No longer any need to speculate or wonder!
Here's the paper by researchers Michael Hanspach and Michael Goetz on engineering a transmission vector that can bridge the air gap. It's been published by The Journal of Communications:
On Covert Acoustical Mesh Networks in Air
Michael Hanspach and Michael Goetz
Fraunhofer FKIE, Wachtberg, Germany
Abstract—Covert channels can be used to circumvent system and network policies by establishing communications that have not been considered in the design of the computing system. We construct a covert channel between different computing systems that utilizes audio modulation/demodulation to exchange data between the computing systems over the air medium. The underlying network stack is based on a communication system that was originally designed for robust underwater communication. We adapt the communication system to implement covert and stealthy communications by utilizing the near ultrasonic frequency range. We further demonstrate how the scenario of covert acoustical communication over the air medium can be extended to multi-hop communications and even to wireless mesh networks. A covert acoustical mesh network can be conceived as a botnet or malnet that is accessible via nearfield audio communications. Different applications of covert acoustical mesh networks are presented, including the use for remote keylogging over multiple hops. It is shown that the concept of a covert acoustical mesh network renders many conventional security concepts useless, as acoustical communications are usually not considered. Finally, countermeasures against covert acoustical mesh networks are discussed, including the use of lowpass filtering in computing systems and a host-based intrusion detection system for analyzing audio input and output in order to detect any irregularities.
Index Terms—malware, network covert channels, wireless mesh networks, ultrasonic communication
Cite: Michael Hanspach and Michael Goetz, "On Covert Acoustical Mesh Networks in Air," Journal of Communications, vol. 8, no. 11, pp. 758-767, 2013. doi: 10.12720/jcm.8.11.758-767
Links:
Journal of Communications abstract page
here.
Article (PDF) direct link
here.
Interestingly (but not surprisingly) Linux already has some very powerful resources to deal with this new type of threat. From the paper:
If audio input and output devices cannot be switched off, implementation of audio filtering options may be an alternative approach to counter maliciously triggered participation in covert networks. In Linux-based operating systems, a software-defined audio filter can be implemented with ALSA (Advanced Linux Sound Architecture) in conjunction with the LADSPA (Linux Audio Developer’s Simple Plugin API) ...
Add in the relative ease of developing solutions, plus the large community of contributors, and it looks like Linux may be in better shape than most to resist this cyber-siren's call. Especially since so many in the Linux community see things like this not only as an affront, but also as a
challenge.
Tux and his team sez: Bring it on!
