Doesn't appear so, as there were a lot of experimental constraints...
The attacks demonstrated in the paper require a significant amount of prior knowledge and specific circumstances in order to work:
1) The make and model of the target laptop
2) Knowledge of the computational task being executed on the target machine
3) Training data from the target machine
4) Unusual usage patterns by the user
The first two pieces of info can be acquired via surveillance and social engineering, the last two are much harder to achieve.
IMHO in a real world scenario, this leakage path is more usefull as adjunct to a primary attack vector. eg: being able to tell that a change in computational modality has occurred with course insight into the nature of that change
The key extraction is not any sort of actual practical attack. It is a pure demonstration of the principle. It is yet another example of the principle that leaks are leaks and that is is hard to know which ones are important. It strongly suggests that platforms should not transmit anything coupled to the internal operation of the platform. Why are audio systems (this one was Mumble) sending all this junk in the lower bits of the audio samples? Why not zero that out as part of the automatic gain control scheme? The receiver doesn't want to hear it anyway,
Brings me to ask: my mouse for some reason triggers a very high pitched low volume sound that seems to be coming from my Dell monitor whenever it is moved. I can hear it and it bothers me, but it might escape many others. No sound happens when the cursor is moved on the m1 laptop in between. Only the Logitech wired mouse seems to do that. It makes me wonder why something like that would happen? Could definitely be used to detect activity and it may just be the tip of the iceberg of operational sounds detectable in side channel attacks. Has anyone here noticed that happening on their setup?
Not a mouse, but one and only one of my monitors at work will emit a high pitched whine when certain excel spreadsheets are open, but only when the window is sized to about 75% or more of the screen space.
My guess is that the leak is not at all electromagnetic but just electric in the form of power supply noise. Doing audio using a power supply rail that is also attached to something digital is hard and it is easier and cheaper to not care that much.
7 comments
[ 3.1 ms ] story [ 30.6 ms ] threadThe attacks demonstrated in the paper require a significant amount of prior knowledge and specific circumstances in order to work:
1) The make and model of the target laptop
2) Knowledge of the computational task being executed on the target machine
3) Training data from the target machine
4) Unusual usage patterns by the user
The first two pieces of info can be acquired via surveillance and social engineering, the last two are much harder to achieve.
IMHO in a real world scenario, this leakage path is more usefull as adjunct to a primary attack vector. eg: being able to tell that a change in computational modality has occurred with course insight into the nature of that change