How I discovered a hidden microphone on a Chinese NanoKVM
67 points by UkiahSmith
67 points by UkiahSmith
This fails to mention a kind of important fact: this device is just a couple of extension boards added on to one of their preexisting dev boards, and the mic is part of that original board and it was always documented as such, not a secret. The dev board schematics are available at https://cn.dl.sipeed.com/shareURL/LICHEE/LicheeRV_Nano/02_Schematic. There's clearly some risk here, and it's good for people to know this, but this feels like just an oversight in disclosure about some preexisting hardware, not a malicious attempt to hide it.
Also, just in general, sipeed has always made lots of cool little toys... but they are typically toys. Their products seldom go beyond the demo/devkit level of polish and support, so I wouldn't be jumping to plug something like this into a production system unless I was using it as a base to customize/rebuild vs just use as-is.
Edit: And thinking about it now, a mic might actually be kind of useful here. Typically a proper server LOM will report even hardware/preboot faults remotely, but that's not possible if you're just getting usb & hdmi connections. If you're using this for remote server management, you could actually use the mic to listen for beeps/tones sometimes used by bios to report those kinds of failures.
Also, just in general, sipeed has always made lots of cool little toys... but they are typically toys.
Agree. I've got a few of their devices. They (generally) work but not to production levels of reliability. And their support of devices seems to drop off after a year or two, to the extent that the website and repository no longer have everything needed for devices only a couple of years old :(
I like their devices. But I'd like them more if they took more care initially, and if their web & git still had everything necessary for their old devices.
You can start with your iPhone - last year Apple has agreed to pay $95 million to settle a lawsuit alleging that its voice assistant Siri recorded private conversations. They shared the data with third parties and used them for targeted ads. “Unintentionally”, of course! Yes, that Apple, that cares about your privacy so much.
(Emphasis mine.)
To be clear, Apple settled without admitting any wrongdoing beyond the "Hey Siri" feature unintentionally activating (something I'm sure any iPhone user has experienced). The plaintiffs' only reason to believe targeted advertising was involved is correlation with some ads they saw later. Apple are no saints, but I would not be claiming this as fact.
Yeah that story always struck me as wildly unlikely.
If Apple were selling ads based on microphone intercepts meant for Siri then show me the sales materials they pitched to advertisers for that service!
Well, both Apple and large-scale online ads are known to be pretty NDA-heavy in commercial relations…
(Although in this specific case it would probably indeed leak relatively soon)
Alarmingly, the device […] runs a heavily stripped-down version of Linux that lacks
systemdandapt.
This sentence gave me pause.
Not just that. Also:
But what additionally raised red flags was the presence of tcpdump and aircrack - tools commonly used for network packet analysis and wireless security testing. While these are useful for debugging and development, they are also hacking tools that can be dangerously exploited.
I do not know the person who wrote this piece, but it is readily apparent that they have no clue about embedded development. Shipping a device with tcpdump present, especially one that has a lot of network functionality, is the most normal thing ever.
And this:
For instance, a security researcher even found an image of a cat embedded in the firmware.
OP thinks a picture of a cat is one of some, and I quote, "bizarre discoveries"? Easter eggs have been around for ages. OP should stick to real problems and not make up new ones.
I'm trying to think back. Somebody- it might have been DaveM- had an AsciiArt image of a cat in his email sig, and I think that might also have appeared in kernel fatal-error messages.
stripped-down version of Linux that lacks systemd and apt.
So the bootable image is built on a completely different system, doesn't need apt, and nobody's providing an online repo to support it. He could equally argue that the /presence/ of apt implied that the board had to be online at all times, and that was an indication of malevolence.
And the author is clearly unaware of the number of people who criticise systemd as a resource hog and (often) an unwelcome addition by somebody who now works for a company which was historically opposed to Linux.
Hopefully in a few years when the author is a bit more experienced he will look back on this with embarrassment.
Yeah, it’s quite easy to build images using, say, OpenWRT or buildroot or Yocto that have none of those things. Firmware updates often come as a new filesystem image to replace the old one.
Never attribute to incompetence that which can easily be explained by malice masquerading as incompetence.
I am pretty sure these issues stem from extreme negligence and rushed development rather than malicious intent. However, that doesn’t make them any less concerning.
Why? This seems like textbook malicious intent. That microphone cost money to install in every single device and wasn't mentioned anywhere. The hardware manufacturers just threw that one in there out of the goodness of their hearts and forgot to mention they did so? Presumably small form factor mics cost a little more as well.
As another person has said, this post fails to acknowledge that this KVM is based on an existing dev board and that board has a mic and it's pretty well documented.
Just to make this explicit as neither of the other posts typed it out unambiguously: in the modern electronics manufacturing situation, not having a new custom PCB type saves you more than a bunch of components add. It is cheaper to have all PCBs include microphones than to have dev boards with and without, it is cheaper to grab a PCB with a microphone from a large-enough-run than to do a small run of «same but without this and that».
(Integrated circuit manufacturing is of course much more cursed than printed circuit boards)
Which is why stuff like handheld devices with unusal form-factors typically need to use lower performance components for a given PCB price.