We show that built-in sensors in commodity PCs, such as microphones, inadvertently capture electromagnetic side-channel leakage from ongoing computation. Moreover, this information is often conveyed by supposedly-benign channels such as audio recordings and common Voice-over-IP applications, even after lossy compression.

Thus, we show, it is possible to conduct physical side-channel attacks on computation by remote and purely passive analysis of commonly-shared channels. These attacks require neither physical proximity (which could be mitigated by distance and shielding), nor the ability to run code on the target or configure its hardware. Consequently, we argue, physical side channels on PCs can no longer be excluded from remote-attack threat models.

We analyze the computation-dependent leakage captured by internal microphones, and empirically demonstrate its efficacy for attacks. In one scenario, an attacker steals the secret ECDSA signing keys of the counterparty in a voice call. In another, the attacker detects what web page their counterparty is loading. In the third scenario, a player in the Counter-Strike online multiplayer game can detect a hidden opponent waiting in ambush, by analyzing how the 3D rendering done by the opponent’s computer induces faint but detectable signals into the opponent’s audio feed.

paper: https://faculty.cc.gatech.edu/~genkin/papers/lendear.pdf

When the GameStop and Robinhood story exploded at the end of January, suddenly everyone took an interest in market structure, and things like payment for order flow, and the role that high-frequency trading shops play in enabling free retail trading. This of course gave rise to lots of conspiracy theories about ways retail traders are taken advantage of. On the new Odd Lots, we speak with Doug Cifu, the CEO of Virtu, which is one of the largest HFT shops in the country, to get his perspective on how this part of the market really works.

Hour long, pretty thorough.

The Nintendo Game Boy contains an audio amplifier chip for sound through a speaker or headphones. In this post, I reverse-engineer this chip and compare it with the later Game Boy Color chip (reverse-engineered earlier). Unexpectedly the Game Boy Color uses an entirely different amplifier design from the original Game Boy, which may explain why the two systems sound different.

A man in California is haunted by the memory of a pop song from his youth. He can remember the lyrics and the melody. But the song itself has vanished, completely scrubbed from the internet. PJ takes on the Super Tech Support case.

Or: https://podcasts.apple.com/us/podcast/reply-all/id941907967

source: ML

On this episode of On the Metal, we interview Ron Minnich. Ron has had a fascinating career working on the interface between software and hardware. Join us as ~we install Gentoo and compile GCC~ to hear a mesmerizing conversation about Unix, Plan9, LinuxBIOS, Chromebooks, RISC-V, of course some Gentoo jokes, flip flop programming toys, and more!

Didn’t actually listen, but there’s a pile of links here anyway.

source: white

Host Molly Wood spoke with Moxie Marlinspike, founder and CEO of the private chat app Signal Messenger, about what a ban on encryption — or giving law enforcement a back door to messages — might mean. The following is an edited transcript of their conversation.

source: white

The Sega Genesis, with its “Blast Processing” and blue mascot (who is getting a questionable movie makeover in the coming months), stood out for a lot of reasons, but one of the most subtle is something that it contained in at least one of its variants that not a lot of its competitors did—a headphone jack that could produce stereo sound. In a way, it was a nod to its sound chips, which were some of the best to be found on a video game console at the time and had more in common with the era’s sound synthesizers. Reliving those sounds in their best form hasn’t been easy in the modern day, however, due to challenges in emulating the console correctly. However, a challenger appears: The Analogue Mega Sg, a field programmable gate array (FPGA)-based console aims to recreate the experience. Today’s Tedium is a review of that console—and a little backstory on the biggest problem it tries to solve.

«System Beeps» is a music album in shape of an MS-DOS program that features original music composed for PC Speaker using the same basic old techniques like ones found in classic PC games. It follows the usual retrocomputing demoscene formula — take something rusty and obsolete, and push it to eleven — and attempts to reveal the long hidden potential of this humble little sound device. You can hear it in action and form an opinion on how successful this attempt was at Bandcamp, or in the video below. The following article is an in-depth overview of the original PC Speaker capabilities and making of the project, for those who would like to know more.

source: HN

Unfortunately, in software development not all problems are as trivial as we think.

Minimodem is a command-line program which decodes (or generates) audio modem tones at any specified baud rate, using various framing protocols. It acts a general-purpose software FSK modem, and includes support for various standard FSK protocols such as Bell103, Bell202, RTTY, TTY/TDD NOAA SAME, and Caller-ID. Minimodem can play and capture audio modem tones in real-time via the system audio device, or in batched mode via audio files.

source: L

This bent my brain a little: if you re-tune Nirvana’s Smells Like Teen Spirit in a major key, it sounds like an upbeat pop-punk song. Like, Kurt Cobain actually sounds happy when he says “oh yeah, I guess it makes me smile” and the pre-chorus — “Hello, hello, hello, how low” — is downright joyous. Although I guess it shouldn’t be super surprising…in a 1994 interview with Rolling Stone, Cobain admits that the song was meant to be poppy.

source: K

This paper describes Tacotron 2, a neural network architecture for speech synthesis directly from text. The system is composed of a recurrent sequence-to-sequence feature prediction network that maps character embeddings to mel-scale spectrograms, followed by a modified WaveNet model acting as a vocoder to synthesize timedomain waveforms from those spectrograms. Our model achieves a mean opinion score (MOS) of 4.53 comparable to a MOS of 4.58 for professionally recorded speech.

Blog: https://research.googleblog.com/2017/12/tacotron-2-generating-human-like-speech.html

source: green

Interview with Victor Haghani, former quant at LTCM. Short version: know the math, trust the math, but be careful with the leverage.

Referenced paper is also very interesting. How do people bet on a biased coin after being told the coin is biased? Irrationally.

Rational Decision-Making under Uncertainty: Observed Betting Patterns on a Biased Coin

https://papers.ssrn.com/sol3/papers.cfm?abstract_id=2856963

Emus are hard to kill, even for the army.

Also: https://blogs.scientificamerican.com/running-ponies/the-great-emu-war-in-which-some-large-flightless-birds-unwittingly-foiled-the-australian-army/

If nobody wants to invest in your startup because you’re not going to become a unicorn, lie and tell them you will. Problem solving!