Your Earbuds Can Be Made Into Microphones With Just A Bit Of Malware
from the mic-drop dept
Hyperconnectivity has many positive aspects for many of us, though there are negatives as well. One of the negatives that come along with connectivity is the idea that everything we love can be used to spy on us. Back when prevalent criminal hacking was in the arena of science fiction and broad government surveillance was limited to thematic elements in Orwell novels, the public fear over security exploits like this was limited. Given that the alphabet agencies continue to be shown to use our devices to spy on us, however, Americans likely look more warily at their favorite technology than they did a decade ago. Everything, it seems, is a vector for an invasion of your privacy.
Including, potentially, your headphones. Israeli researchers have shown how, with the aid of some malware, your headphones can be converted into microphones in order to listen in on whatever you happen to be doing.
Researchers at Israel’s Ben Gurion University have created a piece of proof-of-concept code they call “Speake(a)r,” designed to demonstrate how determined hackers could find a way to surreptitiously hijack a computer to record audio even when the device’s microphones have been entirely removed or disabled. The experimental malware instead repurposes the speakers in earbuds or headphones to use them as microphones, converting the vibrations in air into electromagnetic signals to clearly capture audio from across a room.
“People don’t think about this privacy vulnerability,” says Mordechai Guri, the research lead of Ben Gurion’s Cyber Security Research Labs. “Even if you remove your computer’s microphone, if you use headphones you can be recorded.”
And, just like that, I'll never look at my favorite set of earbuds the same way again. What this ultimately points out is that determined hackers will find creative ways to use our own devices against us. That isn't new. What is new seems to be the never ending reports of how devices, be they IoT devices or not, can be repurposed for nefarious ends. The use of all of this by our own government, as well as our government's request for backdoors built into technology, only increases the threat vectors for this type of thing.
This particular exploit relies on ubiquitous RealTek codec chips, which can be instructed by the malware used to switch an output channel to an input channel. Those chips are everywhere and there is no current method to secure them via a patch or update.
There’s no simple software patch for the eavesdropping attack, Guri says. The property of RealTek’s audio codec chips that allows a program to switch an output channel to an input isn’t an accidental bug so much as a dangerous feature, Guri says, and one that can’t be easily fixed without redesigning and replacing the chip in future computers.
Until then, paranoiacs take note: If determined hackers are out to bug your conversations, all your careful microphone removal surgery isn’t quite enough—you’ll also need to unplug that pair of cheap earbuds hanging around your neck.
When even our headphones are a potential enemy, the world has gone mad.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: earbuds, microphones, privacy
Reader Comments
Subscribe: RSS
View by: Time | Thread
>bad things happen
Do we really need a breathless report every time someone discovers something that can be done with a computer?
[ link to this | view in chronology ]
Re:
So, yes, it is important to know your gadgets can be turned into spying devices even if their original purpose would make even the most conspiracy nut among us believe otherwise.
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
Re: Re: Re:
I don't need the doom and gloom preface either. Especially since I generally engage in the doom and gloom outlook myself.
But some people DO need it. Wake up! That is the message.
From TFA . . .
No matter how paranoid and tin foil hat crazy sounding my concerns have been over the years, it always turns out that things are already worse than I imagined.
I DO NOT need to now be told of every example of new malware that can listen through my ear buds. The general purpose takeaway message is: unplug earbuds when not in use. Just as with the camera, put black tape over it when not in use. But I don't need to know about every new instance of web cam spyware.
I DO need to know about every new capability, such as using the earbuds as microphones.
[ link to this | view in chronology ]
Re: Re: Re: Re:
Honestly, if you're infected with malware there's a lot worse they can do than make a distorted recording of your heavy breathing.
[ link to this | view in chronology ]
Re: Re: Re: Re: Re:
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Re:
[ link to this | view in chronology ]
Re:
Most malware is installed without the users' knowledge.
- it should read:
>company installs malware on victims computer
>nothing bad happens to company
And this also is news, a bit repetitious but still news.
[ link to this | view in chronology ]
Re:
Your question:
"Do we really need a breathless report every time someone discovers something that can be done with a computer?"
Should be:
Do we really need a breathless report every time someone discovers something new that can be done with a computer?
ANSWER: Yes.
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
Re: Re:
Except, this isn't something new. Do we need a report every time some random person learns something?
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re: Re:
Based on my experience, I would recommend that when you fashion your aluminum headwear that you use TWO layers of tin foil rather than just one. This more than doubles the effectiveness. The reason is that a resonance effect develops between the two layers, at exactly double the frequency of the government's invisible brain lasers.
In addition, if you create two antennas on the top instead of one, it further increases the effectiveness by an additional 37 percent.
[ link to this | view in chronology ]
Re: Re: Re:
[ link to this | view in chronology ]
Re: Re: Re:
[ link to this | view in chronology ]
Re: Re: Re: Re:
https://en.wikipedia.org/wiki/Tin_foil_hat
"The notion that a metal foil hat can significantly reduce the intensity of incident radio frequency radiation on the wearer's brain has some scientific validity, as the effect of strong radio waves has been documented for quite some time.[6] A well-constructed aluminum foil enclosure would approximate a Faraday cage, reducing the amount of (typically harmless) radiofrequency electromagnetic radiation passing through to the interior of the structure. A common high school physics demonstration involves placing an AM radio on aluminum foil, and then covering the radio with a metal bucket. This leads to a noticeable reduction in signal strength."
[ link to this | view in chronology ]
Re: Re: Re: Re: Re:
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Re:
[ link to this | view in chronology ]
Not the most earth shattering discovery
remember when they could use a photo-detector to read the data going over a modem? Or power fluctuations in the power supply? Or a microphone to detect what you type into a keyboard?
[ link to this | view in chronology ]
Re: Not the most earth shattering discovery
Being marketed as a fitness device, the Microsoft Band's sensors included a heart rate sensor and skin galvanometer. "Their employees will have networked lie detectors strapped to them all day?"
[ link to this | view in chronology ]
Re: Re: Not the most earth shattering discovery
[ link to this | view in chronology ]
Re: Re: Re: Not the most earth shattering discovery
[ link to this | view in chronology ]
Re: Not the most earth shattering discovery
You type that as though it were no longer the case, nothing has changed in this regard as those are all still valid concerns even though the specific example might be outdated.
[ link to this | view in chronology ]
Re: Re: Not the most earth shattering discovery
Don't forget that if you use a CRT at night in a dark room, like back in the covered wagon days, a van on the street can capture the glow of the CRT on the wall or ceiling and re-create a fairly decent readable copy of what is on the CRT. It just takes a few guesses at the refresh rate and how many scan lines tall the screen image is.
Another thing. Suppose there is some subject that you are not supposed to see. It is in an area not exposed to public view. But part of the walls of the area are visible to public view. So you could capture the color of the light reflecting on one of those walls visible to the subject. Now suppose you could replace a light source in the secure area with digital projector such as used in a conference room. The projector would, like a flood light, project light upon the subject. But that light is a rectangular array of pixels. And it would illuminate the area, one pixel at a time, at high speed. Now it is possible to capture the reflected light on the wall, from a public area, and re-create what the light source can "see". The recreated image looks as though you "see" it as through the projector (eg "light bulb") as if it were a camera. I'm not sure of the practicality of this, but I know there was a good article about the success of the technique on Slashdot some years ago.
[ link to this | view in chronology ]
Re: Re: Re: Not the most earth shattering discovery
And there was that experiment with recording video of a potato chip bag and recreating a nearby conversation from its vibrations.
[ link to this | view in chronology ]
The long run
Don't wear headphones, you can't hear anything else (your phone is ringing).
Don't use speakers, it is likely you are violating someones perceived rights, if your not listening to a 'fully authorized, DRM infected' source. You old analog owners beware. Vinyl won't have protections for long, you will need a subscription to listen to those old albums (as stated in the 2025 copyright update passed by congress with a 98% approval and shrugged at by SCOTUS when sued as unconstitutional).
Have your hearing impaired so that you no longer need speakers of any kind, but then watch out for police who yell all kinds of thing at you that you won't hear, and then they will have an excuse to shoot you, because they don't care if you can't hear. Your failure to obey put their lives in danger. Oh, and no excuse for not recognizing their sign language expressed at 10,000,000 decibels (you think cops know the difference?), cuz it won't be a real argument, you will be dead. Not to mention lipreading those cops behind you, failure to turn around and intently read lips is a lethal offence.
This particular hack is really insipid, isn't it?
[ link to this | view in chronology ]
Re: The long run
[ link to this | view in chronology ]
I remember playing with headphones when I was a kid, 20 years ago, and turning them into a microphone. They're sucky mics, but they work.
[ link to this | view in chronology ]
Re:
It's a bad headline. The news is not that headphones/speakers can be made into microphones, it's that a computer's headphone jack can be made into a microphone jack. (Which isn't shocking either, if you've read some datasheets and thought about it, but isn't so obvious—for ex., as was pointed out on Bruce Schneier's blog, Snowden didn't mention it when demonstrating how to desolder the microphones on a smartphone to "go black".)
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
Re:
The specifics of the actual issue found are as follows:
"Their malware uses a little-known feature of RealTek audio codec chips to silently “retask” the computer’s output channel as an input channel, allowing the malware to record audio even when the headphones remain connected into an output-only jack and don’t even have a microphone channel on their plug"
So, the surprise here is that headphones plugged into a headphone jack can act as a mic without any user interaction to do that (such as plugging into a mic socket). Well, it's not actually a surprise that such a feature can be used by malware, but it's good to note that this feature and thus vulnerability exists.
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
Re: Re: Re:
[ link to this | view in chronology ]
Re: Re:
Years ago, weren't there devices, like a credit card reader, that connected to the phone only via the headphone jack?
[ link to this | view in chronology ]
Re: Re: Re:
On a phone that's a headphone+microphone jack, and you'll see the extra connection if you look at the plug on a headset (a TRRS plug with 4 parts: microphone, ground, right output, left output). But now we know that even a 3-connection TRS plug can capture audio.
Unplugging it probably isn't good enough: the phone has a built-in speaker to play ringtones, and that could be reversed too. Likewise, PCs generally have at least one built-in speaker for the BIOS beep, and laptops have speakers connected to the Realtek audio chip.
[ link to this | view in chronology ]
Re: Re:
Not all tech savvy people are audiophiles.
[ link to this | view in chronology ]
Re: Re: Re:
[ link to this | view in chronology ]
Re: Re: Re: Re:
[ link to this | view in chronology ]
Re: Re: Re: Re: Re:
I assume you're the model of maturity AC who lost his shit when I pointed our that not knowing the difference between Java and Javascript invalidated any arguments you wanted to make on their usage? The one who imagines grand conspiracies when a community tells him to stop being a prick?
Words mean things. If you're going to have argument using them, make sure you know what that is. Your inability to have an adult conversation without devolving into a sweary little child and your proud ignorance of language do not change this fact one bit.
[ link to this | view in chronology ]
Re: Re: Re: Re: Re:
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Re:
Stop assuming. You look like a fucking idiot.
"Words mean things. If you're going to have argument using them, make sure you know what that is."
That is why your an asshole, you've explained it perfectly. I read his comment once and knew what he was trying to say. Just because he didn't use the correct words, doesn't make his argument any less valid. Instead of giving him the benefit of the doubt, you took the opportunity to try and look superior. You are an asshole, plain and simple.
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Re:
Stop assuming. You look like a f*cking idi0t.
"Words mean things. If you're going to have argument using them, make sure you know what that is."
That is why your an a**hole, you've explained it perfectly. I read his comment once and knew what he was trying to say. Just because he didn't use the correct words, doesn't make his argument any less valid. Instead of giving him the benefit of the doubt, you took the opportunity to try and look superior. You are an a**hole, plain and simple.
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Re: Re:
We'll let the other readers of this site work out who looks like the idiot. I'll guess it's more likely to be the sweary child having a tantrum than the adult calmly telling them to stop making a scene.
"I read his comment once and knew what he was trying to say"
...and then spent time ranting because someone else didn't interpret it the same way. Even if you had the higher ground, you lost it the second you started typing this comment in the state you did.
Plus, again, even if he did simply misuse a word, the point he was making was still wrong. Having any specific audio expertise is irrelevant. Throwing a fit doesn't change that.
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Re: Re: Re:
Not ranting, pointing out your arrogance. I.T. Guy tried to say something, miss used a word, and you try to invalidate his entire statement instead of giving him the benefit of the doubt. It's bully behavior of the worst kind, intellectual. And instead of just apologizing and being cool about it, you double down on dumbass.
"Plus, again, even if he did simply misuse a word, the point he was making was still wrong. Having any specific audio expertise is irrelevant. "
No, your completely wrong. Understand how microphones, and and their associated equipment's hard and software works, is very much part of being an Audio Technician. There may be other un-releated jobs that require knowledge of such, sure. But he's not wrong. As art guerrilla noted below, there are many "tricks" Audio Technicians and Musicians utilize to produce or record sound using headphones and the headphone jack.
Being "tech savvy" does not make you an Audio Technician. That was what he was trying to say before you climbed up on your high horse and talked down to him.
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Re: Re: Re: Re:
No, I addressed what he actually said, not what he wished he said. If one of us is mistaken, I'm in the habit of addressing grown adults who are capable of laughing it off or bantering a little more, not whining like a little brat. But, then, there's you...
I will note that he hasn't returned, so you're assuming as much as I am. I will apologise if my slightly sarcastic comment didn't address what was in his head if he feels it wasn't correct. I won't apologise to the petulant fool who decided to dive in and display his lack of maturity, though.
"Understand how microphones, and and their associated equipment's hard and software works, is very much part of being an Audio Technician"
...among many other professions, hobbies and general living life in the modern world. Most people who know this fact probably learned it in school or at home. I was probably 8 when I learned of this fact, which I learned by observing what happened when I accidentally plugged the jack in the wrong place. After which, I used the headphones to record some amazingly bad audio to tape, which amused me for a few moments. Then, learning basic electronics in school educated me as to why it happened.
I'm amused to learn this automatically means I work in the field, however, especially since I've never so much as bought an actual microphone unless it was attached to a phone, laptop or headset. Which other professions do I have by making basic observations about the world around me, I wonder?
Stop digging, you've embarrassed yourself enough.
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Re: Re: Re: Re: Re:
That's a logic fail. He said "Understand [sic] how microphones... works, is very much part of being an Audio Technician". So if p (one is an audio technician) then q (one understands microphones). This does not imply that if q then p.
But maybe you were just joking.
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re:
I've been full on sarcasm since it was implied that audiophiles understood technology. I'm just keeping it up since some idiot decided to jump in and make it personal...
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Re: Re: Re: Re: Re:
Finally! Not that you care; but stopped reading right there. It really doesn't matter whats said after this point, although I'm sure the rest of your post is your typical self serving, name calling, finger pointing babble.
On I.T. Guys behalf, (again not that anyone cares) your apology is accepted.
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re:
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re:
He hasn't commented yet. I don't believe he authorised you as his personal representative here, although you seem to have taken that job up for some reason.
Next time, I think he might appreciate it if you did so without the childish sweary tantrum, though. I know I wouldn't want a raging moron representing me if I were him.
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re:
"Next time, I think he might appreciate it"
Looks like the job's already taken?
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Re:
"citation needed"
[ link to this | view in chronology ]
Re: Re: Re:
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
The specifics may vary depending on the exact hardware, but there's no reason to assume other jacks would be safer.
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
[ link to this | view in chronology ]
[ link to this | view in chronology ]
There is a simple way to block the attack, keep something playing on your earphones, as an attack would have to check for active use before switching to microphone mode, as silence would make the user investigate their earphones. You do not need to be listening to it, just keep the output mode occupied.
[ link to this | view in chronology ]
Re:
Most audio tracks would have occasional silence. Do we know how quickly this can be switched? It seems optimistic to assume it will be audible.
[ link to this | view in chronology ]
Re:
... Or unplug your earphones when they're not in use.
[ link to this | view in chronology ]
But:
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re: One of the negatives that come along with connectivity is the idea that everything we love can be used to spy on us
The negative, is that barrier to entry for managing the individual identity is increasing. IMHO the next evolution of porn blackmail, is just collective dirt brokering on every facet of an individuals life.
The only people who are going to be able to maintain any kind of reasonably untainted identity are those who've never done anything worth noting, and those who can pay large sums to clean up after themselves in the post epoch dirt market.
This will become a social class deliniating factor. Ultimately it will taint the pool of available leadership, just like formal aristocracy did in Britain. It might be fair to say that it already has, looking at the last electoral cycle.
[ link to this | view in chronology ]
Back to the point at hand. I don't know why these people are getting press. This is a a specific feature of many modern audio subsystems. It's ubiquitous on mobile SoCs (phone and tablet chips). It's used to automatically adapt to the incompatible plugs of mono earphones, stereo headphones, mono headsets (w/ mic) and stereo headsets. Some even support uncommon connections such as stereo microphones, digital audio, Rx/Tx serial connections, and combined optical digital audio (an optical fiber or IR LED/receiver on the very tip of the 1/8" plug).
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
An old hack
When I was a kid, I used to plug my headphones into the microphone socket of my cassette recorder and guess what I had then?
[ link to this | view in chronology ]
In fairness, headphones have been a potential enemy ever since physics was a thing.
The world becomes mad when our headphones become a viable enemy.
[ link to this | view in chronology ]
Except on my desktop when I'm playing video games, and I've got a mic plugged in anyway to talk to my gaming buddies. No need to get elaborate. But what you hear will probably not be terribly interesting unless you're a fan of Payday 2. And probably not then, either.
[ link to this | view in chronology ]