On August 17, 2022, the MITER profile organization assigned a bug with hard drive failure in old laptops due to Janet Jackson's song "Rhythm Nation" the vulnerability ID CVE-2022-38392. Enthusiasts around the world have previously found similar problems with hard drives when playing sounds at certain frequencies, when storage devices began to resonate and break down.
See also: Effective Python 2nd edition
The vulnerability description states that running a video clip of Janet Jackson's song "Rhythm Nation" on an old laptop with an OEM hard drive running at 5400 rpm can lead to a session crash or system shutdown due to hard drive failures. disk, related to the emerging resonance when playing the sounds of a clip of certain frequencies. Moreover, the attack at the resonant frequency using the sounds from Janet Jackson's "Rhythm Nation" music video can be carried out remotely from a physically nearby playback device.
Around 2005, this problem was discovered during testing by one of the major laptop manufacturers in their laboratory. Also in the course of the experiments, it turned out that some laptops from other vendors began to slow down or fail if the video did not start on them, but they were next to the device that played the Jackson clip.
Investigation of this abnormal situation showed that the problem really arose due to some sounds from the song. Hard drives in inexpensive laptops running at 5400 rpm would start to resonate and break down. The researchers did not explain the details of this unusual situation.
Experts believe that typically low-cost laptop hard drives vibrate in the 5 kHz range, and they sometimes experience certain peaks at 12.5 Hz, 87.5 Hz, 1100 Hz, 1450 Hz, 1700 Hz and 1850 Hz. An example instruction with vibration and frequency parameters from Hitachi.
The laptop manufacturer and its partners solved this problem in a simple way. The developers have added a special filter to the audio codec driver that detects and removes unwanted frequencies during the playback of such sounds. It is not clear if there is such a patch in modern audio drivers or if hard drive manufacturers have solved this problem in other ways.
According to the Xakep.ru portal, the vector of acoustic attacks is well known to information security experts.
For example, in 2008, researcher Brandon Gregg showed that you shouldn't yell in a data center, especially at a rack of storage shelves, as hard drives are sensitive to ambient sounds and begin to vibrate abnormally.
In 2017, cybersecurity specialist Alfredo Ortega introduced the HDD Killer attack variant. When it is implemented, sound generation at a frequency of 130 Hz is used so that the PC hard drive stops responding to OS requests.
This phenomenon was also studied by specialists from Princeton University and Purdue University. The experts conducted a series of practical tests and checked on a special test bench how HDDs work under the influence of sound waves coming from different distances, at different angles, at different frequencies and for different periods of time.
Based on the results of the study, they selected the optimal frequency and distance to attack each of the studied Western Digital hard drives.
The experts also found that the closer the sound source is to the target during such an attack, the less time it will take to implement it. Moreover, the longer such an attack lasts, the more likely it is to provoke a serious denial of service that will require at least a reboot of the device or replacement of a broken hard drive.
For example, sound transmitted at a frequency of 9.1 kHz from a distance of 25 centimeters from a PC or laptop case can cause many problems in the OS, up to BSOD.
See also: Best computer for crypto mining