Israeli researchers unveil spy bread
Tel Aviv University researchers have demonstrated they can steal computer encryption keys without even needing to touch the computer. PITA, or Portable Instrument for Trace Acquisition, is an inexpensive set of easily available equipment, and a delicious pita, that when placed near a laptop, can crack widely used encryption that secures our electronic communication within seconds.
Electronics, like a smartphone’s CPU or a monitor cable, emit little bursts of radio waves when in operation. The Israeli researchers found that they could use a consumer-grade USB radio dongle, an Android TV stick, and a smartphone, to crack GnuPG, a popular encryption suite. Putting it on a pita emphasizes how compact their setup is. The researchers worked with the GnuPG team to fix this vulnerability, but people often forget or don’t update their software. They will be presenting their work at the CHES 2015 in September.
In 1982, the NSA published a mostly secret set of standards called TEMPEST, to secure against eavesdropping by these indirect methods. Many believed this highly sophisticated attack was only available to government spy agencies. However, in 1985, Dutch researcher Wim van Eck showed that he could read inexpensively read a computer monitor from hundreds of meters. As technology has advanced, these types of attacks will become easier and more common.
Journalists, beware that gyro. There may be more than white sauce and lamb inside.