The monitor in use has no antennas or radios that I’m aware of. Does not connect to the internet. But possibly does have it’s own firmware, I’ve not looked into that yet. It’s at a private address, and is sometimes connected to one other computer. It is from a very reputable brand- OEM spyware seems unlikely in this instance. Only accepts VGA or HDMI. No USB ports, SD card readers, or other data inputs.
I’m not actually concerned at all in this instance, but for the sake of learning:
Discuss possible attack vectors associated with external monitors, and how VGA may or may not increase security compared to connection via HDMI.
Analog video such as VGA is vulnerable to Tempest monitoring (directional antennas and specialized equipment to view what is on screen remotely).
VGA connections are one way except for VESA EDID which reports monitor capabilities to the computer. Doubtful this could be used as an attack vector, but I suppose there might be bad EDID parsers out there.
HDMI includes two way channels (e.g. audio return, Ethernet in more recent versions). You might be able to block more recent capabilities in BIOS or by putting other devices in between the monitor and the computer, e.g. some HDCP strippers might inadvertently down level the HDMI version or (cheaper) two dumb converters hdmi<->dvi and dvi<->hdmi.
Generally with a “dumb tv” I don’t have too many worries that the TV/monitor is in the top 10 risks.
B
2 Likes
I want to add, that most digital monitors are vulnerable to Tempest too. It is a bit different in requiring software to attack instead of old television equipment, but the EM radiation is even higher from what i observed. Range differs with equipment, antenna, frequency, model of monitor and even displayed content. There is no way to tell how big the problem is without measuring it.
Any thing (peripheral, box, cable) that handles output from your machine should be viewed as mission critical hardware and if physically tampered by your adversary is able to extract data.
If your things are hooked up to network this opens the possibility for network fuckery (for example smart TV) and increases attack surface.
IMO having input ports like USB/SD card readers or something like that makes attacking devices arguably quick, but if your adversary has physical access, chances are he has plenty of other means to attack that can be deployed in seconds of unobserved access, like deploying cameras or microphones. Deployment of a mitm device in the output path may even be quicker than waiting for the monitor to boot and attack via USB, while giving the adversary the ability to use any hardware capabilities for example wifi that may not be present natively in the otherwise attacked device. Also such capture devices are compatible with standard ports like HDMI/VGA, while a USB exploit on monitors is very depended on actual device model and firmware version. More stealth, but much more costly.
3 Likes
that shit is fascinating.
1 Like