Delicious
Digg
StumbleUpon
Reddit
Magnoliacom
Newsvine
Furl
Facebook
Google
Yahoo
Technorati
IcerocketYour Computer is Hot -- And I Know Where You Live
This morning at the Chaos Communication Congress, Cambridge Ph.D. student Steven Murdoch (pictured at left) knocked everybody's socks off with a presentation about how people can unmask an anonymous online publisher by remotely monitoring his computer's temperature. It sounds about as tin foil hat as you can get, but the trick is real. Every computer's clock is run via quartz crystals, but those crystals change their speeds as the computer heats up. Therefore a computer's clock runs nanoseconds faster or slower depending on the overall temperature of the unit. This process is called clock skew, and it creates a uniquely off-kilter time "fingerprint" for every computer.
Researchers in the field have pointed out that asking a computer what time it is over and over for an extended period allows you to chart its time skew as it heats up and cools
off over a day's use. (See the chart at right for an example of a computer's unique time skew profile.) Murdoch talked about how time skew tracking could also be used to locate computers hidden via an anonymous network-within-a-network called Tor. Dissidents, whistleblowers, and other people who wish to remain anonymous can publish information on the Internet using Tor's "hidden services" mode. But a computer offering these hidden services can't hide its heat and resulting clock skew.
Somebody who wants to nab dissidents can send lots of data to the computer running hidden services, heat it up, take a measurement, and then compare those measurements to other computers in the Tor network. Once she has a match, that person will know the IP address of the computer hosting the formerly-anonymous publisher. She can now track the computer down and destroy it. Murdoch speculated that time skew might also reveal the whereabouts of a computer because one could figure out what time of day air conditioning got turned on and off, or when sun was heating up the room where the computer is located. One could also figure out, based on the heat signature, whether a computer was stored in a rack or under somebody's desk.
There are no good ways to defend against time skew monitoring. Fans and temperature regulators don't correct for the tiny changes in temperature required to produce skew. So even if you're hiding using advanced tech like Tor, your heat can give you away. Read Murdoch's paper on the topic here. -- Annalee Newitz
2 Comments
Popular Science Photo Pool
Featured
Gear & Gadgets
Battling the Yips, A Plague Upon Every Golfer
Unexplained jitters when tackling easy tap-ins have befallen even the most legendary pros. Now, a group of scientists hopes to reveal which sections of the brain are responsible for choking
787 Dreamliner's First Flight Delayed Yet Again
Structural reinforcement for a side-of-body panel is the latest hold-up
Popular on Popsci
Most Viewed
Gear & Gadgets
- Color-Picking Pen Concept Imagines Real-World Photoshop Eyedropper Tool
- Dyson's New Vacuum Driven By the Fastest Motor Ever
- Tested: Bedside Brainwave Scanner Grades Your Ability to Sleep
- The Curious Case of Flash on the iPhone
- Gallery: Solar Tent Charges Your Phone, Glows So You Can Find It
- Solar Tent Charges Your Phone, Glows So You Can Find It
- Google Voice Gives You One Number to Ring Them All
- Face-Recognition Software Shields Your Computer Screen From Eavesdroppers
- Tested: HP 15C Classic Calculator Reborn on the iPhone
- iPhone Game Gets Your Kid off the Couch and into an Alternate Reality
Most Commented
Gear & Gadgets
- Color-Picking Pen Concept Imagines Real-World Photoshop Eyedropper Tool
- Dyson's New Vacuum Driven By the Fastest Motor Ever
- The Curious Case of Flash on the iPhone
- Unleash Your Inner Centaur
- Google Voice Gives You One Number to Ring Them All
- Solar Tent Charges Your Phone, Glows So You Can Find It
- Tested: Bedside Brainwave Scanner Grades Your Ability to Sleep
- Internet-Enabled Printer Requires No Computer
- Europe Adopts Universal micro-USB Cellphone Charger Standard
- Tested: HP 15C Classic Calculator Reborn on the iPhone
Most Emailed
Gear & Gadgets
- Solar Tent Charges Your Phone, Glows So You Can Find It
- Dyson's New Vacuum Driven By the Fastest Motor Ever
- Color-Picking Pen Concept Imagines Real-World Photoshop Eyedropper Tool
- Europe Adopts Universal micro-USB Cellphone Charger Standard
- Google Voice Gives You One Number to Ring Them All
- The Curious Case of Flash on the iPhone
- Tested: HP 15C Classic Calculator Reborn on the iPhone
- Face-Recognition Software Shields Your Computer Screen From Eavesdroppers
- iPhone Game Gets Your Kid off the Couch and into an Alternate Reality
- Unleash Your Inner Centaur
Subscribe for 2 free issues!
Today on PopSci.com
Copyright © 2009 Popular Science
A Bonnier Corporation Company. All rights reserved. Reproduction in whole or in part without permission is prohibited.
Just to clarify a few things -- Steven's attack is based on Tor's hidden services, not normal end users. Hidden services are probably considerably less than 1% of the Tor network activity -- it's a way to hide chat or web services' geographical location, as might be used by the military to conceal command and control servers (one of the original purposes for which the US Naval Research Labs designed onion routing, the ancestor of Tor).
Hidden services have never been able to be made highly secure or well performing, but Steven's research is still important and interesting.
And Tor is not a project of EFF, although our URL is there, and they have been and continue to be great friends of the project. As of today we have become our own nonprofit.
Shava Nerad
Executive Director
The Tor Project
Steve recently sent a trace program to me to verify that he can map TOR in the UK. I suspect he has other surprises in store at the next conf.!!
Good luck to all
abbynet OR