Not using coffee shop Wi-Fi no guarantee against snooping
09 Jan 2015
People who think they need have no security concerns working from coffee houses if they do not use the public Wi-Fi connection need to think again. Also the smartphone they carry is even more vulnerable to snooping.
It is now possible for today's coffee shop hackers to spy `by analysing the low-power electronic signals from a laptop or smartphone even when not connected to the internet.
The race was now on to plug the information 'leaks' however, the first challenge was finding out where they originated. Georgia Institute of Technology engineers who are working on the problem, have developed a metric for measuring the strength of the leaks - known technically as "side-channel signal" - to help prioritise security efforts.
People were focused on security for the internet and on the wireless communication side, but at Georgia Tech researchers were concerned with what could be learned from one's computer without it intentionally sending anything, according to Alenka Zajic, an assistant professor in Georgia Tech's School of Electrical and Computer Engineering.
He added, even if one had the internet connection disabled, the computer was still emanating information that somebody could use to attack one's computer or smartphone.
Meanwhile, it had long been known that subtle electronic fields and noises emitted by computers could reveal clues about people's activity, a powerful method of spying that can be undertaken from a few feet away, cio.com.au reported.
These so-called "side-channel signals" could be collected by antennas or microphones and through analysis could reveal sensitive data such as encryption keys.
Though it was not know whether spy agencies were already using these methods, many academic studies outlining potential attacks suggested it was probably a growing part of signals intelligence.
Researchers from the Georgia Institute of Technology had launched a three-year project study how these electronic signal leaks could be prevented by redesigning hardware and software.
According to Milos Prvulovic, an associate professor with Georgia Tech's School of Computer Science, his team had been looking for potential vulnerabilities in applications or hardware designs that might make such signals collection easier.
Prvulovic said in a phone interview yesterday that he did not want to demonstrate an attack in order to be able to defend against it. He added, then defenders were always playing catch up with the attackers.
Read more: Researchers work to counter a new class of coffee shop hackers