Bad BIOS and the Squeaky PC

Two recent stories about malware and cracking passwords have spurred the imaginations of security researchers. BadBIOS, which is the chupacabra of malware transmission, supposedly can jump an airgapped network by using the PC speaker to transmit a signal to a listening PC on another network. This week, security researchers listened to a squeaky hard drive as it decrypted a PGP encoded message and were able to discern the private key.

Both of these instances rely on the presupposition that physical security has already been breached. BadBIOS would require that a PC on a network has a listening microphone installed. The Squeaky PC relies on microphones too, plus a known cipher text to be decrypted.

But if you are going to breach physical security to steal passwords or transfer malware, both of these methods are dubious, rely on outlandish conditions, and have a very low probability of success. If you break physical security first, I find that pistol-whipping a user is 94% effective in forcing a user to divulge his passwords or to be willing to upload a virus or piece of malware. And its a lot cheaper, and no microphones are involved.

XKCD sums it up brilliantly here: