zlacker

[parent] [thread] 6 comments
1. Y_Y+(OP)[view] [source] 2025-12-06 16:04:09
just fan noise?

https://arxiv.org/abs/1606.05915

Any signal that you can modulate can be an exfiltration channel, and fan noise is no different.

replies(2): >>ndsipa+o3 >>overfe+Pm
2. ndsipa+o3[view] [source] 2025-12-06 16:29:32
>>Y_Y+(OP)
I wonder if that's feasible in a room filled with many servers and fans going?
replies(1): >>runjak+Y8
◧◩
3. runjak+Y8[view] [source] [discussion] 2025-12-06 17:14:02
>>ndsipa+o3
Yes, just modulate the fan noise on the transmitter, and apply a filter on the receiver.
replies(1): >>faidit+A51
4. overfe+Pm[view] [source] 2025-12-06 19:04:54
>>Y_Y+(OP)
> Any signal that you can modulate can be an exfiltration channel, and fan noise is no different.

This KVM has HDMI input and can directly emulate USB mass storage; fan-modulation is the lowest-bandwidth (side-)channel available to the attackers.

replies(1): >>nine_k+4s
◧◩
5. nine_k+4s[view] [source] [discussion] 2025-12-06 19:47:46
>>overfe+Pm
You can exfiltrate data from a machine which is not connected to the KVM. A high-security machine may be even air-gapped most of the time, but be physically nearby.
replies(1): >>close0+Zw
◧◩◪
6. close0+Zw[view] [source] [discussion] 2025-12-06 20:31:24
>>nine_k+4s
I don’t think too many of these devices will end up in server rooms as opposed to home labs. And the ones that do end up in a datacenter are very unlikely to be allowed to ever reach the internet.

If the microphone was used for exfiltrating data, it would work against random targets that happened to let the KVM connect to the internet, and who have a nearby machine infected with some malware. That kind of non-targeted attack can be damaging but is semi-useless to the attacker.

◧◩◪
7. faidit+A51[view] [source] [discussion] 2025-12-07 02:00:51
>>runjak+Y8
Doesn't being able to modulate the fan presume you already control the target device?
[go to top]