Like us!
Follow us!
Follow us!
Watch us!
Follow us!

How Your Speakers Could Be Turned Into Eavesdropping Microphones

How Your Speakers Could Be Turned Into Eavesdropping Microphones

12-2016

Our Sponsors

By: Michael

How Your Speakers Could Be Turned Into Eavesdropping Microphones

Not only can your computer or phone camera be hijacked, but your microphone as well. Computers typically have two audio jacks: one for sound input when you record something or talk on a Skype call, and one for plugging in your headphones to listen to music or play games.

The microphones in your earbuds or headphones are two-way streets: it’s simple to switch them from devices you listen with into devices that listen to you. All you have to do is plug the earbuds or headphones into the microphone jack instead of the headphone jack, start up a recording app, and you can capture whatever sounds your earbuds-used-as-mics can hear.

There’s a hack that lets you switch jacks. An eavesdropper doesn’t even need to get at your earbuds: they can switch your output port into an input port and record you even without a mic attached to the PC. The vulnerability – called “jack retasking” – was reported by researchers at Ben-Gurion University of the Negev’s Cyber Security Research Center. They’ve dubbed it SPEAKE(a)R. Read PDF

They note that the reprogramming option is available on audio chipsets from Realtek, which are embedded in a wide range of modern PC motherboards. In fact, the researchers say the Realtek chips are so common that the attack works on practically any desktop computer, whether it runs Windows or MacOS, and most laptops, too, as Wired, a monthly tech magazine reports.

It’s not just Realtek, though; other codec manufacturers also support jack retasking. The researchers managed to use SPEAKE(a)R to retask a computer’s outputs to inputs, then to record audio even when the headphones are in the output-only jack or completely unplugged. After doing this, the team of researchers was able to record audio playing 20 feet across a room. The quality was good enough to distinguish the words spoken during the recording.

For more information, see YouTube tutorials on how to turn headphones into microphones and

YouTube demonstration: “SPEAKE(a)R: Turn Speakers to Microphones for Fun and Profit”.

Retasking or rejacking is not new. It is in the equipment’s technical specs. Most of today’s built-in sound cards can be used for more than one thing. Fortunately, almost no one seems to use it, or even know about it. There are no known attacks in the wild as of this writing.

For BBB tips for safer online computing, visit bbb.org/evansville where you can Start With Trust®.

bbb-tag_7469

Leave a Comment

Leave a Reply

Michael

Michael is our Business Information Specialist and will be writing at least one article per week for the consumer education blog. He works with accredited businesses to ensure we maintain current contact information and licensing. He is usually first to answer the phone; so odds are good you will be speaking with him when calling our office.