Re: Shoulder Surfing becomes Shoulder Listening...

[Gadi Evron <ge () linuxbox org>]

Hackling, Matthew (AU - Melbourne) wrote:
> Well here's some james bond type stuff...
>
> We all remember tempest and EMR interception......well wait for it!
>
> Researchers were able to identify text typed by listening and analysing
> the noise that the keyboards made...
>
> With twenty trials they captured:
>
> 90% of 5 character passwords
> 77% of 8 character passwords
> 69% of 10 character passwords
>
> I can see the spooks loving this, using their laser listening devices to
> capture logons/passwords etc.

Side channel attacks are not new. You can listen to the keyboard, cpu, 
hdd, etc. You can go with EM radiation. You can use a telescope to view 
through a window a reflection off a wall. All you have to do is Google. :)

But yes, side channel attacks are cool. Thing is, there are usually 
*much* easier ways of doing things.

A Trojan horse can also be considered a side-channel attack if we are 
talking encryption, which is exactly the difference between how crypto 
guys and security guys think.

If you ask a crypto guy what the best way of breaking RSA is, you'd get 
a complicated answer with if's, maybe's and math. If you ask a security 
guy (or in this case, me), I'd just say use a Trojan horse.

For crypto guys, once an algorithm is found weak it is no longer trusted 
and they try and develop new ones, which is good for their science. As 
security people the more vulnerabilities are found and fixed the more 
secure we feel (except for worrying that the coders suck and the holes 
will keep showing).

Back to side-channel attacks, try Googling for what Adi Shamir has to 
say on them. I love this subject. It's way cool.

        Gadi.