Two bits of this paper seem important to me: first, they demonstrate a MASSIVE improvement over TEMPEST as implemented so far, by training a smallish network (trained on a single 3090). As in the output goes from “kinda works” to “looks completely readable”. That’s amazing, and a significant step forward in SOTA for eavesdropping on HDMI, at least for what’s in the public domain.<p>Second, the paper was written (and tech implemented) by people with significant signals experience - quite a lot of thought went into the design, and a CNN (the part they trained) is just one component of the stack - for instance, they run the output image through Tesseract at the end to do character recognition. I’m not sure how they manage gradient descent end to end, although they talk about it in the paper.<p>So, this is a practitioner’s paper, using some modern techniques for ‘the hard bit’ -> taking radio waves and turning them into an image.<p>I’d be really interested in seeing someone do this again ‘the dumb way’ by just creating a full end to end autodifferentiable stack and running it for longer. I’m sure it would take more training time, but the number of people in the world who could have come up with this idea and done the implementation is small, probably in the single digit thousands.<p>Using, e.g. Sonnet 3.5 or Lllama 3.1 to be like ‘design and implement an autodifferentiable tempest attacker for me’, and seeing where results are right now is the sort of benchmark that I think matters a lot to track progress on the ‘leverage’ part of AI — basically can tech like this be delivered to, e.g. 1 million people worldwide, rather than thousands, with the help of a large model?<p>Anyway, very cool.<p>Finally, I’ll point out the two mitigations they mention don’t seem likely to be successful to me: they suggest adding Gaussian noise to the signal, or adding more gradients in colors for images. The second is not going to happen, except in very high security environments. I don’t believe the first is resistant to extra network training against the mitigation.
Very interesting, will have to read that properly, the results look impressive.<p>I came across this paper 'Eye of Sauron: Long-Range Hidden Spy Camera Detection and Positioning with Inbuilt Memory EM Radiation' recently, which I thought was extremely clever too.<p>(<a href="https://www.usenix.org/system/files/sec24fall-prepub-357-zhang-qibo.pdf" rel="nofollow">https://www.usenix.org/system/files/sec24fall-prepub-357-zha...</a>)
Here's the Github repo.<p><a href="https://github.com/emidan19/deep-tempest">https://github.com/emidan19/deep-tempest</a>
Maybe you find this interesting as well:<p><a href="https://www.windytan.com/2023/02/using-hdmi-radio-interference-for-high.html" rel="nofollow">https://www.windytan.com/2023/02/using-hdmi-radio-interferen...</a>
Finding out about differential power analysis had me wondering about mains -> motor -> vibration-damped coupler -> dynamo -> top secret loads, as a way to protect against analysis of said loads by household smart meters.
Eavesdropping EMI on DisplayPort <a href="https://youtu.be/ipxi_PO8_Uk?feature=shared" rel="nofollow">https://youtu.be/ipxi_PO8_Uk?feature=shared</a><p>How well DPCP and HDCP work against these attacks?
Wasn't this something that was also revealed by Snowden to be a technique in wide-spread use within the NSA's little community of human-rights abusing miscreants?