Janet Jackson song from 1989 declared a cybersecurity vulnerability for crashing...
source link: https://www.techspot.com/news/95671-janet-jackson-song-1989-declared-cybersecurity-vulnerability-crashing.html
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
Janet Jackson song from 1989 declared a cybersecurity vulnerability for crashing hard drives
Rhythm Nation doesn't send out good vibrations
By Rob Thubron Today 9:55 AMWTF?! "People of the world today, are we looking for a better way of life?" sang Janet Jackson on her 1989 hit Rhythm Nation, not knowing that the better way of life she was talking about didn't include certain hard drives. It's just been revealed that the song has the power to crash particular models of laptops, and it has now been recognized as a cybersecurity vulnerability.
As reported by The Reg, the strange tale comes from a Microsoft devblog by Raymond Chen. He writes that a colleague shared a story from Windows XP product support about how Jackson's track would crash certain models of laptops when it was played within proximity of the device.
It was discovered that the effect could be replicated on other laptops from multiple manufacturers, all of which shared a common feature; the same 5,400 RPM hard disk drive was found in the machines, which were popular sometime around 2005, or 16 years after Rhythm Nation just missed out on topping the Billboard Hot 100 chart.
Don't play this near any laptops from the mid-2000s
The problem is that the song contains one of the natural resonant frequencies for that particular hard drive model. It caused the HD platters to contact the drive head, resulting in a crash.
The laptop manufacturers addressed the problem by adding a custom filter in the audio pipeline that detected and removed the offending frequencies during audio playback. The phasing out of 5,400 RPM hard drives in laptops and the declining popularity of Jackson's song likely helped, too.
Nevertheless, the quirk was added to the register of Common Vulnerabilities and Exposures by The Mitre Corporation on August 17 and has been acknowledged by security vendor Tenable. Listed as CVE-2022-38392, it is described as "a certain 5400 RPM OEM hard drive, as shipped with laptop PCs in approximately 2005, allows physically proximate attackers to cause a denial of service (device malfunction and system crash) via a resonant-frequency attack with the audio signal from the Rhythm Nation music video."
In April last year, researchers at the Ben Gurion University in Israel demonstrated a technique called AiR-ViBeR that could steal data from air-gapped PCs—systems that are physically isolated with no online access—without being detected.
The proof-of-concept originated from the theory that it's possible to use vibrations produced by electromechanical components like a CPU, GPU, or case fans in combination with special malware that is able to encode the data to be transmitted through direct manipulation of the fan speed.
Recommend
-
7
Medium-sized update, with a number of improvements including dynamic scoping and some more debugging facilities. From the changelog: Fix some bugs with buffers. Add trace and...
-
20
Impressive title right? The following image is a "sneak peek" at the full implementation and the resultant system: To see it co...
-
3
Janet Jackson had the power to crash laptop computers Raymon...
-
6
Careful with that song! Microsoft shares crazy tale of Janet Jackson crashing Windows PCs...
-
6
Janet Jackson’s ‘Rhythm Nation’ apparently vibed too hard for some laptops The song would crash hard drives, thanks to physics By...
-
2
Janet Jackson song is now an official exploit for Windows PCs...
-
6
Janet Jackson's 1989 mega-hit 'Rhythm Nation' sonically smashes old hard drivesAndrew Tarantola·Senior Edi...
-
4
bad news for the residents of the rhythm nation — Old laptop hard drives will allegedly crash when exposed to Janet Jackson music Problem has been assigned an official CVE...
-
6
Get WIRED for just $29.99 $10. Subscribe Now...
-
7
...
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK