[144596] in cryptography@c2.net mail archive
Re: Physical security rather than crypto---but perhaps of interest
daemon@ATHENA.MIT.EDU (Darren J Moffat)
Thu Jul 16 08:28:11 2009
Date: Thu, 16 Jul 2009 09:54:14 +0100
From: Darren J Moffat <Darren.Moffat@Sun.COM>
In-reply-to: <02C5FB6CB7A34BDF92F74F973665B3FF@kayak5>
To: "'Cryptography'" <cryptography@metzdowd.com>
Charles Jackson wrote:
> http://news.bbc.co.uk/2/hi/technology/8147534.stm
>
> Chuck
>
> [Moderator's note: It is helpful, when posting a link, to give enough
> information that people can know whether they want to go and read the
> article. In this case, the title and first few sentences are:
>
> Snooping through the power socket
When I first read the article title I assumed it was going to be about
Ethernet over Powerlines and how they had weak or non existent crypto.
> Power sockets can be used to eavesdrop on what people type on a
> computer.
>
> Security researchers found that poor shielding on some keyboard
> cables means useful data can be leaked about each character typed.
>
> By analysing the information leaking onto power circuits, the
> researchers could see what a target was typing.
>
> The attack has been demonstrated to work at a distance of up to 15m,
> but refinement may mean it could work over much longer distances.
When I read this and my first thought was: "exactly how is this new
research or news ?" This is exactly the type of threat that TEMPEST
protection is intended to provide risk reduction for.
So yeah not new or news to some people but certainly scary for the masses.
Now to bring it back to crypto.... this shows the danger of assuming
that local "links" don't need to be encrypted and that cables are "more
secure" than wireless links (eg Bluetooth, WiFi etc).
--
Darren J Moffat
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
