back to article On her microphone's secret service: How spies, anyone can grab crypto keys from the air

Discerning secret crypto keys in computers and gadgets by spying on how they function isn't new, although the techniques used are often considered impractical. A new paper demonstrates this surveillance can be pretty easy – well, easier than you might imagine – to pull off, even over the air from a few metres away. We all …

  1. Roq D. Kasba

    Clever stuff

    That's very clever, someone found a genuine use for a pita bread.

    1. asdf
      Trollface

      Re: Clever stuff

      Now if they can do something with puffed rice cakes I'll really be impressed.

    2. Anonymous Coward
      Anonymous Coward

      Re: Clever stuff

      It's a handy repository for a small steak.

      1. asdf

        Re: Clever stuff

        To suck up the yummy juices perhaps but still would have to reduce the price by 90% or so to even think twice about that. Besides as a Yank that still sounds like a job for Wonderbread.

  2. cantankerous swineherd

    am I alone in thinking a tinfoil hat is essential equipment?

    1. Dave 126 Silver badge

      Well yes, but the article referred to it as a parabolic dish. If you put it on your head it won't work!

    2. Dan 55 Silver badge

      Yes, and afterwards you can heat your pita bread in it.

      1. Dave 126 Silver badge

        If you wear a tin foil hat, a duck-tape belt and a wrist-band of self-amalgamating tape then you'll have the materials at hand to deal with most situations!

        1. Blofeld's Cat
          Coat

          "... to deal with most situations ..."

          Most situations yes, but presumably not the Noodle Incident.

          1. Dave 126 Silver badge

            Well obviously. I wouldn't have escaped the Noodle Incident relatively unscathed had I not fashioned an antenna from the underwire of my companion's bra. But we don't talk about that.

        2. TeeCee Gold badge
          Coat

          Only if you pee WD40....

    3. Anonymous Coward
      Black Helicopters

      > am I alone in thinking a tinfoil hat is essential equipment?

      Hold on...

      ... okay, I've just scanned the thoughts of the the people currently around you and you're right - you are the only one thinking that a tinfoil hat is required.

    4. phuzz Silver badge
      Boffin

      Tinfoil hats actually amplify the frequencies that the US military uses for mind control satellite communications.

  3. David Roberts

    OT

    Shortly after a small burst of pride when noticing I had a silver badge I have now noticed that nearly everyone else has one.

    1. Rich 11

      Re: OT

      I haven't.

    2. imanidiot Silver badge

      Re: OT

      It seems the average commentard builds upvotes at rougly the same speed. So anyone that was around when the badges were instituted is reaching the silver requirement at pretty much the same time.

      1. Uncle Slacky Silver badge

        Re: OT

        Mine has disappeared and reappeared at least twice - I think you have to sustain a minimum posting rate in order to retain/regain your badge.

        1. Roq D. Kasba

          Re: OT

          I think it's a manual process, someone gets round to it every 6 months or so. I changed name and lost it, recently it was re-awarded to my new name (despite being the same account and having ~10k upvotes).

          1. Anonymous Coward
            Anonymous Coward

            Re: OT

            I don't have one.

            Anyway I want one encrusted with jewels.

            1. allthecoolshortnamesweretaken

              Re: OT

              If you get the jewel-encrusted badge, will you add a coat of black enamel for stealth?

  4. hazzamon

    Would storing encryption keys of a smartcard help alleviate this attack?

    After all, smartcards generally have no coils to whine...

    1. Anonymous Coward
      Anonymous Coward

      Re: Would storing encryption keys of a smartcard help alleviate this attack?

      Don't think so - from context it's the processor munching on the numbers that produce the whine, so it wouldn't really matter where those numbers are drawn from.

  5. JeffyPoooh
    Pint

    4096-bits in audio bandwidth

    Given that the routine is running at GHz and is presumably completing in much less than a second, that's not very many cycles of audio per bit of key.

    Some will comprehend the inherent difficulties, but then take this to be more reason to be impressed by the accomplishment. These days, as we're swimming in so much BS hype, a better reaction is to wonder how many unmentioned 'cheats' were required to generate this "proof" of concept.

    In any case, crypto code branches need to be balanced. Didn't everybody already know that?

    1. patrickstar

      Re: 4096-bits in audio bandwidth

      The actual entropy of a 4096 bit RSA key is a lot less than 4096 bit... that's why they are so big to begin with.

      As for balanced branches, you're much better off not having key dependent branches in the first place. Very doable atleast for ECC crypto.

    2. WatAWorld

      Re: 4096-bits in audio bandwidth

      "Given that the routine is running at GHz and is presumably completing in much less than a second, that's not very many cycles of audio per bit of key."

      I think you mean that the cycles on the computer should take longer than 1/20,000 of a second, the maxim frequency that humans can hear and that microphones and speakers designed for human ears can handle.

      Then there is that debye frequency, "The Debye frequency of a crystal is a theoretical maximum frequency of vibration for the atoms that make up the crystal".

      As a consequence, ultrasound at 1 or 2 MHz can only propagate in air over a distance of a few centimeters.

      But apparently somehow they've found a way around that. Maybe because the calculations require much more than one cycle to complete. I don't know. The mechanics of how would be interesting.

      Or maybe the ear piece mic is picking up the electrical impulses directly, rather than acoustically?

      I've pretty much forgotten the acoustics I learned in university, except for a few limitations that I've kept to remind me to consult an expert (recent EE grad) when they come up.

    3. computinghomer

      Re: 4096-bits in audio bandwidth

      Exactly. There is a lot of space between a hack that can be make to work if all the conditions are right and something that would actually work in say 50% of random setups. Somehow that info never makes in through.

  6. Lee D Silver badge

    Why is a Faraday cage not realistic?

    So long as it doesn't cover the radio parts (in a desktop, zero, in a laptop, the screen, in a phone, the radio?), it seems eminently sensible to put in a Faraday cage, and it doesn't have to be a solid block of metal if you choose the spacing correctly, and I reckon you could even double-up part of it as a heatsink, no?

    1. Anonymous Coward
      Thumb Up

      Mobile computing

      Most of these types of side-channel attacks only seem to work at short distances, like a few metres. Perhaps the answer is to stay out of your office, keep moving, and only work where there is no-one physically near to you. You would probably notice someone walking behind you and setting up a parabolic dish, a thermographic camera and a shotgun microphone whenever you stop.

      1. Dave 126 Silver badge

        Re: Mobile computing

        With acoustically transparent cloth - y'know, the sort of thing hi-fi speakers are clad with - a parabolic dish can be disguised as a suitcase. Or indeed, a loudspeaker.

        It appears on first thoughts that a easy enough countermeasure would be to generate noise - maybe just have your computer run through some redundant, unused crypto algorithms.

        1. JeffyPoooh
          Pint

          Re: Mobile computing

          Dave "...have your computer run through some redundant, unused crypto algorithms."

          Back in the late-1970s or very early-1980s, there was a 'Ghost' themed game for the Tandy Radio Shack Z80-based TRS-80 Model 3 / Model 4. The game's instructions included putting an AM radio near the computer, and music would be played. Yep, the EMI was that strong.

          The more interesting point is that the code, presumably single threaded, included music. Think about that.

          Imagine somebody trying to do a side channel attack, and the coder has included music or similar.

          There's an opportunity in this sort of concept. Somebody spends weeks doing a side channel attack, and they're successful in pulling out some key-like data. Later they realize it's not the key, but a rude joke involving parrots and nuns, etc.

          1. Alan Brown Silver badge

            Re: Mobile computing

            "Back in the late-1970s or very early-1980s, there was a 'Ghost' themed game for the Tandy Radio Shack Z80-based TRS-80 Model 3 / Model 4"

            Are you referring to Android NIM?

            "The game's instructions included putting an AM radio near the computer, and music would be played. Yep, the EMI was that strong."

            Which is why the FCC came down fairly hard on the early PC makers over emissions. I discovered my TRS80 was wiping out the neighbours' TV reception (low band VHF) only when they asked my parents if we were having trouble viewing XYZ programs (we had an external antenna, they were using bunny ears and the PC was a few metres away through 2 wooden walls, unshielded cables everywhere)

            1. WatAWorld

              Re: Mobile computing

              "Which is why the FCC came down fairly hard on the early PC makers"

              It is why today pretty much every piece of energized computer equipment made needs an FCC approval.

          2. Jeffrey Nonken

            Re: Mobile computing

            My college (NDSU) built an AM radio into an IBM 1620 computer and had a deck of cards that played "Flight of the Bumblebee". I was there in 1974, I don't know how long they'd had that set up.

            Alas, the code deck was randomized partway through, and nobody had the source. So it played perfectly for a while, then spit out some noise and stopped.

          3. This post has been deleted by its author

      2. Dave 126 Silver badge

        Re: Mobile computing

        >Why is a Faraday cage not realistic?

        If the encryption is being used to encrypt communications, then the computer has to be able to, er, communicate. If the connection to the wider world is wired, then okay, but a Faraday cage would stop any wireless RF data from being transmitted or received.

        You could, I suppose, have your Faraday-clad computer use light to communicate to a modem.

        1. Lee D Silver badge

          Re: Mobile computing

          Gosh, if only we could, e.g. put the radio outside the cage and join to it with a couple of wires? Then the encryption is behind the cage, and the radio is just a radio outside it.

          1. Dave 126 Silver badge

            Re: Mobile computing

            >Why is a Faraday cage not realistic?

            A Faraday cage wouldn't help. This attack works by listening to sound waves, not electromagnetic waves.

            A window pane protects you from the wind, but not from peeping toms. A lace curtain protects you from peeping toms, but not from the wind.

        2. Hans 1
          Facepalm

          Re: Mobile computing

          >You could, I suppose, have your Faraday-clad computer use light to communicate to a modem.

          Back to IR ? NOOOOOOO!!!!!!!

          Or have the antennas outside the cage ... for example, take a laptop .... Faraday cage as the casing of the mobo (e.g. where keyboard is etc), antennas around the screen (as is already today in most laptops) ... That is what the comment@rd up there was on about, or at least, how I understood it.

          On a desktop, same, get a Faraday-cage case and buy a USB dongle/PCI-e wifi card with external antenna (if you need wifi on your desktop) .... done.

    2. Anonymous Coward
      Anonymous Coward

      "Why is a Faraday cage not realistic?"

      Read TFA. This is about circumventing Faraday cages by using sound, which isn't stopped by electrical conductors.

      1. WatAWorld

        Re: "Why is a Faraday cage not realistic?"

        I'm not sure he is correct in his assumption that his device works by sound. See my other post about debye frequencies and the impossibility of transmitting 1 MHz sound, let alone 1GHz sound.

    3. Bill Stewart

      Faraday cages block electromagnetic signals; if I'm reading this article correctly, they're using audio to measure changing workloads.

      Paul Kocher's been doing various differential power and timing analysis things for years, all of which have told us that we need to do calculations in ways that take the same amount of work regardless of the keys, which means undoing some of the optimization methods for long-number arithmetic and such.

    4. Alan Brown Silver badge

      "Why is a Faraday cage not realistic?"

      Because they don't stop audio noise.

      Potting the regulator coils would help a lot but most makers don't do this.

    5. WatAWorld

      A metal case is a Farady cage.

      The issue is of course the cords and wires, which act like antennas outside the case.

      And for laptops the case is plastic. And if the case isn't plastic you have the screen.

      Engineering labs and US consulates have Faraday cages and acoustic isolation rooms.

      Depending on the frequencies it has to work over, it can be a coarse conductive net. Like the mosquito netting North American in north American windows. It can be conductive paint in your walls.

      But that won't shield from what is inside the cage. And that is probably the thing. A cage big enough to encompass your power and network cables would also encompass the eavesdropping device.

  7. brain_flakes

    How can that possibly work?

    I really can't imagine how this could possibly work. It surely can't be listening in on the CPU because that runs at many gigahertz, well above what you should be able to pick up with a mic. There's ram which is in the 100s of megahertz, but given that's accessed in parallel how could you pick out individual lines? Anyone got any idea what kind of signal they might be using, assuming it does work as they say it does?

    1. Christian Berger

      Just the same as thousands of other demos

      They are using fluctuations in power consumption of the CPU or security chips. No you won't get the key directly, but you will get hints to what your key is. And those hints can be enough to dramatically lower your search space.

    2. Anonymous Coward
      Anonymous Coward

      Re: How can that possibly work?

      That's some mankey old DDR2 RAM you must be using, to be clocked less than 1 GHz.

    3. a_yank_lurker

      Re: How can that possibly work?

      It does work from a technical view. For most people, I doubt this is much of a threat. However for certain people, think high ranking official or business leader, this might be a handy way to break into their accounts assuming you can get within a few meters for long enough.

      1. WatAWorld

        Re: How can that possibly work?

        But how can it work from a technical point of view.

        I get that a computer science person might think it would obviously work, but only if they didn't study acoustical and electrical engineering/physics.

        My guess is he's assume the mike only picks up sound, and that really it is picking up electrical impulses, as mikes will do.

        You just cannot say 10 GHz sounds, even 10 MHz sounds, can be transmitted through room temperature air without explaining how.

        Either something must reduce the frequency with which each bit is processed, or the transmission is electro magnetic. I'm a rusty on this, but that is how it seems to me technically.

        I would love to read the theories of someone who is actually up-to-date in the EE aspects of this.

        That said, I agree that this is not much of a threat to someone working in an acoustically and electrically noisy office.

        But people who need privacy often also end up with a fair degree of silence.

        And no matter what we do to prevent it, a dozen intelligence agencies around the world can capture our data. There is no privacy against the FSB, NSA, and so on.

        1. Anonymous Coward
          Anonymous Coward

          Re: How can that possibly work?

          I assume the signal received is not in the GHZ range. It is a much more smoothed out blur of the encryption/decryption key.

          However, just one or two hints in the direction of the key, reduces the search space many fold.

          ED, if I had a million long line of gibberish as a key, but you picked up that the first half is a higher value than the second half, then you've reduced the search space from "completely random" to "at least similar to this".

          With more data points, you can multisample too, so you can get down to smaller blocks of the key, and in the end (I assume) get like 100 small data points in the 4096bit key. Some saying "high" at this point, some saying "low" at others, possibly even "medium". Within this you search for the key, now within the computational power of your brute force server farm.

    4. Anonymous Coward
      Anonymous Coward

      Re: How can that possibly work?

      "Anyone got any idea what kind of signal they might be using, assuming it does work as they say it does?"

      Modern computers use switch mode power supplies in which DC-DC conversion is achieved via transformers running at a high frequency which still tends to be in the acoustic band. There are multiple SMPS in most modern PCs, for instance the programmable multiphase one which drives the CPU. Because these have very fast response to load changes, they generate lower frequencies which are a function of power consumption.

      The transformer actually vibrates due to the changing magnetic field, and creates sound. The amount of sound depends on how well it is constructed and secured. A lot of PC transformers now seem to have visible coils, for effective heat loss, and these I imagine will create more sound than fully encapsulated ones.

      I would have thought that if you were using a mobile phone, which runs off a true DC supply - the battery - this would be much less of an issue.

      1. Suricou Raven

        Re: How can that possibly work?

        Phones use DC-DC converters too. The battery voltage varies too much to drive anything directly, and a lot of the components run at very low voltage for power efficiency.

  8. Anonymous Coward
    Megaphone

    Does it work when you're blasting heavy metal at >100db?

    1. JeffyPoooh
      Pint

      "...heavy metal at >100db?"

      dB

      1. Paul Crawford Silver badge
        Headmaster

        Indeed it is dB, as in 1/10 of a Bel (after Alexander Graham Bell)

        If you prefer your logarithms more natural, try the Neper for size.

    2. emmanuel goldstein

      Only if it's AC/DC

  9. Anonymous Coward
    Anonymous Coward

    How?

    Can someone smarter than me explain how a CPU that operates in the billions of cycles per second range, can have any intelligible information about the instructions and branches it executes (presumably the only way to extract data about the contents of its registers) by the sounds it is making which are captured in a tens of thousands of cycles per second range?

    To me, it sounds like trying to decode a spoken conversation with a sample rate of one per minute... the orders of magnitude seem far too disjoint.

    1. JeffyPoooh
      Pint

      Re: How?

      "...smarter than me..."

      No guarantee on that point.

      "...explain..."

      We live in 'The Age of BS Hype'.

      At least 75% of these sorts of amazing news items are over-hyped nonsense.

      They (those penning the press release) always leave out important technical details that 1) enable it to 'work' at all, 2) make it perfectly impractical and 3) means it's far less impressive than you were led to believe.

      In this case, they probably wrote their own code, slowed it down, included instructions to pulse the power consumption, looped it a zillion times, synchronized summation somehow, etc. Things like that.

      They probably couldn't get a key out of your laptop, ever, even for a billion dollar prize,

      1. Julian Bradfield

        Re: How?

        It's in a refereed publication, one of the authors is Adi Shamir (as in RSA). I'd believe it's interesting, unless you're willing to read the paper to find out otherwise.

        1. JeffyPoooh
          Pint

          Re: How?

          Paper "...target is using the RSA algorithm to decrypt ciphertexts (sent to it by the attacker), the RSA secret key can be extracted within one hour for a high-grade 4,096-bit RSA key. "

          Not so much 'proof of concept', as 'proof of impractical'.

          But still, crypto code requires some attention to side channel attacks.

          The side channels should be emitting music or rude jokes.

          I can't wait until somebody does a rebuttal presentation showing that the 'secret key' that somebody else extracted from a side channel attack was actually a rude joke encrypted by ROT13.

          1. Anonymous Coward
            Anonymous Coward

            Re: How?

            To add to comments I made above, I assume it needs multiple key uses. If you get the "sound" at the beginning of the use, middle and end, you'll get 3 data points. Even if it took just one cycle to process, and our reading has lots of "noise" in it.

            That is an extreme example, but it's all time x computation power x stubbornness. ;)

            See http://ieeexplore.ieee.org/xpl/login.jsp?tp=&arnumber=882477

            There are also ways of detecting signals smaller than your sample rate. I cant think of the links off the top of my head, but it's used in things like astronomy to detect stars or even planets orbiting them with very few readings.

    2. This post has been deleted by its author

    3. Jeffrey Nonken

      Re: How?

      Patterns, people. Think patterns.

      Just because the main computation is at gigahertz frequencies doesn't mean there are no related patterns to be found at lower frequencies.

    4. Dave 126 Silver badge

      Re: How?

      Some posters above have had a good bash at explaining...

      Basically, the attackers aren't trying to get the key directly, but to reduce the number of 'guesses' required ('reducing the search space'). If you know what noises a computer system makes when performing encryption / decryption, then you can, over time, start to build a picture. So, to come back to your analogy:

      >To me, it sounds like trying to decode a spoken conversation with a sample rate of one per minute... the orders of magnitude seem far too disjoint.

      If the conversation was actually a looped snippet of speech, you could recreate it even at a sample of rate of 1Hz - if you had enough time. Note that in the article the attackers require an hour.

  10. hairydog

    I'm not convinced

    I don't think that this is possible. If it were, they would keep quiet about it. But the physics simply doesn't add up.

    I think this is a smokescreen for some reason or other. They want us to believe this is possible for some underhand purpose.

  11. Anonymous Coward
    Anonymous Coward

    Ok then

    Generating your keys remotely over SSH (on a VPS in another country) then wrapping them in PGP using a one time key to come back over the SSH tunnel sounds in order.

    Seriously when are we nerds going to get together to launch a satellite for encrypted comms?

    Its none-geographic. The feds cant kick the door in and its cold up there so we dont need a stupid gamer case to cool it.

    If they try and blow it out of the sky we win anyway as it will show Joe Public the lengths a government is prepared to go to in an effort to stifle speech.

    Ive got some wire coathangers, foil, rubber bands and a load of old RAM. Thats a start. Right?

    1. knelmes

      Re: Ok then

      "its cold up there so we dont need a stupid gamer case to cool it."

      Relying on space being 'cold' for cooling means with no air molecules for convection to work the processors would boil away pretty fast

      1. Anonymous Coward
        Anonymous Coward

        Re: Ok then

        Design the fins right and it can still radiate, can't it?

        1. knelmes

          Re: Ok then

          Yeah, but nowhere near enough. Even fanless systems tend to rely on hot air rising and being replaced with cooler air. Thread here about why a computer in a vacuum would be bad: http://www.overclock.net/t/553182/computer-in-a-vacuum

      2. Anonymous Coward
        Anonymous Coward

        Re: Ok then

        Fine. Lets work out how to create an atmosphere in space then. How hard can it be?

        Or to reduce heat from solar energy turn it off at night.

        Or send Tim Peake with his smug face and a piece of cardboard to fan it.

  12. Steve Knox
    Holmes

    What else was the target running?

    Shurely running any other computationally intensive* software parallel with the decryption would fool this device?

    * How intensive depends on many factors, and it may slow things down enough to piss off users. Hmm, maybe if you just allowed Microsoft's horrible search indexer service to run, you'd be immune to this type of attack...

    1. Anonymous Coward
      Anonymous Coward

      Re: What else was the target running?

      I think the problem is not that there is noise, they can adjust and work on that. It's that the computer is running unencrypted, in that it's power draw is subjective to the computation it is doing.

      Perhaps use a photonic CPU instead?

  13. Version 1.0 Silver badge

    Nice set of comments ...

    ... demonstrating why these sort of attacks continue to work - TEMPEST has been around for a long time now, it's serious business because unless you take extraordinary precautions then anything can be hacked - and if you've ever messed with this environment then you know that extraordinary precautions may not help you.

    1. Pascal Monett Silver badge

      Indeed

      Nothing makes the NSA's work easier than people not believing that it is possible in the first place.

      There's a lot I don't know about electronics, and I know nothing about how to sniff out CPU operations, but that doesn't mean I'm blind to the possibility.

      On the other hand, it would seem that this paper refers to a phone being left a foot away from my PC for an hour. I don't think that a top-level anybody is going to have an hour-long meeting with anybody else with them nonchalantly placing their mobile next to the laptop.

      Once again, a miracle in surveillance tech that is impractical in real life. Keep foreign mobiles away from your PC and you'll be fine. Because if the NSA is interested in you, you're screwed anyway.

      1. Kiwi

        Re: Indeed

        On the other hand, it would seem that this paper refers to a phone being left a foot away from my PC for an hour. I don't think that a top-level anybody is going to have an hour-long meeting with anybody else with them nonchalantly placing their mobile next to the laptop.

        And

        Keep foreign mobiles away from your PC and you'll be fine

        There is one issue with that - what if their phone that has been compromised? Ok, so they know not to log in to the company network with their phone due to the possibility of malware (and I guess it's safe to assume that CEO's are a target of some of this stuff), but if their phone is also acting as a mic for this sort of thing..

        Of course, you'd hope that those who have access to the sensitive stuff also don't take their phones into "clean" areas with them.

        Perhaps a defense against this sort of attack (if it really is feasible) is to have a number of machines working on such stuff in close proximity, so that the collective noise is enough to screw with anyone trying to snoop? Like conducting your "clandestine meetings" in a crowded bar where it is theoretically harder to eavesdrop (but watchers of 'Sue Thomas' would suspect the blonde chick at the other end of the room who is watching you quite carefully)

        1. Anonymous Coward
          Anonymous Coward

          Re: Indeed

          "Perhaps a defense against this sort of attack (if it really is feasible) is to have a number of machines working on such stuff in close proximity, so that the collective noise is enough to screw with anyone trying to snoop? Like conducting your "clandestine meetings" in a crowded bar where it is theoretically harder to eavesdrop (but watchers of 'Sue Thomas' would suspect the blonde chick at the other end of the room who is watching you quite carefully)"

          Actually, notorious Mafia don John Gotti used this technique to beat bugs. He'd conduct his sensitive meetings outside where all the ambient noise meant bugs wouldn't be able to make out the very soft muttering between them from everything else out there. This also defeated shotgun mics that tended to rely on window glass or a similar flat surface.

  14. emmanuel goldstein

    Rock on

    Surround yourself with very loud music whilst running encryption calculations. AC/DC seems appropriate.

    sorry, this joke has already been made.

    1. Loud Speaker

      Re: Rock on

      I think you will find that playing Angry Birds,or even Hunt the Wumpus would interfere with the power usage sufficiently to remove any risk of this working.

      However, for maximum security, you may need to watch porn videos at a high volume setting.

  15. slightly-pedantic

    Not in real world?

    If my reading of the paper is correct, the victim's computer has to be told to decrypt carefully formulated packets of data, in a pattern, over the course of the entire period for them to fall victim- that sounds really hard to pull off!

    They also mention various countermeasures- like acoustic shielding- however they don't mention doing anything about the power supply, like, for instance, putting (back?) in the proper smoothing capacitors!

  16. William Higinbotham

    Decoy

    Sometimes organizations come up with just enough falsehood to misdirect the fact that they are just able to crack the code with some new technique or flaw. Remember Tempest? http://fas.org/irp/program/security/tempest.htm

  17. Anonymous Coward
    Anonymous Coward

    Really?

    It might work well in a lab, as most TEMPEST attacks do. But in reality it's VERY hard to do it out in the real world, I for one am not going to be worrying about my communications or the communications of the organisation I work for being intercepted via this means. It would require a low noise floor for a start and that just isn't going to happen. What about in a room with a few human conversations, the hum from some other electronics, a couple of laptops and other computers...?

    And as I work in a room that has it's own Faraday cage, filtered power and is TEMPEST tested by some nice guys in a van every so often I do take this stuff seriously, I just don't believe it's that feasible in the real words.

    AC for reasons...

  18. CAPS LOCK

    Before I believe this I want to see it replicated by another, unrelated, group.

    This is like the popular press claiming that MMR caused this, that, and the other, on the back of a study published in the Lancet, without waiting to see if the results could be replicated.

    If another unrelated group can replicate this I'll START to think it isn't nonsense. Until then...

    1. Dave 126 Silver badge

      Re: Before I believe this I want to see it replicated by another, unrelated, group.

      If the countermeasures to this attack are cheap and easy to implement - just have your computer run some other encryption code to create noise - why not implement them, even if you are doubtful that the attack is viable? The only 'cost' is slightly greater power consumption. I for one can't be arsed, because i don't work with state-level secrets - I'm just not worth the effort! Those people who do have state secrets will have their computers administered by folk who are in a position to replicate this - if replicated it can be.

      Contrast this to the people who believed the trash about MMR, and as a result the lives of some people have been damaged.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like