In this talk, I will discuss electro-optical sound eavesdropping, i.e., how eavesdroppers can convert light to sound passively, externally, and in real time in order to recover speech from physical and virtual conversations by analyzing optical measurements obtained by an electro-optical sensor mounted to a telescope.
In the first part of the talk I will introduce "Lamphone" a novel side-channel attack for eavesdropping sound; this attack is performed by using a remote electro-optical sensor to analyze a hanging light bulb’s frequency response to sound. I show how fluctuations in the air pressure on the surface of the hanging bulb (in response to sound), which cause the bulb to vibrate very slightly (a millidegree vibration), can be exploited by eavesdroppers to recover speech from physical meetings.
In the second part of the talk I will introduce "Glowworm attack"; a novel TEMPEST attack for eavesdropping sound; this attack is performed by using a remote electro-optical sensor to analyze the intensity of a device's power indicator LED. I show how the optical correlation between the sound that is played by speakers and the intensity of their power indicator LED can be exploited by eavesdroppers to recover speech from virtual meetings.
At the end of the talk, I will discuss the limitations of the attacks, and provide a few insights regarding sound eavesdropping that will help us to answer the next question: Could it be that while Lamphone and Glowworm attacks were published during the last year, they are actually 30 years old?
I am PhD student at Ben-Gurion University of the Negev (BGU) and a former Google employee.
My research was presented at top conferences (S&P, CCS, BlackHat, RSA, Ubicomp, DEF CON) and was published in journals (TIFS), and was also covered by international media (Wired, ArsTechnica, Motherboard, Washington Post, Bloomberg, Business Insider).
I presented my work at prestigious venues including BlackHat USA 2020, CCS 2020, 40th IEEE Symposium on Security and Privacy, RSA Conference 2020, CyberTech TLV 2020, and IoT Village at DEF CON 26.