I’m not familiar with this for the iPod, but the Magic Lantern team has dumped firmware from Canon cameras by using an LED as a bit-banged serial interface.
But I don’t know how much of a realistic threat it poses, because in order to control GPIO LEDs the computer already needs to be pwned. Magic Lantern dumped firmware via LED because there wasn’t a known serial link or display driver or anything like that to make it easier.
But it’s a camera, and it’s not designed to be airtight air-gapped. Running arbitrary code is certainly discouraged, but to my knowledge Canon has never fought against consensual hacking of their cameras. (I say “consensual,” because there have been, say, Wi-Fi exploits found and patched, but that’s probably not the way a camera owner would try to get in.)
Anyway, this boils down to the definition of an air gap, because any input/output device is bridging it. A printer was mentioned, of course printing sensitive information is a bridge across the gap. And if the machine has GPIO LEDs then that’s a bridge, too. But what about a hidden camera pointing at the monitor? Frankly the monitor itself is a serious exfiltration risk across the air gap, no?
So as always in security, at some point we have to say “good enough,” and consider it as safe as can be.
But I don’t know how much of a realistic threat it poses, because in order to control GPIO LEDs the computer already needs to be pwned. Magic Lantern dumped firmware via LED because there wasn’t a known serial link or display driver or anything like that to make it easier.
But it’s a camera, and it’s not designed to be airtight air-gapped. Running arbitrary code is certainly discouraged, but to my knowledge Canon has never fought against consensual hacking of their cameras. (I say “consensual,” because there have been, say, Wi-Fi exploits found and patched, but that’s probably not the way a camera owner would try to get in.)
Anyway, this boils down to the definition of an air gap, because any input/output device is bridging it. A printer was mentioned, of course printing sensitive information is a bridge across the gap. And if the machine has GPIO LEDs then that’s a bridge, too. But what about a hidden camera pointing at the monitor? Frankly the monitor itself is a serious exfiltration risk across the air gap, no?
So as always in security, at some point we have to say “good enough,” and consider it as safe as can be.