I assume they didn't intend to put a mic on the KVM product, but they wanted to make a KVM product, already had this SBC product, which reusing their existing stock of helped keep cost low.
Should they have been more up front about it it? Sure, and it's not great that they had a bunch of security issues in the FW anyway, so not exactly great, but "hidden microphone in a Chinese KVM" lets the mind wander
You might be right but I think we cannot assume malice when it could be laziness.
It might be that the exact same board has multiple target audiences and they just rebrand it for different purposes with different pricing.
That said, the microphone is so weirdly positioned that it gets suspicious indeed.
It doesn't strike me as that useful to have a hidden microphone in a KVM product as most of the time, they're going to be stuck in server rooms with just lots of fan noise to record.
Far more of an issue would be any kind of keylogger built into the software, which is why it's best to go for devices that support open source software.
I take an especially perverse mind to keylog using audio on a KVM, though. The KVM basically has access to everything, any secondary spying using a microphone or a camera would provide very little added value.
A long time ago (maybe in the mid-90s) I knew an elderly radio amateur who could not just "copy" CW by ear, but also RTTY. He could also pretty much tell what a teleprinter was printing just by listening to the noises it made, like he'd be facing away from it on the other side of the room reading out entire words from what was coming through.
Apparently in the 50s when he did his National Service he'd been in the Signals but "not in the regiment that's on his papers", make of that what you will.
I have noticed that with PSK modes and particularly PSK31 you can hear "CQ CQ CQ" as a distinctive pattern much in the same way as it is with CW.
IBM spent a fortune developing ATM keypads that - when correctly mounted - had keys that made the exact same noise no matter how you pressed them or how worn they were.
So I don't doubt that someone suitably clever could extract audio from a room and work out what was being typed.
Maybe. They were necessarily very cagey about it back then, but I might have some documentation kicking about in storage. I tended to keep copies of every service manual I could get my hands on back then.
> You can start with your iPhone - last year Apple has agreed to pay $95 million to settle a lawsuit alleging that its voice assistant Siri recorded private conversations. They shared the data with third parties and used them for targeted ads. “Unintentionally”, of course! Yes, that Apple, that cares about your privacy so much
the clickbait title makes sense after reading this paragraph
I recently discovered a similar concerning security issue with my KVM. In my case it was a pretty standard KVM for multiple machines to share a keyboard, mouse, and screen but also Ethernet. One day while looking at my home network I noticed the KVM had its own IP and was transferring GBs of data everyday. I quickly blocked it from my network. But having used it for a number of months I worried that with screen capture and access to all my input devices, someone could have gotten access to pretty much everything I use. I wasn’t able to figure out if any data was actually being sent off my network and I really didn’t want to put myself in any more risk so I just threw it in an electronics recycling bin. Pretty scary what a network connected KVM could maliciously do.
Why did you not just login to the device, and switched off "Broadcast to multicast", or changed the destination address?
Edit: Some brands of Network-KVM use this, so that you can control the target device from another device, like e.g. an App on a tablet. That way you don't have to stand next to the target device in the noisy and cold machine room
Shame you threw it away. It would have been useful to collect the traffic with Wireshark and share that with info about the device in a post or a blog for others to investigate and be warned about that brand and model.
A kvm that requires Chinese dns servers? Just the fact it KvM over Ethernet should set off alarm bells from here till next Thursday. I would have a hard time trusting an internet based kvm.
> But what additionally raised red flags was the presence of tcpdump and aircrack - tools commonly used for network packet analysis and wireless security testing. While these are useful for debugging and development, they are also hacking tools that can be dangerously exploited.
Must be another AI slop article. Stop feeding your writings into GPT & co to turn into extra long nonsense.
systemd is so resource hungry that i'm sure they removed it to reduce the RAM bill. Apt... why install apt if the distro has a different means of updating?
2. While these are useful for debugging and development, they are also hacking tools that can be dangerously exploited.
This is purely fear mongering. Even the shell could be a "hacking tool that can be dangerously exploited". Let's remove the shell too.
There are some legitimate complaints in the article, like the use of the same key on all installs. The rest looks more like fear mongering and security theater.
Including the microphone. What were they supposed to do, desolder it manually and add $10 to the price of each device?
I don't see the article complaining that a PiKVM has so many unused peripherals when used as a KVM. To go in the spirit of item #2, the usb ports could be used as "dangerous hacking tools" so you should desolder your usb ports from a Pi used as a KVM, right?
What an amazing device, but also the price is incredible. This kind of device would have been such a game changer 15 to 20 years ago. Thank you for the detailed security analysis. At least the developers are responsive, that does seem like a green flag.
"NanoKVM-Cube hardware is built on the LicheeRV Nano platform. To coordinate production and maintain consistency with the LicheeRV Nano for the SMT project, the hardware retains the display, touch, MIC, and amplifier circuits. To address potential privacy concerns, versions 2.2.6 of the application and 1.4.1 of the firmware and above will remove the relevant drivers. We will also eliminate these components in future productions."
From a hardware point of view I've also noticed that speakers work like poor microphones (and LEDs like poor solar panels / light sensors), but is there any way to actually make this work on most devices without physically changing wiring? If the circuits aren't made to take measurements (or the software can't get at the readings) but only set a voltage on the wires, there wouldn't be a way to (ab)use this. I don't know enough about electronics to know whether this is commonly the case
Not that it's not a good thing to be aware of, but do you have any sort of source for what kinds of devices can have their speakers turned into microphones? Then I'll believe you about the government part
Many a soundcard supports changing jack "direction". Here's a StackExchange answer from 2012, on how to do it with the GUI tool `hdajackretask` : https://askubuntu.com/a/911961
I don’t think they meant literally “any” but more like a device with a speaker could be delivered to you that has a speaker/microphone. Like a Bluetooth speaker you order of the internet. It seems it would probably have to be personally targeted to you, but in that case, there are probably simpler ways.
No, because the drive circuit for a speaker is the opposite of the circuit for a microphone. The output stage of a speaker amplifier is just that, an output. The only way to record audio from a speaker, which is totally possible, is to have also purposely built an input stage also attached to the speaker. Which at that point you might as well just use a microphone...
I don't know what you mean here, I can plug a speaker into my mic slot and use that to record, just as plugging a mic into the speaker slot gives a (crappy) speaker.
I dont see the issue here. Its not like they have not disclosed what board it is based upon. And I do feel like its correct not advertising a mic if you dont have it enabled on this one.
I dont really like nanokvm for being slow with updates and not patching stuff fast enough.
To be fair, the microphone _is_ listed on the specsheet of the LicheeRV Nano
https://wiki.sipeed.com/hardware/en/lichee/RV_Nano/1_intro.h...
I assume they didn't intend to put a mic on the KVM product, but they wanted to make a KVM product, already had this SBC product, which reusing their existing stock of helped keep cost low.
Should they have been more up front about it it? Sure, and it's not great that they had a bunch of security issues in the FW anyway, so not exactly great, but "hidden microphone in a Chinese KVM" lets the mind wander
The Chinese part makes one think the Chinese could access the microphone.
Nevermind that, if they could access the device, they'd also be able to read your kvm i/o.
You might be right but I think we cannot assume malice when it could be laziness. It might be that the exact same board has multiple target audiences and they just rebrand it for different purposes with different pricing.
That said, the microphone is so weirdly positioned that it gets suspicious indeed.
> I think we cannot assume malice when it could be laziness
Why can't it be both?
It doesn't strike me as that useful to have a hidden microphone in a KVM product as most of the time, they're going to be stuck in server rooms with just lots of fan noise to record.
Far more of an issue would be any kind of keylogger built into the software, which is why it's best to go for devices that support open source software.
just fan noise?
https://arxiv.org/abs/1606.05915
Any signal that you can modulate can be an exfiltration channel, and fan noise is no different.
I wonder if that's feasible in a room filled with many servers and fans going?
Yes, just modulate the fan noise on the transmitter, and apply a filter on the receiver.
It is possible to keylog via audio.
https://ieeexplore.ieee.org/abstract/document/10190721
I take an especially perverse mind to keylog using audio on a KVM, though. The KVM basically has access to everything, any secondary spying using a microphone or a camera would provide very little added value.
But the point of a device like this is that you (and your keyboard) are NOT physically present.
A long time ago (maybe in the mid-90s) I knew an elderly radio amateur who could not just "copy" CW by ear, but also RTTY. He could also pretty much tell what a teleprinter was printing just by listening to the noises it made, like he'd be facing away from it on the other side of the room reading out entire words from what was coming through.
Apparently in the 50s when he did his National Service he'd been in the Signals but "not in the regiment that's on his papers", make of that what you will.
I have noticed that with PSK modes and particularly PSK31 you can hear "CQ CQ CQ" as a distinctive pattern much in the same way as it is with CW.
IBM spent a fortune developing ATM keypads that - when correctly mounted - had keys that made the exact same noise no matter how you pressed them or how worn they were.
So I don't doubt that someone suitably clever could extract audio from a room and work out what was being typed.
Do you have a pointer to learn more about the ATM keyboards? I would love to learn more about it
Maybe. They were necessarily very cagey about it back then, but I might have some documentation kicking about in storage. I tended to keep copies of every service manual I could get my hands on back then.
> You can start with your iPhone - last year Apple has agreed to pay $95 million to settle a lawsuit alleging that its voice assistant Siri recorded private conversations. They shared the data with third parties and used them for targeted ads. “Unintentionally”, of course! Yes, that Apple, that cares about your privacy so much
the clickbait title makes sense after reading this paragraph
I recently discovered a similar concerning security issue with my KVM. In my case it was a pretty standard KVM for multiple machines to share a keyboard, mouse, and screen but also Ethernet. One day while looking at my home network I noticed the KVM had its own IP and was transferring GBs of data everyday. I quickly blocked it from my network. But having used it for a number of months I worried that with screen capture and access to all my input devices, someone could have gotten access to pretty much everything I use. I wasn’t able to figure out if any data was actually being sent off my network and I really didn’t want to put myself in any more risk so I just threw it in an electronics recycling bin. Pretty scary what a network connected KVM could maliciously do.
Why did you not just login to the device, and switched off "Broadcast to multicast", or changed the destination address?
Edit: Some brands of Network-KVM use this, so that you can control the target device from another device, like e.g. an App on a tablet. That way you don't have to stand next to the target device in the noisy and cold machine room
Shame you threw it away. It would have been useful to collect the traffic with Wireshark and share that with info about the device in a post or a blog for others to investigate and be warned about that brand and model.
Is it possible for you to name the KVM model?
It sounds like a potential risk is to the public.
A kvm that requires Chinese dns servers? Just the fact it KvM over Ethernet should set off alarm bells from here till next Thursday. I would have a hard time trusting an internet based kvm.
wait till you find out about iLO/iDRAC or vPro
> [...] and runs a heavily stripped-down version of Linux that lacks systemd and apt. And these are just a few of the issues.
?!
I don’t see this as noteworthy myself. It’s expected on a small embedded device such as this. You’re usually lucky to have busybox.
> But what additionally raised red flags was the presence of tcpdump and aircrack - tools commonly used for network packet analysis and wireless security testing. While these are useful for debugging and development, they are also hacking tools that can be dangerously exploited.
Must be another AI slop article. Stop feeding your writings into GPT & co to turn into extra long nonsense.
What was wrong with the above paragraph?
Let's see:
1. It lacks systemd and apt.
systemd is so resource hungry that i'm sure they removed it to reduce the RAM bill. Apt... why install apt if the distro has a different means of updating?
2. While these are useful for debugging and development, they are also hacking tools that can be dangerously exploited.
This is purely fear mongering. Even the shell could be a "hacking tool that can be dangerously exploited". Let's remove the shell too.
There are some legitimate complaints in the article, like the use of the same key on all installs. The rest looks more like fear mongering and security theater.
Including the microphone. What were they supposed to do, desolder it manually and add $10 to the price of each device?
I don't see the article complaining that a PiKVM has so many unused peripherals when used as a KVM. To go in the spirit of item #2, the usb ports could be used as "dangerous hacking tools" so you should desolder your usb ports from a Pi used as a KVM, right?
Cat is a hacking tool cause you can see the contents of /proc/kcore?
Cp is a hacktool cause bad files can be copied?
Grep is a hacktool cause only monster hackers use regex?
(This is obvious sarcasm)
Heck, everybody knows Linux is a hacker OS…
Hey I didn't think of that. They forgot to complain that the device doesn't use a properly licensed OS that they certified secure!
Absolutely with systemd and apt. Like apt couldn't be used to install "hacking tools".
You are using a KVM. When not trusting the manufacturer a microphone is the least of your problems xD
What an amazing device, but also the price is incredible. This kind of device would have been such a game changer 15 to 20 years ago. Thank you for the detailed security analysis. At least the developers are responsive, that does seem like a green flag.
Anyone got a link to some community work on the open source side? Sounds like useful devices, if you fix the issues mentioned.
https://wiki.sipeed.com/hardware/en/kvm/NanoKVM/introduction...
Probably an older NanoKVM.
"NanoKVM-Cube hardware is built on the LicheeRV Nano platform. To coordinate production and maintain consistency with the LicheeRV Nano for the SMT project, the hardware retains the display, touch, MIC, and amplifier circuits. To address potential privacy concerns, versions 2.2.6 of the application and 1.4.1 of the firmware and above will remove the relevant drivers. We will also eliminate these components in future productions."
is there a recording sample to hear the quality?
If someone hacks your KVM, I’m thinking the onboard microphone is the least of your problems.
any speaker can be tapped into as a microphone by a motivated government.
From a hardware point of view I've also noticed that speakers work like poor microphones (and LEDs like poor solar panels / light sensors), but is there any way to actually make this work on most devices without physically changing wiring? If the circuits aren't made to take measurements (or the software can't get at the readings) but only set a voltage on the wires, there wouldn't be a way to (ab)use this. I don't know enough about electronics to know whether this is commonly the case
Not that it's not a good thing to be aware of, but do you have any sort of source for what kinds of devices can have their speakers turned into microphones? Then I'll believe you about the government part
Many a soundcard supports changing jack "direction". Here's a StackExchange answer from 2012, on how to do it with the GUI tool `hdajackretask` : https://askubuntu.com/a/911961
I don’t think they meant literally “any” but more like a device with a speaker could be delivered to you that has a speaker/microphone. Like a Bluetooth speaker you order of the internet. It seems it would probably have to be personally targeted to you, but in that case, there are probably simpler ways.
No, because the drive circuit for a speaker is the opposite of the circuit for a microphone. The output stage of a speaker amplifier is just that, an output. The only way to record audio from a speaker, which is totally possible, is to have also purposely built an input stage also attached to the speaker. Which at that point you might as well just use a microphone...
Audio input and output are not reversible.
I don't know what you mean here, I can plug a speaker into my mic slot and use that to record, just as plugging a mic into the speaker slot gives a (crappy) speaker.
> purposely built input stage
You moved your device to the purposely built input stage.
Not an expert, but your remark doesn’t compute with the parent comment
on many cards they are, check out the tool `hdajackretask` from package `alsa-gui-tools`.
I dont see the issue here. Its not like they have not disclosed what board it is based upon. And I do feel like its correct not advertising a mic if you dont have it enabled on this one.
I dont really like nanokvm for being slow with updates and not patching stuff fast enough.