It’s possible to get a printer and other inexpensive network and Internet of Things devices to transmit radio signals that are detectable far enough away that they could be used to steal data from compromised networks, a researcher tells the Black Hat 2015 conference.By rapidly turning on and off the outputs from I/O pins on chips within the printer, it’s possible to generate a signal strong enough to pass through a concrete wall and beyond to a receiver, says Ang Cui, a researcher who works at Red Balloon Security and did the research at Columbia University.+ Follow all the stories out of Black Hat 2015 +The signal was sent down the printer cable connected to the pins that was long enough to serve as an effective antenna. He called the resultant system Funtenna. He showed a demonstration of Funtenna on an inexpensive Pantum printer, sending the message: “The sky above the port was the color of television tuned to a dead channelllllll,” a line from the William Gibson hacker novel Neuromancer.The implications of Funtenna is that similar exploits could be carried out against other inexpensive devices that have little security – a rough description of the IoT, he says. The manipulation of power to the pins causes capacitors in the attached universal asynchronous receiver/transmitter (UART) chips to “hum and vibrate”, Cui says, generating radio-frequency emanations. UART hardware translates serial data to parallel data and, importantly, they are configurable, he says. He says he believes his method will work on all UART chips made. He demonstrated the signal being picked up by a standard handheld ham radio receiver.He wrote simple code to create a readable message from the emanations using long and short signals as 0s and 1s. To be an effective tool for stealing data, the message would have to be formatted by another device and sent to the compromised machine.Cui’s work is an extension of hacks done earlier, in which devices with other legitimate functions are turned into transmitters. It’s an effective means of stealing data because defenders don’t think to look for the traffic. “The attacker uses something the defender can’t readily monitor,” he says. Related content news ShadowSyndicate Cybercrime gang has used 7 ransomware families over the past year Researchers from Group-IB believe it's likely the group is an independent affiliate working for multiple ransomware-as-a-service operations By Lucian Constantin Oct 02, 2023 4 mins Hacker Groups Ransomware Cybercrime feature 10 things you should know about navigating the dark web A lot can be found in the shadows of the internet from sensitive stolen data to attack tools for sale, the dark web is a trove of risks for enterprises. Here are a few things to know and navigate safely. By Rosalyn Page Oct 02, 2023 13 mins Cybercrime Cybercrime Security news UK government plans 2,500 new tech recruits by 2025 with focus on cybersecurity New apprenticeships and talent programmes will support recruitment for in-demand roles such as cybersecurity technologists and software developers By Michael Hill Sep 29, 2023 4 mins Education Industry Government Security Practices news UK data regulator orders end to spreadsheet FOI requests after serious data breaches The Information Commissioner’s Office says alternative approaches should be used to publish freedom of information data to mitigate risks to personal information By Michael Hill Sep 29, 2023 3 mins Government Cybercrime Data and Information Security Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe