What if a hacker could use an ordinary, dumb, old-fashioned light bulb to spy on your conversations from afar? Here’s the bad news.
What’s the first thing that comes to mind when thinking about how hackers might breach your privacy? Maybe it’s the use of common and weak passwords or the reuse of strong ones across multiple accounts? Perhaps you would plump for critical vulnerabilities affecting Windows 10 and Android operating systems? You may even, rightly, worry that your smart home devices are vulnerable to a hacker attack. But what about that household essential, found in every room and about as “dumb” and disconnected as you can get, the light bulb? Yep, hackers have found a way to eavesdrop on conversations from as far as 80 feet (25 meters) away thanks to a hanging light bulb.
Can any light bulb open the door to hackers?
Security researchers based at the Ben-Gurion University of the Negev and the Weizmann Institute of Science in Israel, have been looking at methods of eavesdropping on private conversations without needing to compromise a device with malware first. This type of hacking research isn’t unique, and only last year, it was revealed that Alexa, Google Home, and Siri could potentially be compromised using lasers pointed at the device microphones. But this latest research goes beyond merely turning a device on or off as was the case with the laser pointer exploit. Indeed, these bright hackers don’t even need the victim of the eavesdrop to be using a “smart” device in the first place. As long as there’s a “dumb” but essential light bulb in the same room, it’s all systems go. Well, sort of.
As always, there are exceptions to the exploit rule. The hackers need a clean line of sight between their electro-optical sensor-equipped telescope and the hanging light bulb concerned. So, if the curtains or blinds are closed on a window, or the light bulb sits behind a lampshade of some sort, then this eavesdropping method will fail. Ditto if the light bulb doesn’t meet the hacking requirements in terms of either thickness of glass or output of light. And finally, the quality of the eavesdropping will depend on how close the people are to the light bulb in question and how loud the conversation is.
How can hackers use a light bulb to listen in to your conversations?
All that aside, this remains a remarkably bright method of spying on private conversations from afar. The researchers were able to accurately monitor both speech and music from a distance of 80 feet (25 meters) away. Using a bigger telescope and a 24/32 bit analog-to-digital converter, the range could be amplified, the researchers said.
So, how does it work then? I won’t say it is simply a matter of hooking up an electro-optical sensor to a telescope and pointing it at a light bulb, but that’s the meat and potatoes of the sub $1,000 (£800) hardware hack at least. Fluctuations in air pressure on the surface of the hanging bulb are created by the sound of conversation, or music, and make a hanging bulb vibrate. An analog-to-digital converter makes the conversion from electrical to digital information. The researchers have developed an algorithm for the attack method, which they named Lamphone, that can “recover sound from the optical measurements obtained from the vibrations of a light bulb.” This is done passively and without needing to be in the same room. When it comes to human speech, the researchers used Google Cloud Speech to transcribe the conversation, and the music was correctly identified using Shazam and SoundHound.
The full technical details can be found in the “Lamphone: Real-Time Passive Sound Recovery from Light Bulb Vibrations” research paper.