New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Crash Your Neighbor's Laptop by Playing Janet Jackson Music (No Kidding!)
Play Janet Jackson's song "Rhythm Nation" near a vulnerable laptop, and you can crash its internal drive:
https://devblogs.microsoft.com/oldnewthing/20220816-00/?p=106994
Yes, this vulnerability was assigned a CVE number:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38392
I read a report about this, where the author suggested playing the music at a "Capture the Flag" hacking competition. You might get lucky and take down a competitor's older model "burner laptop" there.
Comments
The manufacturer discovered the problem and added an audio filter to protect their systems. I wonder if they told the HDD manufacturer or the rest of the industry, or just quietly enjoyed the competitive advantage.
Heck, I'd be sponsoring TV ads blasting that song at every turn...
I guess you could test this with looping these wav files approximately at the frequency they think triggered the event
data:audio/x-wav;base64,UklGRv////9XQVZFZm10IBAAAAABAAEAQB8AAP////8BAAgAZGF0Yf////////////////////////////////////////////////////////////////////8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=
or
data:audio/x-wav;base64,UklGRv////9XQVZFZm10IBAAAAABAAEAQB8AAP////8BAAgAZGF0Yf///////////////////////////////////////////////////////////////////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
And here is an interesting read
https://everything2.com/title/7+hertz+-+the+resonant+frequency+of+a+chicken%27s+skull
I would enjoy this a bit too much
This is officially my new favorite thing.
If I were going to sponsor a TV ad, my audio soundtrack would be: "Alexa, make a $1000 donation on emg's website!"
More research is needed on this important new technology.
Imagine a drone blaring Taylor Swift songs that knocks out Iranian nuclear centrifuges…
And what if Amazon engineers a song that can knock out Azure blob storage?
STUXNET was distributed through a signed RealTek audio driver. If you can find an underdamped resonant frequency (high quality factor), you can theoretically add energy until it has a catastrophic failure.
Life in 2022: I want to hear the song just because it's in the news, but I know if I do, it'll pollute all the algos and I'll have to endure a spate of music recommendations I don't like, so I'm launching a private browser rather than use the convenient app on my phone.
Also Life in 2022: It wasn't worth the effort.
Back in the day we kids called it janetrolling.
Plot twist: the Microsoft blogger's colleague messages him, "dude, I was just fucking with you, I can't believe you believed me".
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38392
Why does it have a 2022 CVE number when it happened a long time ago? Since a hardware manufacturer implemented a workaround, this would have been known well before Raymond Chen's post. 🤔
Just clicking on your own link:
I saw that... I guess I meant why was the CVE number allocated or reserved in 2022?
At a guess, the drive manufacturer may have known about it, the laptop manufacturer may have known about it, Microsoft may have known about it (if they support the audio driver), but none of them might announce it publicly due to NDAs or worry that it would affect reputation, or even actually increase awareness of this so that other people could target affected PCs remotely.
The fix described only stops a machine destroying itself, if the resonant frequency can also be a problem with external sources, short of a massive product recall, there's no real fix, so in the case where there's no workaround, it's probably best not to make the vulnerability public knowledge.
Also publicly announcing it could open them up to a class action lawsuit, but if they keep quiet and it's never discovered then very few of those drives will ever die from this cause.
so theoretically this should work with Windows XP and below
rundll32.exe Kernel32.dll,Beep 83,20000
or
rundll32.exe Kernel32.dll,Beep 82,20000
This, but something gayer.
As others have pointed out in more serious discussion, this is all bullshit. The CVE references the blog which references the CVE. Circular circle jerk. No laptop manufacturer, no hard drive manufacturer, no resonant frequency or details other than the blog making vague second hand info, which is also silly. It's like an April fools joke that escaped the 1st.
I don't have the link on my phone, but there's a good twitter post showing the audio levels (> 105db pressure) and length of time to cause an issue (45+ seconds) as done in proper studies, let alone catastrophic damage.
I understand why people are ignoring the half dozen red flags and just going for the Janet lulz, but it's disappointing when people buy this.
The obvious thing to anyone who's worked in a large company would know the laptop manufacturer wouldn't redesign their product to filter out said frequency on playback (that doesn't solve the problem as described that just being exposed to the songs caused it to happen). It's a hard drive defect if it can't handle the vibration/shock specs. That's the HDD MFG's problem to deal with. If the laptop is exceeding those vibration specs (which would be a problem for any HDD), then the laptop MFG would add rubber dampeners OR JUST CHANGE THE HDD MODEL. It's literally that simple. We don't even need to get into human hearing vs mics and speakers or that 2000's laptop speakers will typically be garbage. A Janet filter? Jesus Christ, Chen, stick to software.
Anyway, someday there will be a blog update saying, "sorry guys, as thousands have messaged me, my colleague was probably joking with me".
Edit: fuck it, I found it. https://mobile.twitter.com/thebigfatj/status/1560353265652580352
So theoretically a piezo electric speaker affixed to the motherboard/chassis could affect read/write throughput.
https://www.ic.unicamp.br/~celio/mc404s102/pcspeaker/InternalSpeaker.htm
Turns out that just yelling at your servers (assuming spinning disk) can cause issues: