Assuming it is an Android tablet, you can use Permission Manager to change individual app permissions.
But as Finagle said, access to storage is a common and essential permission, disabling it could stop the app from functioning.
That was the first thing I thought of; just how fast and reliably could two computers exchange via ultrasonic sounds in clear air?
It sounds like BS to me; not only would the infected computer have to have the capability to send this sort of data, but the receiving one would have to have a microphone (strike one for many), it would have to be listening (strike two), and enough reliable data would have to be transferred to actually rewrite some portion of the BIOS (strike three).
I’ll believe it when I see it.
One way I could imagine this happening is if computers have their microphones and speakers set up as an acoustic coupler modem. Last I checked, those went out by 1990 but the technology still exists. If there’s an OS out there that has “use speaker and microphone as modem if another modem is detected”, and it is not properly secured, then this might be feasible. But securing it would be as easy as disabling the modem.
After thinking about it more, how would a passive computer know to listen for that particular set of data bits, parity, encoding, compression, etc… without having set that up ahead of time?
If this sort of thing were true, it would almost certainly be by way of some sort of backdoor encoded by the manufacturers, or else there wouldn’t be any way for the receiving computer to actually receive and correctly decode it.
Computer hardware and processing power is much better than it used to be. Think of those song identifying apps like SoundHound, they listen through a mic and identify a song based on the captured audio, even from crappy sources. Granted the actual song recognition processing is done on their servers via the Internet but offline voice recognition exists and works fairly well.
Yes, but does the computer do that spontaneously? Are you working along and suddenly “That sounds like Pearl Jam!” pops up in an alert?
The first point is that ultrasonic acoustic data transfer is not a standard means of communication: your computer is not normally listening for an audio data stream through its mic, and standardized data transfer protocols for such a medium have not been established. The second point is that if it were listening and there were protocols, the method and vector for malicious code installation would have to be predetermined. In other words, your computer would have to be listening for ultrasonic data (unlikely) at a given frequency (less likely) and know how to handle it (unlikelier still) in a way that faulty data would result in an infection (vanishing unlikeliness). Find me the specific grain of sand you dropped on that beach three years ago and I will maybe begin to consider this paranoid fantasy.
Fast enough for a lot of damage, especially if you don’t realize it’s happening and leave them unattended overnight.
The article mentions laptops. Nearly all laptops today are shipped with both microphones and speakers. Among desktops, many displays also contain built-in microphones and speakers.
I’m not sure what you’re suggesting here, but since the BIOS is compromised, you can’t just disable anything without physically removing it. If there are speakers, you better cut the wire. There’s no reason this code would have to rely on any built-in modem capability. It’s just converting data to sound and sound to data.
It depends on how different the underlying hardware is. The difficulties of getting Mac OS to run on hardware that it wasn’t designed to run on are not relevant to how hard it is to write a BIOS or EFI-level virus.
I know, it is just the whole ‘delete’ that bothers me, I can see a bug or malicious act deleting the contents of my sd chip or hard drive of stuff that I can’t replace [I only sync it once a week] and I am still horrified with Amazon deleting a purchased book without any action by the owner …
The paranoid fantasy seems to be mostly of your own creation.
Nobody is claiming that acoustics are being used as an infection vector.
What is being theorized based on reported observations is that systems that were already compromised via some other method, apparently on a BIOS/hardware level, are communicating via acoustic methods.
Actually, they do (or can). See my post #28. The output from my test was inaudible to my ears (being at 20-22 kHz) but was both broadcast and received perfectly well.
That said, the speakers may well prove a limit in some cases–I have one system that would audibly buzz when playing a 20 kHz tone–but it works in some cases without a particularly special setup. In fact, I tested the speaker from my cell phone and it also worked just fine at ultrasonic frequencies.
Of course, as everyone has said, the target machine must already be infected for this to be in any way feasible.
They’ll boot from DVDs, but apparently it’s slower than booting from flash drives and more complicated to make the DVD. I used a flash drive to boot and clean-install Mavericks.
Update:
No one has been able to confirm or reproduce his claims.