Physical security rather than crypto---but perhaps of interest

[Darren J Moffat]

Charles Jackson wrote:
> http://news.bbc.co.uk/2/hi/technology/8147534.stm
> 
> Chuck
>  
> [Moderator's note: It is helpful, when posting a link, to give enough
> information that people can know whether they want to go and read the
> article. In this case, the title and first few sentences are:
> 
>    Snooping through the power socket

When I first read the article title I assumed it was going to be about 
Ethernet over Powerlines and how they had weak or non existent crypto.

>    Power sockets can be used to eavesdrop on what people type on a
>    computer.
> 
>    Security researchers found that poor shielding on some keyboard
>    cables means useful data can be leaked about each character typed.
> 
>    By analysing the information leaking onto power circuits, the
>    researchers could see what a target was typing.
> 
>    The attack has been demonstrated to work at a distance of up to 15m,
>    but refinement may mean it could work over much longer distances.

When I read this and my first thought was: "exactly how is this new 
research or news ?"  This is exactly the type of threat that TEMPEST 
protection is intended to provide risk reduction for.

So yeah not new or news to some people but certainly scary for the masses.

Now to bring it back to crypto.... this shows the danger of assuming 
that local "links" don't need to be encrypted and that cables are "more 
secure" than wireless links (eg Bluetooth, WiFi etc).

-- 
Darren J Moffat

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com