用 SATA 界面產生的電磁訊號突破 Air Gap 限制傳輸資料
source link: https://blog.gslin.org/archives/2022/07/19/10806/%e7%94%a8-sata-%e7%95%8c%e9%9d%a2%e7%94%a2%e7%94%9f%e7%9a%84%e9%9b%bb%e7%a3%81%e8%a8%8a%e8%99%9f%e7%aa%81%e7%a0%b4-air-gap-%e9%99%90%e5%88%b6%e5%82%b3%e8%bc%b8%e8%b3%87%e6%96%99/
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
用 SATA 界面產生的電磁訊號突破 Air Gap 限制傳輸資料
在 Hacker News 首頁上看到「SATAn: Air-Gap Exfiltration Attack via Radio Signals From SATA Cables」這個,透過 SATA 界面產生的電磁訊號突破 Air Gap 限制傳輸資料,對應的討論在「SATAn: Air-Gap Exfiltration Attack via Radio Signals from SATA Cables (arxiv.org)」。
Although air-gap computers have no wireless connectivity, we show that attackers can use the SATA cable as a wireless antenna to transfer radio signals at the 6 GHz frequency band.
翻了一下論文裡面提到的距離,在 PC-1 上測試到 120cm,對應的 SNR 有 9db:
Table IV presents the signal-to-noise ratio (SNR) received with the three transmitting computers. The signal transmitted from PC-1 has a strength of 20 dB at 30 cm to 9 dB at 120 cm apart. The signal generated from PC-1 and PC-2 were significantly weaker, with 15 dB at 60 cm (PC-2) and 7 dB at 30 cm (PC-3).
另外大概是 PoC 的關係,只有簡單測一下是可行的 (對於真的有利用 air gap 的環境當作一種保護機制的威脅就夠大了),看起來沒有測極限可以跑多快:
We transmitted the data with a bit rate of 1 bit/sec, which is shown to be the minimal time to generate a signal which is strong enough for modulation.
關於反制的部份,這類的技術 (透過電磁訊號) 之前在其他的裝置上都有發生過,目前的 air gap 標準應該都有電磁訊號洩漏的防範了,這篇主要還是在展示 SATA 也可以這樣搞 XD
Related
Cloudflare 的 D1 (SQLite as a service)
在 Hacker News Daily 上看到 Cloudflare 推出了新產品 D1:「Announcing D1: our first SQL database」,在 Hacker News 上對應的討論在「D1: Our SQL database (cloudflare.com)」這邊可以看到。 就如同 Hacker News 上的討論提到的,這篇文章不像一般的 Cloudflare 文章會帶有很多技術上的說明 (尤其是在描述技術產品),這篇算是非常的行銷導向的文章,目前大家只能靠「猜」的去理解: For a Cloudflare article, this one is surprisingly light on technical details. And for the product where it most matters. 翻了一下這兩個屬名的作者,Rita Kozlov 是…
May 12, 2022In "Cloud"
立端科技的 IIoT-I530
因為工作的關係,所以會關注一些特殊的硬體,但好像暫時找不到地方放,就丟在 blog 上面記錄好了... 這次看到的是支援一堆 PoE+ 的機器:「Tiger Lake-U system features dual 2.5GbE and six PoE+ ports」。 除了 PoE+ 以外另外有 mSATA 與 SATA 支援,然後還有一堆 M.2 的界面可以接 (好像是走 PCIe): Lanner’s “IIoT-I530” embedded PC runs Linux on an 11th Gen U-series CPU and supplies with up to 64GB RAM, 2x 2.5GbE, 6x PoE+, 2x…
March 20, 2022In "Computer"
PostgreSQL 上對應 pt-online-schema-change 的工具 pg-osc
翻資料的時候翻到「pg-osc: Zero downtime schema changes in PostgreSQL」這篇文章,可以在 PostgreSQL 上做到類似 pt-online-schema-change 的事情,這邊先提一下 pt-online-schema-change 的說明: ALTER tables without locking them. 不管是 MySQL 還是 PostgreSQL,都會遇到 ALTER TABLE 常常會 lock 的問題,這點主要的影響就是 db migration。 在 dev 環境的機器應該沒什麼問題,資料量都不大,應該是很快就可以跑完;但在 stage 環境時就會開始有狀況了 (假設是從 production 複製過來的資料,表格的大小可能偏大),但應該還是可以用 downtime 換,慢慢跑,花幾個小時把 db migration 跑完。 可是到了 production 環境時就不太能這樣搞了,這也是一般不太建議在 production 環境裡用現成的 db migration 工具,尤其當資料量偏大的時候。…
June 29, 2022In "Computer"
Leave a Reply
Your email address will not be published. Required fields are marked *
Comment *
Name *
Email *
Website
Notify me of follow-up comments by email.
Notify me of new posts by email.
To respond on your own website, enter the URL of your response which should contain a link to this post's permalink URL. Your response will then appear (possibly after moderation) on this page. Want to update or remove your response? Update or delete your post and re-enter your post's URL again. (Learn More)
Post navigation
Recommend
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK