<p dir="ltr">There was also an attack trough measurements on the electric ground connection, and in theory you can also get past that level of noise with an array of microphones and an FPGA. </p>
<p dir="ltr">- Sent from my phone</p>
<div class="gmail_quote">Den 20 dec 2013 20:41 skrev "Lee Azzarello" <<a href="mailto:lee@guardianproject.info">lee@guardianproject.info</a>>:<br type="attribution"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div dir="ltr">Indeed the lab tests are interesting but the FAQ confirms the frequency range and signal amplitude can be covered by "wide band noise". I have a suspicion this would not work in a data center due to the high amplitude noise emanations from various components of cooling equipment as well as crosstalk from dense racks. I'll do a frequency analysis of one of my colo centers next time I'm there. If that checks out most servers are out of the target range. What's left?<div>
<br></div><div>-lee<br><br>On Thursday, December 19, 2013, Natanael wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">That makes me curious - can NSA control all these Xbox One's and their<br>
Kinects? Because those things have fairly good microphones. As well as<br>
the Wii's, their controllers have microphones built in too. And then<br>
there's the SmartTV:s. And then there's also the old stories about how<br>
some phones can get their microphones triggered remotely via the<br>
baseband exploits.<br>
<br>
Hardware switches for all input devices, anyone?<br>
<br>
Fortunately the attack is currently only plausible for devices that<br>
perform cryptographic operations all day with the same set of keys, so<br>
it "only" really applies to servers rather than most home electronics.<br>
<br>
On Wed, Dec 18, 2013 at 4:36 PM, Nathan of Guardian<br>
<<a>nathan@guardianproject.info</a>> wrote:<br>
><br>
> >From GnuPG:<br>
> <a href="http://lists.gnupg.org/pipermail/gnupg-devel/2013-December/028102.html" target="_blank">http://lists.gnupg.org/pipermail/gnupg-devel/2013-December/028102.html</a><br>
><br>
> "The second attack is more serious. Â It is an adaptive chosen ciphertext<br>
> attack to reveal the private key. Â A possible scenario is that the<br>
> attacker places a sensor (for example a standard smartphone) in the<br>
> vicinity of the targeted machine. Â That machine is assumed to do<br>
> unattended RSA decryption of received mails, for example by using a mail<br>
> client which speeds up browsing by opportunistically decrypting mails<br>
> expected to be read soon. Â While listening to the acoustic emanations of<br>
> the targeted machine, the smartphone will send new encrypted messages to<br>
> that machine and re-construct the private key bit by bit. Â A 4096 bit<br>
> RSA key used on a laptop can be revealed within an hour."<br>
> _______________________________________________<br>
> Guardian-dev mailing list<br>
><br>
> Post: <a>Guardian-dev@lists.mayfirst.org</a><br>
> List info: <a href="https://lists.mayfirst.org/mailman/listinfo/guardian-dev" target="_blank">https://lists.mayfirst.org/mailman/listinfo/guardian-dev</a><br>
><br>
> To Unsubscribe<br>
> Â Â Â Â Send email to: Â <a>Guardian-dev-unsubscribe@lists.mayfirst.org</a><br>
> Â Â Â Â Or visit: <a href="https://lists.mayfirst.org/mailman/options/guardian-dev/natanael.l%40gmail.com" target="_blank">https://lists.mayfirst.org/mailman/options/guardian-dev/natanael.l%40gmail.com</a><br>
><br>
> You are subscribed as: <a>natanael.l@gmail.com</a><br>
_______________________________________________<br>
Guardian-dev mailing list<br>
<br>
Post: <a>Guardian-dev@lists.mayfirst.org</a><br>
List info: <a href="https://lists.mayfirst.org/mailman/listinfo/guardian-dev" target="_blank">https://lists.mayfirst.org/mailman/listinfo/guardian-dev</a><br>
<br>
To Unsubscribe<br>
    Send email to:  <a>Guardian-dev-unsubscribe@lists.mayfirst.org</a><br>
    Or visit: <a href="https://lists.mayfirst.org/mailman/options/guardian-dev/lee%40guardianproject.info" target="_blank">https://lists.mayfirst.org/mailman/options/guardian-dev/lee%40guardianproject.info</a><br>
<br>
You are subscribed as: <a>lee@guardianproject.info</a><br>
</blockquote></div>
</div>
</blockquote></div>