Smartphones: Hacking Weapons of the Future

The modern-day smartphone is stunningly versatile. In ad­dition to making phone calls, it serves as an all-in-one web browser, camera, audio recorder, or even a flashlight. In Jan­uary, Yale assistant professor of electrical engineering Jakub Szefer identified an additional — and potentially unwelcome — function. In collaboration with Stefan Katzenbeisser and Sebastian Biedermann at Technische Universität Darmstad, Szefer’s group has found that ordinary smartphones can be used to spy on a computer’s hard drive.

Most smartphones contain an accurate and precise magnetic sensor used for compass and GPS apps. Szefer and his collab­orators found that without any modification, this same sensor can detect the magnetic fields generated by a computer’s hard drive, revealing information about operations on the comput­er. Thus, a smartphone placed a few centimeters away from a target hard drive can be a tool for electronic eavesdropping.

Assistant professor of electrical engineering and computer science Jakub Szefer and his team have found that unmodified smartphones can detect magnetic fields emanating from a computer’s hard drive, which reveals information about files and applications. Image courtesy of Jakub Szefer.

Unlike more complex sensing equipment, the familiar and unassuming nature of a smartphone makes it a practical tool. Szefer explained that hackers might create malware to infect a phone — for instance, under the guise of a fake “compass” app that the user is tricked into downloading for free. Once infect­ed, the malware can launch an attack on the hard drive using the victim phone’s own magnetic sensor.

Szefer explained that the research not only reveals how an attacker might steal information, but also how to improve hard drive security. “It’s kind of fun to break things,” he said, “but another goal is to use that knowledge to design something that works better in the future.”

Everything that computers permanently store — documents, applications, even the operating system — is on a hard drive. Like the vinyl in a record player, spinning disks in a hard drive store information. A moving head, called the disk read-and-write head, swings across the disk to access the information.

Szefer and his collaborators found that a smartphone can detect the field generated by the system of electromagnets used to swing the head back and forth. Thus, by measuring fluctuations in the magnetic field, a smartphone can track the movement of the head and glean information about hard drive activity. “You can’t detect individual bits,” Szefer said, “but you can detect the motion pattern of the disk read-and-write head.”

Since the disk drive head moves predictably, Szefer’s team observed that tracking the magnetic fields of each activity yields a distinct fingerprint. Using a Samsung Galaxy phone to launch a test attack, the researchers were able to determine what operating systems and applications were booting up on a laptop. The phone reliably distinguished between three oper­ating systems and three browsers — all without removing the hard drive or otherwise tampering with the laptop.

Servers, such as those that occupy Facebook’s and Google’s massive data centers, are also potential targets for attacks. Sze­fer noted that servers are designed to be thin — a useful feature for stacking them compactly, but one that reduces the space between the hard drive and the outside of the server’s casing. Since a sensor can detect stronger magnetic fields if it is closer to their source, thinner servers are more vulnerable to attacks. “There’s always a lot of tradeoffs with different server designs,” Szefer said. “This work shows that from a security perspective, you might want a bigger server or different design.”

In fact, Szefer explained that there are a variety of methods for defending computers from smartphone attacks. One op­tion is to change the hardware — to increase the internal spac­ing, for instance, or modify the architecture to better shield the hard drive’s magnetic field.

A second strategy is to change the software, and thereby change the movement patterns of the disk head. For example, one could program a file’s location on the disk so that the head, when accessing it, moved as little as possible. Since magnetic fields result from the head’s motion, this limits the informa­tion that an attacker can gain.

Szefer and his collaborators plan to extend this project by using fixed magnetic sensors to collect more precise measure­ments and to understand how the field varies at different parts of the hard drive. This, he explained, will provide insight on how to make the hard drive more secure.

Additionally, his group plans to examine whether smart­phone attacks will work on solid-state drives, which are replac­ing hard drives in newer computer models. “The solid-state drive doesn’t have moving parts,” Szefer said. “But our pre­liminary work hints that there might be some issues, because anytime you have a current, you create a little magnetic field.”

By exposing a computer hard drive’s vulnerabilities, Szefer’s research seeks to gain a better understanding of how to defend it. “Some people make assumptions about whether things are secure or not secure,” he said. “We try to test those assump­tions in real life.”

Cover Image: The main components of a hard drive are a spinning disk, which stores the information, and a moving disk head, which swings across the disk to perform read and write operations. Image courtesy of Jakub Szefer.