it’s still there.

    I think like most my toys… when I went away for my first B.S. they got thrown in the trash.

    1. Yes, the TI Telephone Coupler (Modem). Good call! http://aug.99er.net/peripherals.htm

      There used to be ways also to send data over regular pay phones though you’d have to have some sort of proto computer box thing. I don’t recall that being the same device that was used to make free calls using the Pay Phones… though there was something out there where you could slowly send data kind of like morse code though I don’t recall the code or device. I never used one of those… that was before my time.

      For some reason I get the thought where I recall my Dad putting my nephews on his lap and letting them hit the keyboard when they were infants. He’d chuckle because keyboards are cheep, they want to play like Grandpa and Dad-da and there are even some apps like “Baby Wow” for really young children now including infants. I’m not finding the app that came to mind though I did find this reference: http://www.ed-u.com/baby-wow-infant-software.htm (Easy enough to develop in a weekend I’m thinking).

      Get’s the future used to the sounds, images and devices so less intimidating and they can act like their adults to the best of their ability for the range in development life cycle. Neat, seeing the thin client and thick server operations applications compared to the olden days of thick client and thin server (I don’t think they were formally servers) I suppose you can say from a programmers perspective.

        1. Yes, Red Box, Blue Box and Black Box are all what I was thinking in regards to the devices to be able to make free calls. There was another device (though the “Box” devices do operated the same way in theory with exception of tone codes) that once a call was connected you could use the same idea of a coding method though only to send data like a FAX would be with Ham/Marine/Communications Radio with the pay phone acting as an acoustic coupler.

          I can’t find any references at the moment. Seems a few years back I recall reading where you can with a microphone, speaker and laptop.

          I don’t see why like this web based modem application, the same couldn’t be performed with a Smart Phone Application regarding compression of the message and the most time effective way to transmit for lowest size of data transfered to transmit a successful message maybe with error handling protocol also.

  8. I am amazed at what wonder my decade-old laptop could do. I just sent data from it to my pc browser through the Aduio API. In my excitement, I conducted a small test to see how far I can take it. I found 3 limitations:
    1. There can be no walls,etc. between them.
    2. The maximum range of detection was very low (lower than my HC-05 bluetooth module) but that was expected given the obstacles in my room.
    3. I read that the oscillator in any hardware has a lower and upper frequency limit. But the range is quite big. Nevertheless, two such devices transmitting very close together might disrupt each others data (did not try it out)

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s