Report: Earphones Could Be Hijacked By Hackers

John Lister's picture

Security researchers say hackers could turn people's headphones into a microphone for surreptitious remote listening. However, the method has enough limitations that it shouldn't be a major concern for most users.

The method, shown off by researchers at Ben Guiron University in Israel, takes advantage of a very simple element of engineering. That is that the process by which a microphone turns speech into an electronic signal is effectively the same as that by which earphones turn a speaker into sound, just with the process reversed.

According to the researchers, that's a security risk when it comes to headphones and microphones which plug into dedicated audio sockets on a computer rather than USB sockets. They've found a vulnerability in the audio chips made by RealTek that are widely used on all types of computer.

Attack Captures Audio From 20 Feet Away

The vulnerability makes it possible for a hacker with remote access to a computer to reverse the function of an audio port, thus treating the speakers as if they were a microphone. The comparative quality and size of components in a microphone and headphones mean the quality isn't as good, but it's still possible to receive and record sounds. The hackers could then remotely access the audio recording.

The researchers say that in a test they were able to record audio of a person who was 20 feet away from the computer and still make out what they were saying on the recording. (Source: wired.com)

The good news is that exploiting the vulnerability in this way would be tricky to say the least, even leaving aside the fact that there's no evidence the details of how to reverse the audio function of the ports are public knowledge among hackers. (Source: engadget.com)

Success Far From Sure-Fire

Firstly, a hacker would have to gain remote access to a computer with enough control to not only alter the port settings, but also to make recordings and then send them over the Internet.

Secondly, the quality of the recording would likely vary depending on the quality of the headset. The researchers used well made Sennheiser earbuds in the test, while cheaper made components might be less likely to work well as a makeshift microphone.

Thirdly, the attack would only work in very specific circumstances, namely that the user connected the earphones to a dedicated audio socket rather than a USB socket, and that the speakers must be connected when not in use. The hackers would also need to deal with the problem that if the user tried to listen to audio through the headphones while the port function had been reversed, they'd likely assume they were faulty and could very well unplug them.

Given these limitations, the chances of such an attack would only be used as a way to target a specific individual whose conversations were highly sensitive. Even then, if the person's computer had been compromised to the point such an attack as possible, having their audio recorded might well be the least of their concerns.

What's Your Opinion?

Would you be at risk from such an attack given the limitations? Is it helpful for security researchers to highlight such problems even if they pose limited risks? Do you think there's a serious possibility of hackers exploiting these findings?

Rate this article: 
Average: 4 (4 votes)

Comments

Dennis Faas's picture

This is an interesting theory, though as the article mentions, very unlikely to happen. I have personally discovered well over 20 years ago (by mistake) that a headphone can be used as a microphone if the headphone was plugged into the microphone port of the sound card. And yes, you can still do it today.

However, to suggest that it is possible for some remote hacker to re-assign the purpose of the sound card ports seems -extremely- unlikely. That's because the ports themselves are hard-wired into specific components of the card, so to suggest that it is possible to simply 're-assign' them to work in reverse (to accept input rather than output) is nonsense. Furthermore, the proof of concept only affects certain sound cards, and only when not in use (when audio is not being played), and only when the speakers are plugged in, and only if your computer is compromised. So, meeting all of that criteria would be very, very difficult.