Researchers prove PC viruses can spread via microphones

When the so-called "badBIOS" virus was found in October, transmitting itself by audio broadcasts at inaudible frequencies, it seemed incredible - and now we have proof-of-concept.

Researchers have proven that it’s possible to transmit computer viruses via sound, confirming a controversial suspicion reported earlier this year that malware was mutating into strange, unexpected new forms.

Three years ago Dragos Ruiu, a computer security expert, discovered that several of his computers were infected with some kind of virus - and, even weirder, they were managing to talk to each other even when their Wi-Fi and Bluetooth connections were turned off. Disconnecting the ethernet and power cables didn’t work either. He physically removed the wireless cards from the machine and it didn’t have any effect on stopping the virus.

This was baffling. I’ll let Dan Goodin at ars technica explain why:

In the intervening three years, Ruiu said, the infections have persisted, almost like a strain of bacteria that's able to survive extreme antibiotic therapies. Within hours or weeks of wiping an infected computer clean, the odd behavior would return. The most visible sign of contamination is a machine's inability to boot off a CD, but other, more subtle behaviors can be observed when using tools such as Process Monitor, which is designed for troubleshooting and forensic investigations.

Another intriguing characteristic: in addition to jumping "airgaps" designed to isolate infected or sensitive machines from all other networked computers, the malware seems to have self-healing capabilities.

"We had an air-gapped computer that just had its [firmware] BIOS reflashed, a fresh disk drive installed, and zero data on it, installed from a Windows system CD," Ruiu said. "At one point, we were editing some of the components and our registry editor got disabled. It was like: wait a minute, how can that happen? How can the machine react and attack the software that we're using to attack it? This is an air-gapped machine and all of a sudden the search function in the registry editor stopped working when we were using it to search for their keys."

In October, Ruiu settled upon a hypothesis – this malware would first get onto a computer on an infected USB stick, where it would burrow into the machine’s BIOS (that’s the fundamental program that runs directly off its hardware). It would then take over the computer’s microphone and speakers and communicate with other computers by high-frequency sounds that humans can’t hear.

That’s right – computers that, literally, speak to each other.

It was such an unbelievable idea that, at first, many other experts has assumed Ruiu had made some fundamental mistake. Ruiu himself made it clear that his research needed to be peer-reviewed, it was such an extraordinary idea. The possibility that such a virus – which he dubbed “badBIOS” – is out in the wild is a worrying one for those who rely on air gaps to keep their machines clean.

Researchers from the Fraunhofer Institute for Communication, Information Processing, and Ergonomics in Germany have now provided some proof-of-concept that the mechanism Ruiu describes is possible. Using a program originally developed for transmitting information acoustically underwater, they managed to get computers exchanging inaudible broadcasts over distances of up to 65 feet, according to their paper in the Journal of Communications.

Importantly, it wasn’t just two computers talking, but also a demonstration of “how the scenario of covert acoustical communication over the air medium can be extended to multi-hop communications and even to wireless mesh networks”. That mesh network, where each computer talks to several others, would explain how Ruiu was unable to completely clear his lab of infected machines – each time he would wipe a machine then turn it back one, it would be infected by at least one of the remaining machines that had yet to be wiped.

The bandwidth of this method is incredibly small, only a few bits per second, which makes this a pretty useless tool for extracting large files from target machines. It would work well as a keylogger, though, noting down usernames and passwords. These could be used to give access for more traditional viruses.

It’s a fascinating find, although it still doesn't explain where on earth badBIOS came from – if it does exist – nor how it first infected Ruiu's computers. But, these days it isn’t unusual for the paranoid to stick tape across their webcam to stop hackers taking surreptitious pictures. Perhaps it may be wise to begin eyeing that uncovered microphone with equal suspicion.

A sound proofed room used by Bell Labs, 1947. (Photo: Getty)

Ian Steadman is a staff science and technology writer at the New Statesman. He is on Twitter as @iansteadman.

Photo: Getty Images/AFP
Show Hide image

Is Yvette Cooper surging?

The bookmakers and Westminster are in a flurry. Is Yvette Cooper going to win after all? I'm not convinced. 

Is Yvette Cooper surging? The bookmakers have cut her odds, making her the second favourite after Jeremy Corbyn, and Westminster – and Labour more generally – is abuzz with chatter that it will be her, not Corbyn, who becomes leader on September 12. Are they right? A couple of thoughts:

I wouldn’t trust the bookmakers’ odds as far as I could throw them

When Jeremy Corbyn first entered the race his odds were at 100 to 1. When he secured the endorsement of Unite, Britain’s trade union, his odds were tied with Liz Kendall, who nobody – not even her closest allies – now believes will win the Labour leadership. When I first tipped the Islington North MP for the top job, his odds were still at 3 to 1.

Remember bookmakers aren’t trying to predict the future, they’re trying to turn a profit. (As are experienced betters – when Cooper’s odds were long, it was good sense to chuck some money on there, just to secure a win-win scenario. I wouldn’t be surprised if Burnham’s odds improve a bit as some people hedge for a surprise win for the shadow health secretary, too.)

I still don’t think that there is a plausible path to victory for Yvette Cooper

There is a lively debate playing out – much of it in on The Staggers – about which one of Cooper or Burnham is best-placed to stop Corbyn. Team Cooper say that their data shows that their candidate is the one to stop Corbyn. Team Burnham, unsurprisingly, say the reverse. But Team Kendall, the mayoral campaigns, and the Corbyn team also believe that it is Burnham, not Cooper, who can stop Corbyn.

They think that the shadow health secretary is a “bad bank”: full of second preferences for Corbyn. One senior Blairite, who loathes Burnham with a passion, told me that “only Andy can stop Corbyn, it’s as simple as that”.

I haven’t seen a complete breakdown of every CLP nomination – but I have seen around 40, and they support that argument. Luke Akehurst, a cheerleader for Cooper, published figures that support the “bad bank” theory as well.   Both YouGov polls show a larger pool of Corbyn second preferences among Burnham’s votes than Cooper’s.

But it doesn’t matter, because Andy Burnham can’t make the final round anyway

The “bad bank” row, while souring relations between Burnhamettes and Cooperinos even further, is interesting but academic.  Either Jeremy Corbyn will win outright or he will face Cooper in the final round. If Liz Kendall is eliminated, her second preferences will go to Cooper by an overwhelming margin.

Yes, large numbers of Kendall-supporting MPs are throwing their weight behind Burnham. But Kendall’s supporters are overwhelmingly giving their second preferences to Cooper regardless. My estimate, from both looking at CLP nominations and speaking to party members, is that around 80 to 90 per cent of Kendall’s second preferences will go to Cooper. Burnham’s gaffes – his “when it’s time” remark about Labour having a woman leader, that he appears to have a clapometer instead of a moral compass – have discredited him in him the eyes of many. While Burnham has shrunk, Cooper has grown. And for others, who can’t distinguish between Burnham and Cooper, they’d prefer to have “a crap woman rather than another crap man” in the words of one.

This holds even for Kendall backers who believe that Burnham is a bad bank. A repeated refrain from her supporters is that they simply couldn’t bring themselves to give Burnham their 2nd preference over Cooper. One senior insider, who has been telling his friends that they have to opt for Burnham over Cooper, told me that “faced with my own paper, I can’t vote for that man”.

Interventions from past leaders fall on deaf ears

A lot has happened to change the Labour party in recent years, but one often neglected aspect is this: the Labour right has lost two elections on the bounce. Yes, Ed Miliband may have rejected most of New Labour’s legacy and approach, but he was still a protégé of Gordon Brown and included figures like Rachel Reeves, Ed Balls and Jim Murphy in his shadow cabinet.  Yvette Cooper and Andy Burnham were senior figures during both defeats. And the same MPs who are now warning that Corbyn will doom the Labour Party to defeat were, just months ago, saying that Miliband was destined for Downing Street and only five years ago were saying that Gordon Brown was going to stay there.

Labour members don’t trust the press

A sizeable number of Labour party activists believe that the media is against them and will always have it in for them. They are not listening to articles about Jeremy Corbyn’s past associations or reading analyses of why Labour lost. Those big, gamechanging moments in the last month? Didn’t change anything.

100,000 people didn’t join the Labour party on deadline day to vote against Jeremy Corbyn

On the last day of registration, so many people tried to register to vote in the Labour leadership election that they broke the website. They weren’t doing so on the off-chance that the day after, Yvette Cooper would deliver the speech of her life. Yes, some of those sign-ups were duplicates, and 3,000 of them have been “purged”.  That still leaves an overwhelmingly large number of sign-ups who are going to go for Corbyn.

It doesn’t look as if anyone is turning off Corbyn

Yes, Sky News’ self-selecting poll is not representative of anything other than enthusiasm. But, equally, if Yvette Cooper is really going to beat Jeremy Corbyn, surely, surely, she wouldn’t be in third place behind Liz Kendall according to Sky’s post-debate poll. Surely she wouldn’t have been the winner according to just 6.1 per cent of viewers against Corbyn’s 80.7 per cent. 

Stephen Bush is editor of the Staggers, the New Statesman’s political blog.