by Dan Moren
Security researchers intercept audio from power LED fluctuations
Ars Technica’s Jim Salter on a novel eavesdropping method devised by security researchers at Ben-Gurion University of the Negev:
The Cyber@BGU team—consisting of Ben Nassi, Yaron Pirutin, Tomer Gator, Boris Zadov, and Professor Yuval Elovici—analyzed a broad array of widely used consumer devices including smart speakers, simple PC speakers, and USB hubs. The team found that the devices’ power indicator LEDs were generally influenced perceptibly by audio signals fed through the attached speakers.
Although the fluctuations in LED signal strength generally aren’t perceptible to the naked eye, they’re strong enough to be read with a photodiode coupled to a simple optical telescope. The slight flickering of power LED output due to changes in voltage as the speakers consume electrical current are converted into an electrical signal by the photodiode; the electrical signal can then be run through a simple Analog/Digital Converter (ADC) and played back directly.
This isn’t something that most people need to worry about, thanks to several reasons outlined in the piece (the need for line of sight, the inability to capture any local audio, and so on), but it’s still kind of amazing to think about.