Exploit found in Realtek chips can listen through a pair of headphones

A group of researchers at Ben Gurion University in Israel have developed a piece of software titled: SPEAKER(a)R that can switch a pair of headphones from listening to recording mode. This, in turn, could theoretically allow anyone with the intent to eavesdrop on a victim.

Just to reiterate, this exploit was created by researchers and developers for two reasons: for fun, and to prove that most of today’s PCs and laptops are susceptible to this sort of thing. There is a full abstract, complete with the intentions of the experiment and their findings.

The idea was sparked from the fact that speakers work very similarly to microphones: a diaphragm vibrates in a mic to create signals that a computer can understand. Likewise, a computer can reproduce these sounds by vibrating a diaphragm. In fact, you can plug any old pair of headphones into a ‘line-in’ jack (used for microphones) and the left can or earbud would act as a make-shift mic.

Realtek audio codec chips are found in PCs, Macs, and many laptops. A feature that’s built into these chips is the ability to switch a headphone jack from ‘audio out’ to ‘line in’, even if there is no microphone channel on the plug.

Check out the exploit in the video above. You can also check out the full research report here.

Via 1 | Via 2