Non-Contact Microphone Monitoring Thwarts Eavesdropping
Software-defined radio runs a microphone monitor on a Raspberry Pi to listen out for the listeners.
Since it first became possible to “snoop” on people using microphone-enabled devices, there have been means of locating and squashing such “bugs.”
Traditional microphone bugs, such as the fun “FM bug” kits you could build from magazines as far back as the 80s, were easy for a bug-sweeper to locate, as they intentionally put out high-powered RF signals. Nowadays, we have many microphones lurking in the room, and we put them there ourselves – in our smartphones, tablets, laptops, and smart speakers. And they’re software-controlled, so, in the hands of a capable virtual intruder, they can be eavesdropped on without you even knowing that they’re active.
People have wizened up to potential camera snoops by investing in camera privacy shutters, or by simply closing laptops when they’re not in use, but, while that may make your camera blind, it doesn’t as effectively render your mic hard-of-hearing.
The project, developed by researchers at Yonsei University and the National University of Singapore, runs open-source GNU Radio software and a software-defined radio dongle plugged into a Raspberry Pi 4B.
Unlike old-fashioned bug swatters that detected high-powered radio transmissions in the room, “TickTock” picks up far weaker and less conspicuous signals, such as the clock signal used to drive the microphone board, telltale current spikes over a common ground, and signals and harmonics in the medium-to-high-frequency radio spectrum.
Although still just a prototype, the project demonstrates the kind of side-channel ingenuity one can realize using highly-sensitive modern radio chips.
If you’d like to read their full paper, and perhaps come up with SDR-enabled solutions of your own, you can download the PDF from arXiv here.
While it’s great to have white hat defenders coming to our aid, we’d best remember that the technology and techniques used here can also aid the darker side of signal sniffing – from quarters whose protagonists are somewhat less likely to publish their works. Stay vigilant!
Traditional microphone bugs, such as the fun “FM bug” kits you could build from magazines as far back as the 80s, were easy for a bug-sweeper to locate, as they intentionally put out high-powered RF signals. Nowadays, we have many microphones lurking in the room, and we put them there ourselves – in our smartphones, tablets, laptops, and smart speakers. And they’re software-controlled, so, in the hands of a capable virtual intruder, they can be eavesdropped on without you even knowing that they’re active.
People have wizened up to potential camera snoops by investing in camera privacy shutters, or by simply closing laptops when they’re not in use, but, while that may make your camera blind, it doesn’t as effectively render your mic hard-of-hearing.
Enter “TickTock”
Now, a Singapore-South Korea university collaboration has developed a Raspberry Pi-based proof-of-concept that targets microphones in digital devices, snooping on the snoops without any hardware or software integration.The project, developed by researchers at Yonsei University and the National University of Singapore, runs open-source GNU Radio software and a software-defined radio dongle plugged into a Raspberry Pi 4B.
Unlike old-fashioned bug swatters that detected high-powered radio transmissions in the room, “TickTock” picks up far weaker and less conspicuous signals, such as the clock signal used to drive the microphone board, telltale current spikes over a common ground, and signals and harmonics in the medium-to-high-frequency radio spectrum.
Although still just a prototype, the project demonstrates the kind of side-channel ingenuity one can realize using highly-sensitive modern radio chips.
If you’d like to read their full paper, and perhaps come up with SDR-enabled solutions of your own, you can download the PDF from arXiv here.
While it’s great to have white hat defenders coming to our aid, we’d best remember that the technology and techniques used here can also aid the darker side of signal sniffing – from quarters whose protagonists are somewhat less likely to publish their works. Stay vigilant!