How White Hat Hackers Stole Crypto Keys from an Offline Laptop in Another Room

12 replies [Last post]
Alij
Offline
Joined: 05/07/2012
hack and hack
Offline
Joined: 04/02/2015

Interesting, thanks.

In this case, the attack relies on the electromagnetic outputs of the laptop that are emitted during the decryption process, which can then be used to work out the target's key.
So once this is miniaturized, and cheap, it would be a serious threat. That is, unless I coat my lappy with aluminium, like I do with my head :P

But seriously, that's the first sound defense that comes to mind (not the aluminium) : to prevent the electromagnetic outputs to leave too far.

Legimet
Offline
Joined: 12/10/2013

I guess it's time to move into a Faraday cage :P

loldier
Offline
Joined: 02/17/2016

Like Harry Caul (played by Gene Hackman) did in Coppola's film The Conversation.

https://en.wikipedia.org/wiki/The_Conversation

hack and hack
Offline
Joined: 04/02/2015

Haha, nice. Then mine is going to be exclusively made of microwave oven transparent windows. I'll call it "the login box". Hopefully I won't mix the cage with the real oven ("Why is my food still cold? And why does it smell like burnt plastic?).

On a more serious note, I see that faraway bags exist. I suppose it's like the anti-rfid sheets for id and credit cards etc. It looks like overkill for the average citizen, but I know nothing about it.

loldier
Offline
Joined: 02/17/2016

Snowden recommends a fridge for this purpose. Doesn't have to be plugged in the wall socket.

http://thelede.blogs.nytimes.com/2013/06/25/why-snowdens-visitors-put-their-phones-in-the-fridge/

If you are anything like Dean Martin, you could use a shaker.

"Another household object that functions similarly, Mr. Harvey has learned through his research into cellphone data transmission, is a stainless steel martini shaker."

hack and hack
Offline
Joined: 04/02/2015

Thanks for the tips :)

I also liked the basic idea of putting the phone under clothes, for blocking sound.

So there's one goal about blocking eavesdropping, and another to block electrical I/O during the decryption/login phase, providing cryptokeys stealing is already a common threat. One answer would be a hermetic and transparent faraway bag, thin enough to allow typing.
But anyway, that's James Bond-esque levels of privacy/security we're talking about here.

Alij
Offline
Joined: 05/07/2012

;)

image_thumb11.png
SuperTramp83

I am a translator!

Offline
Joined: 10/31/2014

:D

tin-foil1.jpg
hack and hack
Offline
Joined: 04/02/2015

lol, what is this from ?

onpon4
Offline
Joined: 05/30/2012

Signs.

hack and hack
Offline
Joined: 04/02/2015

Thanks. Unfortunately, it seems this is the best part of the whole movie.

On a related note, I found this : http://www.rinkworks.com/stupid/cs_paranoia.shtml

Aah, sweet, sweet idiocy :D !

Alij
Offline
Joined: 05/07/2012

In fact one of the best movies of Shyamalan ;)