Security researchers at Ben-Gurion University in Israel have found a way to lift data from closed networks using little more than a standard computer monitor and FM radio waves. It's a pretty clever trick: researchers have created a keylogging app called AirHopper that can transmit radio frequencies by exploiting the PC's display. A companion app on an FM-equipped smartphone can decode those transmissions and record the host machine's keystrokes in real-time.
It's not the first time FM radio waves have been used to smuggle data out of an air gap network, but this method can be done without PC connected speakers and without either device being connected to an outside network. Like previous methods, it has a fairly short range (about 7 meters) and can't transmit more than a few bytes a second, but that's more than enough to nab passwords or other sensitive text data. The group has already released a short video of the exploit in action, and intends to publish a more detailed paper on the subject at Malcon 2014 later this week.
http://cyber.bgu.ac.il/content/how-leak-sensitive-data-isolated-computer-air-gap-near-mobile-phone-airhopper
http://www.engadget.com/2014/10/29/fm-data-leaking/
(Score: 2) by Grishnakh on Thursday October 30 2014, @09:28PM
I heard this 20 years ago or so. However, displays then were not like today's displays: back then, they were CRTs, now they're all LCDs. The technology is fundamentally different, so I really wonder how well TEMPEST works on them.
(Score: 0) by Anonymous Coward on Thursday October 30 2014, @10:31PM
Marcus Kuhn [cam.ac.uk] has done some work on this, e.g. this paper [pdf] [cam.ac.uk]
(TL;DR: yes it works on LCDs, though the actual radio emission comes from the DVI/LVDS signals, not the display proper.)
He's also the guy who did the "Optical TEMPEST" research (which of course only affects CRTs) and other interesting stuff.