Your conflating "serial bus" with serial transmission suggests that you don't even have the vocabulary necessary to participate in an informed discussion on the topic. Because of that I am kind of at a loss for where exactly to begin.
Here's a simplified start: all common network interfaces transmit serially at the physical layer - one bit at a time, wired ethernet, wifi, 3G/4G/LTE, WiMAX, fibre channel, dsl. None of them are inherently packetized at the very lowest level, they are all just a series of bits. Packetization is done through either synchronous clocking (fixed transmission periods) or, more commonly today, asynchronously via a special sequence of bits that indicate start/stop of a packet.
This is layer 1 of the OSI 7 layer model, we are not even talking packetization like a typical packet sniffer would see, that comes after the physical interface has decoded the transmission like OFDM and undone the 8b/10b then stripped off the bits that make up stuff like the preamble and frame delimiter in the case of ethernet.
Packet sniffers typically work at layer 2, where you can see things like MAC addresses or layer 3 where you see full-fledged IP packets. You run wireshark and you won't see things frame-start bits or the 8b/10b encoding because all that stuff is going on at a level that packet sniffers aren't intended for.
Any audio-based network system like Blurt and the suspected BadBios mechanism would be a full layer 1 implementation. They might do higher layers too or they might encapsulate IP packets and hand them off to the OS's network stack to handle, but the idea that "beeps" don't involve packets is pure ignorance of how modern datacomm systems work. It is ALL analog "beeps" at the lowest level, be it EM "beeps" or audio "beeps." Packetization occurs further up the stack.
Are you actually thinking before you say this? None of this is relevant to the claim being made and you're attacking a straw man. Let me make it really simple:
1. Play audio on one endpoint and record it from another
2. Open wireshark
YOU WON'T SEE THE AUDIO.
This is how he claimed to see it was communicating. Over IPv6 no less. IF it was happening, it wouldn't show up in a packet sniffer.
I am confused, do you mean that in the general case? That I should do that experiment right now and because wireshark won't show anything on my systems, that means whatever is going on with his systems is made up?
Yes. Whether your mic is picking up background noise, your own voice, or a legitimate modulated covert channel, wireshark is incapable of even attempting to pretend it's a network interface. At no point could this ever show up in wireshark.
I strongly suggest you try using a packet sniffer before you stubbornly engage in arguments about what they can and can't see.
I will send you $100 if you can configure wireshark to do what you describe. Using any of the tools in this thread, or any of your own, go ahead and try capturing even 1 packet from an audio interface in wireshark and post the pcap file.
It's not over anyone's head - we have interns who understand why this doesn't work. I have no idea why you might think it would.
Here's a simplified start: all common network interfaces transmit serially at the physical layer - one bit at a time, wired ethernet, wifi, 3G/4G/LTE, WiMAX, fibre channel, dsl. None of them are inherently packetized at the very lowest level, they are all just a series of bits. Packetization is done through either synchronous clocking (fixed transmission periods) or, more commonly today, asynchronously via a special sequence of bits that indicate start/stop of a packet.
This is layer 1 of the OSI 7 layer model, we are not even talking packetization like a typical packet sniffer would see, that comes after the physical interface has decoded the transmission like OFDM and undone the 8b/10b then stripped off the bits that make up stuff like the preamble and frame delimiter in the case of ethernet.
Packet sniffers typically work at layer 2, where you can see things like MAC addresses or layer 3 where you see full-fledged IP packets. You run wireshark and you won't see things frame-start bits or the 8b/10b encoding because all that stuff is going on at a level that packet sniffers aren't intended for.
Any audio-based network system like Blurt and the suspected BadBios mechanism would be a full layer 1 implementation. They might do higher layers too or they might encapsulate IP packets and hand them off to the OS's network stack to handle, but the idea that "beeps" don't involve packets is pure ignorance of how modern datacomm systems work. It is ALL analog "beeps" at the lowest level, be it EM "beeps" or audio "beeps." Packetization occurs further up the stack.