I think part of the issue is even the companies that do train their more "general" employees on good cybersecurity practices, most people just shrug it off as another "check-in-the-box corporate training session" and just want to get on with their day, or it's "not my problem", or "we won't get hacked, or any excuse really.I think the IT Security world has or will need to start a shift from reactive security, to pro-active training for ALL staff. The entire population needs to know how to identify malware threats to cut down on this kind of stuff.
P.S. - if it wasn't stated clearly in this article, nearly all (or all?) side-channel attacks need some form of malware to compromise the computer to gain access to the data. This means training people to identify the threats instead of relying on anti-virus suites for zero day threats.
That's not remotely realistic for many people whose job it is to develop software.What this mean is that companies prevent installation of any programs to work computers.
No. My employer already uses Microsoft's cell phone security software (I think it's called InTune?). It's already so onerous that I refuse to run it on my personal phone. If they want me to access company resources from a cell phone, they'll have to buy me one.This same thing most likely could be done to cell phones...
I don't know if it was under the same program, but a guy I knew who worked in a lab that did DoD or DARPA research described how their CRT monitors basically had to be in Faraday cages. Annoyingly, it meant looking though a wire mesh that was the equivalent of a window screen.When I was in the military they had a acronym term for it: TEMPEST (Telecommunications Electronics Materials Protected from Emanating Spurious Transmissions).
Did it work on the same principle of altering the CPU's clock speed?This technically isn't anything new, we knew it's possible to do it on CPUs around 10 years ago,
I have to imagine there are ample opportunities considering the number of extemely high frequencies clocks and data paths inside of computers that could be monitored by any of the sensitive RF receivers and spectrum analyzers that are readily available. We don't make it hard, either, as we now use cases with windows for side panels and open-air cases even. And we've even removed the ferrite beads from cables (those lumps you often saw close to the connectors) that attenuated the signals before they could be conducted outside the case.Did it work on the same principle of altering the CPU's clock speed?
What surprised me about this is that I expected it to involve running shader programs that modulated a signal through alternating between running loops and idling. I didn't expect it would be as simple as just manipulating the base clock frequency.