How do I learn more about using RF to improve my privacy?

@MigratingtoLemmy · edit-2 1 year ago

How do I learn more about using RF to improve my privacy?

@[email protected] · 1 year ago

If someone wants to get your data that badly, they will threaten you with a hammer long before they waste time with RF sniffing.

Privacy is important, but you need to be aware of your risk profile, otherwise you’ll end up living in a cave in the woods.

If your data is really that important, then you should be speaking to your countries version of the NSA, it is their job to safeguard data (along with exposing others data, which leaves them in a bit of a catch-22 position, but they are the experts are protecting their own data)

@MigratingtoLemmy · 1 year ago

Thank you, and it is exactly as you say: I’m not doing anything worth any interest to the state. With that said, from what I can see, with just some experience and interest it would be trivial to see what I’m typing on my screen right now and I wouldn’t even know. I’d like to know more about how one can exploit RF, and then learn to secure myself, even if I display blatant signs of unwarranted paranoia in the process.

@[email protected] · 1 year ago

If you just want to learn, read the research:

https://www.cl.cam.ac.uk/~rja14/Papers/SEv3-ch19-7sep.pdf

https://arxiv.org/abs/2308.01074

Keep in mind that much of the research in this area is under ideal conditions (single target device, otherwise clean environments), and that adding more noise (more “target” devices, white noise on speakers etc) will mitigate most attacks. Ironically, protecting yourself may be as easy as doing your work from a very public place (lan cafe with dozens of active computers, computer lab), you just need to then ensure that you protect yourself from being physically snooped on.

In terms of protecting yourself, follow what your local NSA does. Build yourself a “SCIF”, an isolated room with sound insulation, and maybe RF insulation. Keep unknown people far away from from this room via physical security (doors, gates, locks, security systems), and only take trusted devices into the room (no phones, bluetooth devices, etc).

@MigratingtoLemmy · 1 year ago

Thank you for the material. And I agree with your point, the best idea would probably be to work from a public place with a lot of noise to obscure one’s actions.

@[email protected] · 1 year ago

TEMPEST style attacks are not practical outside of anechoic chamber because while your screen emits some radiation that does contain some data, so does everything else. Don’t bother too much about it

@MigratingtoLemmy · 1 year ago

Thanks, but would it be very hard to pinpoint the frequency at which the signals from the HDMI cable connected to my monitor are being emitted? Also, could one track/snoop on wireless keyboards using RF?

@sramder · 1 year ago

Like others said TEMPEST style attacks are possible but more of a novelty. It’s a much noisier world now.

Take a look at the NSA ANT catalogue that was leaked about 10 years back for more current thinking on exfiltrating people’s data.

Pick up a flipper-0 and play around. There’s a ton of insecure wireless keyboards/mice… it was almost a foot-note in one of the DEFCON videos I watched last month. Unfortunately I’m not sure which video :-)

There were several videos from this year’s conference on similar subjects, reverse engineering the Fasttrack system is probably a good ~1 hour way to start wrapping your head around the work involved.

@MigratingtoLemmy · 1 year ago

Thanks for pointing me towards the NSA ANT material, I’ll have a look!

I have been watching a few DefCon videos myself, and they have been quite entertaining so far. I had never heard of a flipper-0 before this either. Thanks for the tip on Fast track too!

@sramder · 1 year ago

Have fun, play safe, think about a ham license. It’s a good way to meet other experimenters with relevant experience.

@MigratingtoLemmy · 1 year ago

Thanks for the tips! Will do :)