Leaking Data By Ultrasound

Human ears are capable of perceiving frequencies from roughly 20 Hz up to 20 kHz, at least when new. Correspondingly, our audio hardware is designed more or less to target these frequencies. However, there’s often a little extra capability at the upper edges, which [Jacek] shows can be exploited to exfiltrate data.

The hack takes advantage of the fact that most computers can run their soundcards at a sample rate of up to 48 kHz, which thanks to the Nyquist theorem means they can output frequencies up to around 24 kHz — still outside the range of human hearing. Computers and laptops often use small speaker drivers too, which are able to readily generate sound at this frequency. Through the use of a simple Linux shell script, [Jacek] is able to have a laptop output Morse code over ultrasound, and pick it up with nothing more than a laptop’s internal microphone at up to 20 meters away.

[Jacek] enjoys exploring alternative data exfiltration methods; he’s previously experimented with Ethernet leaks on the Raspberry Pi. Of course, with any airgap attack, the real challenge is often getting the remote machine to run the exfiltration script when there’s no existing remote admin access to be had. Video after the break.

Continue reading “Leaking Data By Ultrasound”

Faux Radar Uses Ultrasound & Python

Radars are simply cool, and their portrayal in movies and TV has a lot to do with that. You get a sweet glowing screen that shows you where the bad guys are, and a visual representation of your missiles on their way to blow them up. Sadly, or perhaps thankfully, day to day life for most of us is a little less exhilarating. We can make do with a facsimile of the experience instead.

The project consists of an Arduino Uno outfitted with an ultrasound module that can do basic range measurements on the order of tens of centimeters. The module is then placed on a servo and scanned through a 180 degree rotation. This data is passed back to a computer running a Python application, which plots the results on a Plan Position Indicator, or PPI – the sweeping display we’re all so familiar with.

While it’s unlikely you’ll be using such a setup to engage bandits, it could prove as a useful module for robot navigation or similar applications. We’ve seen ultrasonic transducers used for exactly that. Video after the break.

Continue reading “Faux Radar Uses Ultrasound & Python”

Contactless Doorbell Built To Avoid Coronavirus

It’s often said that necessity breeds creativity, and during a global pandemic such words have proved truer than ever. Realising the common doorbell could be a potential surface transmission point for coronavirus, [CasperHuang] whipped up a quick build.

The build eschews the typical pushbutton we’re all familiar with. Instead, it relies on an ultrasonic distance sensor to detect a hand (or foot) waved in front of the door. An Arduino Leonardo runs the show, sounding a buzzer when the ultrasonic sensor is triggered. In order to avoid modifying the apartment door, the build is housed in a pair of cardboard boxes, taped to the base of the door, with wires passing underneath.

It’s a tidy way to handle contactless deliveries. We imagine little touches like this may become far more common in future design, as the world learns lessons from the COVID-19 pandemic. Every little bit helps, after all. Video after the break.

Continue reading “Contactless Doorbell Built To Avoid Coronavirus”

Fear Of Potato Chips: Samy Kamkar’s Side-Channel Attack Roundup

What do potato chips and lost car keys have in common? On the surface, it would seem not much, unless you somehow managed to lose your keys in a bag of chips, which would be embarrassing enough that you’d likely never speak of it. But there is a surprising link between the two, and Samy Kamkar makes the association in his newly published 2019 Superconference talk, which he called “FPGA Glitching and Side-Channel Attacks.

Continue reading “Fear Of Potato Chips: Samy Kamkar’s Side-Channel Attack Roundup”

Wearable Cone Of Silence Protects You From Prying Ears

Careful,  the walls have ears. Or more specifically, the smart speaker on the table has ears, as does the phone in your pocket, the fitness band on your wrist, possibly the TV, the fridge, the toaster, and maybe even the toilet. Oh, and your car is listening to you too. Probably.

How does one fight this profusion of listening devices? Perhaps this wearable smart device audio jammer will do the trick. The idea is that the MEMS microphones that surround us are all vulnerable to jamming by ultrasonic waves, due to the fact that they have a non-linear response to ultrasonic signals. The upshot of that is when a MEMS hears ultrasound, it creates a broadband signal in the audible part of the spectrum. That creates a staticky noise that effectively drowns out any other sounds the microphone might be picking up.

By why a wearable? Granted, [Yuxin Chin] and colleagues from the University of Chicago have perhaps stretched the definition of that term a tad with their prototype, but it turns out that moving the jammer around does a better job of blocking sounds than a static jammer does. The bracelet jammer is studded with ultrasonic transducers that emit overlapping fields and result in zones of constructive and destructive interference; the wearer’s movements vary the location of the dead spots that result, improving jamming efficacy. Their paper (PDF link) goes into deeper detail, and a GitHub repository has everything you need to roll your own.

We saw something a bit like this before, but that build used white noise for masking, and was affixed to the smart speaker. We’re intrigued by a wearable, especially since they’ve shown it to be effective under clothing. And the effect of ultrasound on MEMS microphones is really interesting.

Continue reading “Wearable Cone Of Silence Protects You From Prying Ears”

Hackaday Links: January 5, 2020

It looks like the third decade of the 21st century is off to a bit of a weird start, at least in the middle of the United States. There, for the past several weeks, mysterious squads of multicopters have taken to the night sky for reasons unknown. Witnesses on the ground report seeing both solo aircraft and packs of them, mostly just hovering in the night sky. In mid-December when the nightly airshow started, the drones seemed to be moving in a grid-search pattern, but that seems to have changed since then. These are not racing drones, nor are they DJI Mavics; witnesses report them to be 6′ (2 meters) in diameter and capable of staying aloft for 90 minutes. These are serious professional machines, not kiddies on a lark. So far, none of the usual government entities have taken responsibility for the flights, so speculation is all anyone has as to their nature. We’d like to imagine someone from our community will get out there with radio direction finding gear to locate the operators and get some answers.

We all know that water and electricity don’t mix terribly well, but thanks to the seminal work of White, Pinkman et al (2009), we also know that magnets and hard drives are a bad combination. But that didn’t stop Luigo Rizzo from using a magnet to recover data from a hard drive. He reports that the SATA drive had been in continuous use for more than 11 years when it failed to recover after a power outage. The spindle would turn but the heads wouldn’t move, despite several rounds of percussive maintenance. Reasoning that the moving coil head mechanism might need a magnetic jump-start, he probed the hard drive case with a magnetic parts holder until the head started moving again. He was then able to recover the data and retire the drive. Seems like a great tip to file away for a bad day.

It seems like we’re getting closer to a Star Trek future every day. No, we probably won’t get warp drives or transporters anytime soon, and if we’re lucky velour tunics and Spandex unitards won’t be making a fashion statement either. But we may get something like Dr. McCoy’s medical scanner thanks to work out of MIT using lasers to conduct a non-contact medical ultrasound study. Ultrasound exams usually require a transducer to send sound waves into the body and pick up the echoes from different structures, with the sound coupled to the body through an impedance-matching gel. The non-contact method uses pulsed IR lasers to penetrate the skin and interact with blood vessels. The pulses rapidly heat and expand the blood vessels, effectively turning them into ultrasonic transducers. The sound waves bounce off of other structures and head back to the surface, where they cause vibrations that can be detected by a second laser that’s essentially a sophisticated motion sensor. There’s still plenty of work to do to refine the technique, but it’s an exciting development in medical imaging.

And finally, it may actually be that the future is less Star Trek more WALL-E in the unlikely event that Segway’s new S-Pod personal vehicle becomes popular. The two-wheel self-balancing personal mobility device is somewhat like a sitting Segway, except that instead of leaning to steer it, the operator uses a joystick. Said to be inspired by the decidedly not Tyrannosaurus rex-proof “Gyrosphere” from Jurassic World, the vehicle tops out at 24 miles per hour (39 km/h). We’re not sure what potential market for these things would need performance like that – it seems a bit fast for the getting around the supermarket and a bit slow for keeping up with city traffic. So it’s a little puzzling, although it’s clearly easier to fully automate than a stand-up Segway.

How Safe Is That Ultrasonic Bath For Flux Removal?

How do you clean the residual flux off your boards? There are plenty of ways to go about the job, ranging from “why bother?” to the careful application of isopropyl alcohol to every joint with a cotton swab. It seems like more and more people are turning to ultrasonic cleaners to get the job done, though, and for good reason: just dunk your board and walk away while cavitation does the work for you.

But just how safe is it to sonically blast the flux off your boards? [SDG Electronics] wanted to know, so he ran some cleaning tests to get to the bottom of things. On the face of it, dunking a PCB in an aqueous cleaning solution seems ill-advised; after all, water and electricity famously don’t mix. But assuming all the nooks and crannies of a board can be dried out before power is applied, the cleaning solution itself should be of little concern. The main beef with ultrasonic cleaning seems to be with the acoustic energy coupling with mechanical systems on boards, such as crystal oscillators or micro-electrical-mechanical systems (MEMS) components, such as accelerometers or microphones. Such components could resonate with the ultrasonic waves and be blasted to bits internally.

To test this, [SDG Electronics] built a board with various potentially vulnerable components, including the popular 32.768-kHz crystal, cut for a frequency quite close to the cleaner’s fundamental. The video below goes into some detail on the before-and-after tests, but the short story is that nothing untoward happened to any of the test circuits. Granted, no components with openings as you might find on some MEMS microphones were tested, so be careful. After all, we know that ultrasound can deal damage, and if it can levitate tiny styrofoam balls, it might just do your circuit in.

Continue reading “How Safe Is That Ultrasonic Bath For Flux Removal?”