Penetration Testing mailing list archives

Re: Covert Microphone Application

From: Ralph Forsythe <rforsythe () 5280tech com>
Date: Thu, 27 Jul 2006 21:03:39 -0600 (MDT)

On Thu, 27 Jul 2006, Matt Burnett wrote:

Wouldnt it just be a lot easier for you or your boss to disconnect the
microphone cable than going though some elaborate scheme to prove it
could possibly be done? If they can "ruled" any laptop at will then
couldnt they also get into your mail servers? Wouldnt anything that
would be discussed in your meeting generate followups in a email?

How are you going to disconnect the microphone cable when there isn't one?The mic is built into the laptop - you'd have to take the thing apart. Asan alternative, ram a bunch of epoxy in the mic hole(s); that would prettymuch muffle any noise it might record, IMO.

As for the task at hand, very easy as others have pointed out. Lots ofways to get into the system, especially in a corporate environment whereremote access is often enabled for tech support purposes. Bear in mindyou not only have to worry about people gaining access from the outside(which hopefully your network is secured against), but also an employeelooking to do something bad - particularly one with privileges for remoteaccess or ability to physically access the machine. Given that this *is*a conference room, uncontrolled physical access at some point is likelyunless this laptop always travels with someone.

There isn't a real good way to secure the network connection itself thatwouldn't be easily bypassed by anyone with physical access to the laptop,and given that pretty much any modern laptop will have a microphone on it,I think epoxy or fun with a set of screwdrivers is the only sure bet - ofcourse, this assumes someone doesn't bring their own machine into the roomfor a meeting, as people very often do (even more often if you have wi-fiaccess in there).

I just don't see any unequivocal method of making sure you're secureagainst this, unless you switch it to a desktop PC with no microphone portand ban laptops from entering the room. And then we get to the riskassessment and threat/vulnerability vs cost determination, which is reallywhat will define how far you're willing to go with this. Of coursesomeone can always stick a mic into the celing, or rig up any number ofother eavesdropping methods, so short of conducting meetings in a securedunderground bunker, you will have to live with the potential. Howeveryou're most definitely going to get a new laptop out of the deal, so runwith it!

Someone else remarked that we can't assume this system is even connectedat all. Actually it's a pretty logical step, since the original statementsaid "shiny new internet laptop". If it can surf the web, it's connectedat least some of the time. Not a huge leap of faith on that one...


- Ralph

On Thu, 27 Jul 2006, Matt Burnett wrote:

Wouldnt it just be a lot easier for you or your boss to disconnect themicrophone cable than going though some elaborate scheme to prove it couldpossibly be done? If they can "ruled" any laptop at will then couldnt theyalso get into your mail servers? Wouldnt anything that would be discussed inyour meeting generate followups in a email?


------------------------------------------------------------------------------
This List Sponsored by: Cenzic

Concerned about Web Application Security?Why not go with the #1 solution - Cenzic, the only one to win the Analyst'sChoice Award from eWeek. As attacks through web applications continue to rise,you need to proactively protect your applications from hackers. Cenzic has themost comprehensive solutions to meet your application security penetrationtesting and vulnerability management needs. You have an option to go with amanaged service (Cenzic ClickToSecure) or an enterprise software(Cenzic Hailstorm). Download FREE whitepaper on how a managed service canhelp you: http://www.cenzic.com/news_events/wpappsec.phpAnd, now for a limited time we can do a FREE audit for you to confirm yourresults from other product. Contact us at request () cenzic com for details.

------------------------------------------------------------------------------

Current thread:

Covert Microphone Application shiri_yacov (Jul 27)
- Re: Covert Microphone Application S.A.B.R.O. Net Security (Jul 27)
  - Re: Covert Microphone Application reden () sekure ch (Jul 27)
    - Re: Covert Microphone Application mikeiscool (Jul 27)
- Re: Covert Microphone Application Matt Burnett (Jul 27)
  - Re: Covert Microphone Application Thor (Hammer of God) (Jul 27)
    - Re: Covert Microphone Application mikeiscool (Jul 27)
    - Re: Covert Microphone Application Shreyas Zare (Jul 29)
  - Re: Covert Microphone Application Ralph Forsythe (Jul 27)
    - Re: Covert Microphone Application Tonnerre Lombard (Jul 29)
    - Re: Covert Microphone Application Volker Tanger (Jul 30)
    - Re: Covert Microphone Application Matt Burnett (Jul 31)
    - Re: Covert Microphone Application Aaron (Jul 31)
    - Re: Covert Microphone Application Matt Burnett (Jul 29)
- Re: Covert Microphone Application Kish Pent (Jul 27)
- Re: Covert Microphone Application David Bergert (Jul 27)
- Re: Covert Microphone Application Frank Knobbe (Jul 29)
- <Possible follow-ups>
- RE: Covert Microphone Application Shenk, Jerry A (Jul 27)
  - RE: Covert Microphone Application Miguel Valentin (Jul 27)

(Thread continues...)