RE: Shoulder Surfing becomes Shoulder Listening...

["Jeremy Richards" <jrichards () ncircle com>]

I am simply amazed at the amount of press this is getting right now...
So far I've seen it in Schneier's blog, Slashdot, various forums and
now, DD?

 

This type of attack has been well documented and proven long ago.  This
article, for example, was released a year and a half ago:
http://searchsecurity.techtarget.com/originalContent/0,289142,sid14_gci9
63348,00.html
<http://searchsecurity.techtarget.com/originalContent/0,289142,sid14_gci
963348,00.html> 

 

...ok, to make this (hopefully) an informational post rather then a
rant, here are some additional 'cool' readings:

 

1) Acoustic Cryptanalysis.
http://www.wisdom.weizmann.ac.il/~tromer/acoustic/
<http://www.wisdom.weizmann.ac.il/%7Etromer/acoustic/> 

"Adi Shamir, Eran Tromer have done some remarkable research into a side
channel
attack that is able to extract private RSA keys just by monitoring the
sound
output of your computer!"

2) Power Analysis.
http://www.cryptography.com/resources/whitepapers/DPA.html
<http://www.cryptography.com/resources/whitepapers/DPA.html> 

"DPA is a powerful tool that allows cryptanalysts to extract secret keys
and
compromise the security of smart cards and other cryptographic devices
by
analyzing their power consumption."

3) LED Leakage.
http://portal.acm.org/citation.cfm?doid=545186.545189
<http://portal.acm.org/citation.cfm?doid=545186.545189> 

"A previously unknown form of compromising emanations has been
discovered. LED
status indicators on data communication equipment, under certain
conditions,
are shown to carry a modulated optical signal that is significantly
correlated
with information being processed by the device....Experiments show that
it is
possible to intercept data under realistic conditions at a considerable
distance. Many different sorts of devices, including modems and Internet
Protocol routers, were found to be vulnerable."

 

Regards,

dyn

 

 

 

------------------------------------------

dyngnosis.blogspot.com

------------------------------------------

 

 

  _____  

From: Hackling, Matthew (AU - Melbourne)
[mailto:mhackling () deloitte com au] 
Sent: Thursday, September 15, 2005 7:56 PM
To: dailydave () lists immunitysec com
Subject: [Dailydave] Shoulder Surfing becomes Shoulder Listening...

 

Well here's some james bond type stuff...

 

We all remember tempest and EMR interception......well wait for it!

 

Researchers were able to identify text typed by listening and analysing
the noise that the keyboards made...

 

With twenty trials they captured:

90% of 5 character passwords

77% of 8 character passwords

69% of 10 character passwords

 

I can see the spooks loving this, using their laser listening devices to
capture logons/passwords etc.

 

http://www.cs.berkeley.edu/~tygar/papers/Keyboard_Acoustic_Emanations_Re
visited/preprint.pdf 

 

http://www.electromax.com/laser.html

 

 

 

Matthew Hackling B.Sc. (Security) CISSP

Client Manager

Security Services Group

Deloitte

Direct: +61 3 208 6610

Fax: +61 3 208 7001

Mobile: +61 402288599

mhackling () deloitte com au

www.deloitte.com.au

 

180 Lonsdale Street

Melbourne

Victoria

 



This email and any attachments to it are confidential. You must not use,
disclose or act on the email if you are not the intended recipient.
Liability limited by a scheme approved under Professional Standards
Legislation. Deloitte is a member of Deloitte Touche Tohmatsu (a Swiss
Verein). As a Swiss Verein (association), neither Deloitte Touche
Tohmatsu nor any of its member firms has any liability for each other's
acts or omissions. Each of the member firms is a separate and
independent legal entity operating under the names "Deloitte", "Deloitte
& Touche", "Deloitte Touche Tohmatsu", or other related names. Services
are provided by the member firms or their subsidiaries and affiliates
and not by the Deloitte Touche Tohmatsu Verein.