Tech Today w/ Ken May

Archive for October 13th, 2017

Researcher Turns HDD Into Rudimentary Microphone

Posted by kenmay on October - 13 - 2017

An anonymous reader writes from Bleeping Computer: Speaking at a security conference, researcher Alfredo Ortega has revealed that you can use your hard disk drive (HDD) as a rudimentary microphone to pick up nearby sounds. This is possible because of how hard drives are designed to work. Sounds or nearby vibrations are nothing more than mechanical waves that cause HDD platters to vibrate. By design, a hard drive cannot read or write information to an HDD platter that moves under vibrations, so the hard drive must wait for the oscillation to stop before carrying out any actions. Because modern operating systems come with utilities that measure HDD operations up to nanosecond accuracy, Ortega realized that he could use these tools to measure delays in HDD operations. The longer the delay, the louder the sound or the intense the vibration that causes it. These read-write delays allowed the researcher to reconstruct sound or vibration waves picked up by the HDD platters. A video demo is here. “It’s not accurate yet to pick up conversations, ” Ortega told Bleeping Computer in a private conversation. “However, there is research that can recover voice data from very low-quality signals using pattern recognition. I didn’t have time to replicate the pattern-recognition portion of that research into mine. However, it’s certainly applicable.” Furthermore, the researcher also used sound to attack hard drives. Ortega played a 130Hz tone to make an HDD stop responding to commands. “The Linux kernel disconnected it entirely after 120 seconds, ” he said. There’s a video of this demo on YouTube. Read more of this story at Slashdot.

Categories: reader

Enlarge (credit: Royal Australian Air Force) The Australian Cyber Security Centre noted in its just-issued 2017 Threat Report that a small Australian defense company “with contracting links to national security projects” had been the victim of a cyber-espionage attack detected last November. “ACSC analysis confirmed that the adversary had sustained access to the network for an extended period of time and had stolen a significant amount of data,” the ACSC report stated. “The adversary remained active on the network at the time.” More details of the breach were revealed on Wednesday at an IT conference in Sydney. ASD Incident Response Manager Mitchell Clarke said, “The compromise was extensive and extreme.” The attacker behind the breach has been internally referred to at the Australian Signals Directorate as ” APT Alf ” (named for a character in Australia’s long-running television show Home and Away , not the US television furry alien). Alf stole approximately 30 gigabytes of data, including data related to Australia’s involvement in the F-35 Joint Strike Fighter program, as well as data on the P-8 Poseidon patrol plane, planned future Australian Navy ships, the C-130 Hercules cargo plane, and the Joint Direct Attack Munition (JDAM) bomb. The breach began in July of 2016. A spokesperson for the US Department of Defense’s F-35 Joint Program Office confirmed the breach to Defense News , stating that the Office “is aware” of the breach. The spokesperson reiterated that no classified data was exposed. Read 7 remaining paragraphs | Comments

Categories: reader

WD is developing 40TB hard drives powered by microwaves

Posted by kenmay on October - 13 - 2017

Western Digital (WD) may have lost a bid to buy Toshiba’s flash memory technology, but is still hard at work on its bread-and-butter hard drives . The company has unveiled a breakthrough called microwave-assisted magnetic recording (MAMR) that will allow ever-higher disk capacities, up to 40TB by the year 2025. “Commercialization of MAMR technology will pave the way to higher recording densities and lower cost per terabyte hard disk drives, ” said VP of research John Rydning in a statement. If you’re wondering what microwaves have to do with hard drives, WD has a developed a new type of drive head called a “spin torque oscillator” that generates a microwave field. That allows data to be written to magnetic media at a lower magnetic field than with conventional disks, making it possible to pack more bits into the same space. “As a result, Western Digital’s MAMR technology is now ready for prime time, and provides a more cost-effective, more reliable solution, ” the company said in a technical brief , adding that “MAMR also has the capability to extend areal density gains up to 4 Terabits per square inch.” As with its current enterprise drives, WD’s MAMR drives will use helium instead of air to reduce internal turbulence. So how “ready for prime time” is it? Western Digital says MAMR-based drives for data centers will appear in the market starting in 2019, and it will produce 40TB 3.5-inch disks by 2025, with “continued expansion beyond that timeframe.” WD didn’t say what capacity early MAMR drives would pack, but it recently released its first 14TB drive via its HGST (formerly Hitachi) subsidiary, so we’d expect the MAMR variants to go beyond that. Mechanical hard disk don’t have nearly the speed or reliability of SSDs, but the cost per gigabyte is multiple times lower. That’s crucial for data centers and cloud storage firms, especially since data-hungry AI software is becoming more and more pervasive. Don’t expect to see MAMR drives in your local media backup (NAS) drives right away, but it should trickle down fairly soon, giving you enough storage for future 8K HDR videos . Source: Western Digital

Categories: reader

Hyatt Hotels has suffered a second card data breach in two years. In the first breach, hackers had gained access to credit card systems at 250 properties in 50 different countries. This time, the breach appears to have impacted 41 properties across 11 countries. Krebs on Security reports: Hyatt said its cyber security team discovered signs of unauthorized access to payment card information from cards manually entered or swiped at the front desk of certain Hyatt-managed locations between March 18, 2017 and July 2, 2017. “Upon discovery, we launched a comprehensive investigation to understand what happened and how this occurred, which included engaging leading third-party experts, payment card networks and authorities, ” the company said in a statement. “Hyatt’s layers of defense and other cybersecurity measures helped to identify and resolve the issue. While this incident affects a small percentage of total payment cards used at the affected hotels during the at-risk dates.” The hotel chain said the incident affected payment card information — cardholder name, card number, expiration date and internal verification code — from cards manually entered or swiped at the front desk of certain Hyatt-managed locations. It added there is no indication that any other information was involved. Read more of this story at Slashdot.

Categories: reader