Ethernet Cable Turned Into Antenna To Exploit Air-Gapped Computers

Good news, everyone! Security researcher [Mordechai Guri] has given us yet another reason to look askance at our computers and wonder who might be sniffing in our private doings.

This time, your suspicious gaze will settle on the lowly Ethernet cable, which he has used to exfiltrate data across an air gap. The exploit requires almost nothing in the way of fancy hardware — he used both an RTL-SDR dongle and a HackRF to receive the exfiltrated data, and didn’t exactly splurge on the receiving antenna, which was just a random chunk of wire. The attack, dubbed “LANtenna”, does require some software running on the target machine, which modulates the desired data and transmits it over the Ethernet cable using one of two methods: by toggling the speed of the network connection, or by sending raw UDP packets. Either way, an RF signal is radiated by the Ethernet cable, which was easily received and decoded over a distance of at least two meters. The bit rate is low — only a few bits per second — but that may be all a malicious actor needs to achieve their goal.

To be sure, this exploit is quite contrived, and fairly optimized for demonstration purposes. But it’s a pretty effective demonstration, but along with the previously demonstrated hard drive activity lights, power supply fans, and even networked security cameras, it adds another seemingly innocuous element to the list of potential vectors for side-channel attacks.

[via The Register]

Modern Technology For An Ancient Contest

Certamen is a special class of  high school quiz bowl tournament that’s focused solely on the classics. No, not Austen and Dickens, the actual classics. All the questions are about stuff like ancient Greek and Roman civilization and culture, classical mythology, and the finer points of Latin grammar. Like any other quiz bowl, the contestants use buttons to buzz in and answer the questions.

To win at Certamen, a team needs more than just a vast working knowledge of classical antiquity. They also have to be fast on the buzzer. The best way to do that is to practice with official equipment. But this is Hackaday, so you know what comes next: all the ones you can buy cost five times more than they should, so [arpruss] made an awesome open-source version for a fraction of the cost.

The practice machine consists of 12 arcade-style buttons connected to a control box. An Arduino Mega in the control box records the order of button presses as they arrive and displays a corresponding code on an LCD. A toggle switch selects between Certamen mode, where one button press locks out the rest of the team, and a Quiz mode with no lockout.

Our favorite thing about this build is the way [arpruss] took care of managing long cables, which was one of his main must-haves. The buttons are wired to the control box with Cat6 in three groups of four—one cable per table, one pair per chair. Our other favorite thing is the Easter eggs. Hold down the clear button on the control box when the system is booting and one of two things happens: either the buttons band together and turn into piano keys, or some Latin poetry appears on the screen.

[arpruss]’s 3D-printed buzzer bases look pretty slick. If Certamen practice ever starts to get out of hand, he might consider more robust packaging, like these Devo hat buttons.

Is Your Cat 6 Ethernet Cable Cat 6? Probably Not.

Though we’ve never used their cables, [Blue Jeans Cable] out of Seattle, WA sure does seem to take the black art of cable manufacture seriously. When they read the Cat 6 specification, they knew they couldn’t just keep building the cables the way they used to. So they did some research and purchased a Fluke certification tester for a measly 12,000 US dollars. While they were purchasing the device, they ran across an interesting tidbit in the fluke knowledge base. Fluke said that 80% of the consumer Cat 6 cables they tested didn’t begin to meet the Cat 6 specification.

This is the part where [Blue Jeans Cable] earns our respect; like good scientists, they set out to replicate Fluke’s results. Sure enough, 80% of the Cat 6 cables they tested from big box stores etc. failed the specification. More surprising, many of them didn’t even pass the Cat 5e specification. [Blue Jeans Cable] asserts that this is possible because the Ethernet cable specification is policed via the honor system, allowing manufacturers to be fairly brazen about what they label as Cat 6.

Fail Of The Week: Cat6 != Coax

With a new Kenwood 5.1 receiver acquired from questionable sources, [PodeCoet] had no way to buy the necessary coax. He did have leftover Cat6 though. He knew that digital requires shielded cable, but figured hacking a solution was worth a try.

HAD - Coaxfail4To give hacking credit where credit is due, [PodeCoet] spent over a decade enjoying home theatre courtesy of a car amp rigged to his bench supply. Not all that ghetto of a choice for an EE student, it at least worked. To hook up its replacement he pondered if Cat6 would suffice, “Something-something twisted pair, single-sideband standing wave black magic.” Clearly hovering at that most dangerous level of knowledge where one knows just enough to get further into trouble, he selected the “twistiest” (orange) pair of wires in the cables. Reasonable logic, one must select the strongest of available shoelaces for towing a car.

Continue reading “Fail Of The Week: Cat6 != Coax”