Janet Jackson’s music video ‘Rhythm Nation’ is a Windows Exploit

Topic

New Reply

Another reason not to play 1989’s Rhythm Nation – it messes with some hard disk drives

https://www.theregister.com/2022/08/18/janet_jackson_video_crashes_laptops/

The music video for Janet Jackson’s 1989 pop hit Rhythm Nation has been recognized as an exploit for a cybersecurity vulnerability after Microsoft reported it can crash old laptop computers.

“A colleague of mine shared a story from Windows XP product support,” wrote Microsoft blogger Raymond Chen.

The story detailed how “a major computer manufacturer discovered that playing the music video for Janet Jackson’s Rhythm Nation would crash certain models of laptops.”

Further investigation revealed that multiple manufacturers’ machines also crashed. Sometimes playing the video on one laptop would crash another nearby laptop. This is mysterious because the song isn’t actually that bad.

Investigation revealed that all the crashing laptops shared the same 5400 RPM hard disk drive….

CVE-2022-38392

A certain 5400 RPM OEM hard drive, as shipped with laptop PCs in approximately 2005, allows physically proximate attackers to cause a denial of service (device malfunction and system crash) via a resonant-frequency attack with the audio signal from the Rhythm Nation music video.

1 user thanked author for this post.

Cybertooth

Reply | Quote

Replies

For the sake of completeness: According to the article in “The Register” following the part quoted by Alex:

“It turns out that the song contained one of the natural resonant frequencies for the model of 5400 RPM laptop hard drives that they and other manufacturers used,” Chen wrote.

The manufacturer that found the problem apparently added a custom filter in the audio pipeline to detect and remove the offending frequencies during audio playback.

Few modern machines have hard disk drives, never mind drives that rotate at the unfashionably slow speed of 5400 revolutions per minute. Also, hardly anybody listens to Janet Jackson anymore.

The Register nonetheless reports this news because The Mitre Corporation has seen fit to list it on the register of Common Vulnerabilities and Exposures (CVEs) – the definitive list of cybersecurity vulnerabilities we all need to watch out for.

It’s listed as CVE-2022-38392 and has already been acknowledged by security vendor Tenable.”

In Particular, and as has been quoted by Alex but with a more direct URL link for those curious about this:

https://nvd.nist.gov/vuln/detail/CVE-2022-38392

CVE-2022-38392 Detail

“A certain 5400 RPM OEM hard drive, as shipped with laptop PCs in approximately 2005, allows physically proximate attackers to cause a denial of service (device malfunction and system crash) via a resonant-frequency attack with the audio signal from the Rhythm Nation music video.”

This is all very amusing, specially about the spooks at the Mitre finding this could cause “a denial of service” if some Ninja-hacker came to your place with evil intent, walked in and turned on the video in your old computer, without you noticing.

So, are you feeling lucky today?

youtube.com/watch?v=OAwaNWGLM0c

Ex-Windows user (Win. 98, XP, 7); since mid-2017 using also macOS. Presently on Monterey 12.15 & sometimes running also Linux (Mint).

MacBook Pro circa mid-2015, 15" display, with 16GB 1600 GHz DDR3 RAM, 1 TB SSD, a Haswell architecture Intel CPU with 4 Cores and 8 Threads model i7-4870HQ @ 2.50GHz.
Intel Iris Pro GPU with Built-in Bus, VRAM 1.5 GB, Display 2880 x 1800 Retina, 24-Bit color.
macOS Monterey; browsers: Waterfox "Current", Vivaldi and (now and then) Chrome; security apps. Intego AV

2 users thanked author for this post.

wavy, Cybertooth

Reply | Quote

While I may listen to Janet … I SOOOO do not have a 2005 hard drive.

https://devblogs.microsoft.com/oldnewthing/20220816-00/?p=106994

And I don’t get why a new CVE has been assigned to it when it’s been fixed years ago?

Susan Bradley Patch Lady/Prudent patcher

Reply | Quote

Susan: “And I don’t get why a new CVE has been assigned to it when it’s been fixed years ago?”

A really good question that is.

It looks to me like it might have been a slow day at the Mitre Corp. when they got news of this for the first time, very recently, after decades when nobody paid attention because there was nothing going on worth paying attention to, since the problem was fixed long ago in one of two ways:

(1) the laptops with one of those drives got bricked when someone played  Janet’s “Rythm Nation”, and

(2) the OEMs made changes to the hardware that prevented the problem for happening again in the new computers they sold.

But at the Mitre, when they finally heard about it, they put on their cybersecurity hats and started campaigning to have it declared a national real and present danger.

At the Mitre they do all sorts of things, including some that are best not discussed here. Officially they manage various things for the US government:

https://en.wikipedia.org/wiki/Mitre_Corporation#:~:text=It%20manages%20federally%20funded%20research,and%20cybersecurity%20fields%2C%20among%20others.

“It manages federally funded research and development centers (FFRDCs) supporting various U.S. government agencies in the aviation, defense, healthcare, homeland security, and cybersecurity fields, among others.“

Ex-Windows user (Win. 98, XP, 7); since mid-2017 using also macOS. Presently on Monterey 12.15 & sometimes running also Linux (Mint).

MacBook Pro circa mid-2015, 15" display, with 16GB 1600 GHz DDR3 RAM, 1 TB SSD, a Haswell architecture Intel CPU with 4 Cores and 8 Threads model i7-4870HQ @ 2.50GHz.
Intel Iris Pro GPU with Built-in Bus, VRAM 1.5 GB, Display 2880 x 1800 Retina, 24-Bit color.
macOS Monterey; browsers: Waterfox "Current", Vivaldi and (now and then) Chrome; security apps. Intego AV

Reply | Quote

I have 5400 hard drives, converted to external drives for backups….and no, Janet gets no-where near my hardware or ears. YMTMD (your musical taste may differ)

No problem can be solved from the same level of consciousness that created IT- AE

Reply | Quote

“Few modern machines have hard disk drives, never mind drives that rotate at the unfashionably slow speed of 5400 revolutions per minute.”

My laptop has a WD 5400RPM HDD.

Reply | Quote

Alex: “OscarCP wrote”

I did not write that.

That was a quote I made from the article you linked in your opening statement:

“For the sake of completeness: According to the article in “The Register” following the part quoted by Alex”

This is not the first time. Please, stop doing this. It’s disrespectful. Write “X” quoted this, not “X” wrote this. More work to  do it this way? Well,  mentioning others properly is not always convenient.

Ex-Windows user (Win. 98, XP, 7); since mid-2017 using also macOS. Presently on Monterey 12.15 & sometimes running also Linux (Mint).

MacBook Pro circa mid-2015, 15" display, with 16GB 1600 GHz DDR3 RAM, 1 TB SSD, a Haswell architecture Intel CPU with 4 Cores and 8 Threads model i7-4870HQ @ 2.50GHz.
Intel Iris Pro GPU with Built-in Bus, VRAM 1.5 GB, Display 2880 x 1800 Retina, 24-Bit color.
macOS Monterey; browsers: Waterfox "Current", Vivaldi and (now and then) Chrome; security apps. Intego AV

1 user thanked author for this post.

Alex5723

Reply | Quote

Is it a significant number of days from April 1st or something?

Or perhaps that tech is still in use in very old aircraft which only just escaped the problem with telephony frequencies.. like nobody would notice that specific track being played loudly in a strange area of the aircraft, like the loo, hold, or under a specific seat..

These are sensible people, there must be some reason they came out with this CVE, so maybe in due course that will come out as well!

Reply | Quote

Imagine some high school guys and girls driving a convertible in you street blasting the air with Janet Jackson’s ‘Rhythm Nation’ erasing 10s of HDDs as they pass ?

Reply | Quote

Just thought of another one (given most Intel based kit gives you the option to monitor various fans) – could malware “tune” the CPU load to cause the CPU cooler (in well characterised OEM models at least) to emit a note suitable to disrupt the drive whilst exercising the drive suitably to maximise the likelihood of failure, so they don’t have to encrypt your drive.. just upload your data and produce the ransom note and wait for the drive to pack up.. or maybe it’s just a way of selling some newer machines as at that age they’d likely be Windows 7.

Just points more to this not being a concern for the PC user. SCADA implementations maybe more so due to the environments some are installed in..

Reply | Quote

[OscarCP]

Several of us at AskWoody have been wondering about why is there a new zero-day with a CVE out now, because of a peculiarity of 2005 5400 RPM hard disks makes them break when playing Janet Jackson’s video “Rythm Nation.”
First myself, along with others, expressed incredulity and even made fun of this.

But later on, I remembered that I’d seen in an episode of “Elementary” that ICBM bases and other military installations do use on purpose very old computers, among other reasons because they are so old that cannot be connected to a network, so they are unhackable, unless someone gets in one of this bases, goes in and do something to them in person, with their own hands.
Something counteracted using appropriately old-school tech, such as armed guards, key-pads, biometrics, or chips in badges to operate door locks to restricted areas.

Then I read about it being quite real, in some reasonably serious news and commentary Websites.
The story behind all this is something so interestingly strange that I believe it deserves its own thread.

But this is not something limited just to military high-security installations, or the Pentagon. As it happens, computers in other US government critical organizations, agencies, etc. also run on ancient hardware and, or software, either because replacing it would be too expensive and time-consuming, or because those who knew how to read, update and debug the code are around no more:

https://www.nextgov.com/cxo-briefing/2016/05/10-oldest-it-systems-federal-government/128599/

For a start, in a nutshell what the mystery CVE  may be about.

First, the What:

https://www.theguardian.com/technology/2016/may/26/us-nuclear-arsenal-controlled-by-1970s-computers-8in-floppy-disks

“The US military’s nuclear arsenal is controlled by computers built in the 1970s that still use 8in floppy disks.

A report into the state of the US government, released by congressional investigators, has revealed that the country is spending around $60bn (£40.8bn) to maintain museum-ready computers, which many do not even know how to operate any more, as their creators retire.”

 

Then, the Why:

https://www.quora.com/Why-does-the-American-nuclear-command-still-use-old-computers-and-floppy-disks

A three-comment sample:

No. 1: “You know all those movies where someone hacks the American nuclear codes and launches all the missiles?

Well, you’d need the missiles to be connected to a computer network for that to happen.

They aren’t.

You’d need to be able to get to the code to hack it.

You can’t.

No. 2: “The legacy system is unhackable because it’s literally too simple. There is no IP address, no way to log in and no vulnerabilities to exploit. The computers they have can’t launch the missiles because they are on a strictly manual/electrical, pre-Internet system. You can ONLY launch them by having two people turn two different keys at the same time. Only the guidance is computerized and good luck getting close enough to that ancient system to change it.
I’m sure there are many people who would like the whole thing updated, but you’d be hard pressed to find a more secure system.”

No. 3; “As noted elsewhere, because they work. When you implement a system like a nuclear launch control system you don’t just throw it together. Every piece of hardware and software is tested and validated, both separately and as a whole. If you replace any single piece of it, you have to retest and revalidate the entire system. It’s this testing and validation that costs most of the money and time in any military system.
The Air Force has been planning to replace the whole system for a while, and why bother patching something that you’re going to replace? Unfortunately, the fighter and bomber jocks get the top of the budget, and the poor Minuteman crews are down a ways on the totem pole. The whole process dragged out ad nauseam.”

And last the What Now: is anything being done about this?

It looks that way. How much of this is actually being done? Good question.

https://www.armscontrol.org/factsheets/USNuclearModernization

[Moderator edit] @OscarCP, duplicate topics are not allowed so your new topic was “merged” with the existing topic.

Ex-Windows user (Win. 98, XP, 7); since mid-2017 using also macOS. Presently on Monterey 12.15 & sometimes running also Linux (Mint).

MacBook Pro circa mid-2015, 15" display, with 16GB 1600 GHz DDR3 RAM, 1 TB SSD, a Haswell architecture Intel CPU with 4 Cores and 8 Threads model i7-4870HQ @ 2.50GHz.
Intel Iris Pro GPU with Built-in Bus, VRAM 1.5 GB, Display 2880 x 1800 Retina, 24-Bit color.
macOS Monterey; browsers: Waterfox "Current", Vivaldi and (now and then) Chrome; security apps. Intego AV

• This reply was modified 1 year, 1 month ago by OscarCP.
• This reply was modified 1 year, 1 month ago by OscarCP.
• This reply was modified 1 year, 1 month ago by OscarCP.
• This reply was modified 1 year, 1 month ago by OscarCP.
• This reply was modified 1 year, 1 month ago by OscarCP.
• This reply was modified 1 year, 1 month ago by Just another Forum Poster.
• This reply was modified 1 year, 1 month ago by Just another Forum Poster.

1 user thanked author for this post.

Alex5723

Reply | Quote

OscarCP wrote:

The US military’s nuclear arsenal is controlled by computers built in the 1970s that still use 8in floppy disks.

One of my many jobs while in the military (USAF 22 years) was maintaining that exact piece of equipment and here’s a few facts omitted by the article you referred to.

Those 8″ floppies only held the boot code needed to start the computer, once it was up and running, it used magnetic core memory and the floppy was removed.

Data updates were done using paper punch tape and a paper punch tape reader (which was a real PITA to use because you had to “manually” pull the tape thru the reader at “just the right speed” or you’d get a read error.)

The floppy disks and punch tapes were classified TS, so they had to be stored in a special safe and you had to “physically” sign them in/out every time they were used recording exactly who had them and the specific time they were removed/returned to the safe on a special log (i.e. a “chain of custody” record!)

The actual equipment itself was a one-way communication device that only accepted NCA (National Command Authority) messages (i.e. it could not send anything) and, because all the messages received over the system were classified as TS/SCI, they were not “electronically stored” anywhere.

The equipment used a teletype style interface (i.e. there was only a keyboard and printer) and it printed every message it received (or any of the various commands we had to enter on the keyboard to “test” the equipment) onto a roll of paper with a TS/SCI classification stamp at the top and bottom.

When a roll of paper was replace, it also had to go into a special safe with the same “chain of custody” record stating who handled it and when.

1 user thanked author for this post.

OscarCP

Reply | Quote

In addition to the above, the military and other government organizations still are using lots of PCs, some of 2005 vintage or earlier and running Windows XP, that are likely to have those disks at risk of becoming useless if someone plays the Janet Jackson’s “Rhythm Nation” video in them:

https://slate.com/technology/2018/06/why-the-military-cant-quit-windows-xp.html

Excerpt:
“You’re dealing with a lot of [machines] that aren’t contained in a nice office,” says Romanosky. “They’re floating all over the seas and in the air and all around the world.” Unlike your average megacorporation, the Pentagon has to secure and update computer systems that support military operations and sometimes even directly control the navigation or weapons systems for tanks, warplanes, and warships.”

Those specialized computers—what Dion-Schwartz likes to call “Windows boxes”— are crucial for military operations on land, sea, and air. Some of the Windows boxes may help issue orders or communicate information about what’s happening during both active battlefield firefights and ordinary operations, such as a Navy warship on patrol. Others may directly integrate with weapons systems.

Such Windows boxes are usually hosting specialized software packages and sometimes integrated with middleware clients. What might normally be a simple upgrade turns into a far more complex challenge of making sure that all the related software and computer systems can also run smoothly with new Windows versions. The U.S. military may also need to pay additional money for upgrades and testing regarding such software and middleware—a necessary step to ensure nothing goes haywire at the wrong time. ”

The floppies themselves are a worry, because the data, code, etc. on them slowly “evaporates” with time and their cheap plastic also create problems:

https://www.arcserve.com/blog/data-storage-lifespans-how-long-will-media-really-last

Ex-Windows user (Win. 98, XP, 7); since mid-2017 using also macOS. Presently on Monterey 12.15 & sometimes running also Linux (Mint).

MacBook Pro circa mid-2015, 15" display, with 16GB 1600 GHz DDR3 RAM, 1 TB SSD, a Haswell architecture Intel CPU with 4 Cores and 8 Threads model i7-4870HQ @ 2.50GHz.
Intel Iris Pro GPU with Built-in Bus, VRAM 1.5 GB, Display 2880 x 1800 Retina, 24-Bit color.
macOS Monterey; browsers: Waterfox "Current", Vivaldi and (now and then) Chrome; security apps. Intego AV

1 user thanked author for this post.

Alex5723

Reply | Quote

alejr: “Data updates were done using paper punch tape and a paper punch tape reader (which was a real PITA to use because you had to “manually” pull the tape thru the reader at “just the right speed” or you’d get a read error.)”

And when you dropped the reel and it run around on the floor, unspooling the paper tape … I’ve been there.

This whole thing, that I first learned about watching a detective TV show, is otherworldly and strange enough to have its own TV show, let’s say: “Stranger Gov. Computing Things.”

Ex-Windows user (Win. 98, XP, 7); since mid-2017 using also macOS. Presently on Monterey 12.15 & sometimes running also Linux (Mint).

MacBook Pro circa mid-2015, 15" display, with 16GB 1600 GHz DDR3 RAM, 1 TB SSD, a Haswell architecture Intel CPU with 4 Cores and 8 Threads model i7-4870HQ @ 2.50GHz.
Intel Iris Pro GPU with Built-in Bus, VRAM 1.5 GB, Display 2880 x 1800 Retina, 24-Bit color.
macOS Monterey; browsers: Waterfox "Current", Vivaldi and (now and then) Chrome; security apps. Intego AV

Reply | Quote

More about Rhythm Nation and vibrational resonance

‘Rhythm Nation’ is not alone. Playing 101 Monochrome Mazes would reliably crash the machine.

1 user thanked author for this post.

OscarCP

Reply | Quote

Could this be the real cause of her famous ‘wardrobe malfunction’ ? Resonant frequencies that jiggle loose clasps?? Some thing to look into. 😁

🍻

Just because you don't know where you are going doesn't mean any road will get you there.

Reply | Quote

Yes! The people want to know how and why that happened!

https://www.womenshealthmag.com/life/a38303393/janet-jackson-wardrobe-malfunction-super-bowl/

Ex-Windows user (Win. 98, XP, 7); since mid-2017 using also macOS. Presently on Monterey 12.15 & sometimes running also Linux (Mint).

MacBook Pro circa mid-2015, 15" display, with 16GB 1600 GHz DDR3 RAM, 1 TB SSD, a Haswell architecture Intel CPU with 4 Cores and 8 Threads model i7-4870HQ @ 2.50GHz.
Intel Iris Pro GPU with Built-in Bus, VRAM 1.5 GB, Display 2880 x 1800 Retina, 24-Bit color.
macOS Monterey; browsers: Waterfox "Current", Vivaldi and (now and then) Chrome; security apps. Intego AV

Reply | Quote

The entire world’s on fire and this is what we’re discussing in a security forum?

Reply | Quote

It’s an official US government vulnerability: CVE-2022-38392 Detail

Windows 11 Pro version 22H2 build 22621.2361 + Microsoft 365 + Edge

1 user thanked author for this post.

OscarCP

Reply | Quote