Cybersecurity

5956 readers

333 users here now

c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.

THE RULES

Instance Rules

Be respectful. Everyone should feel welcome here.
No bigotry - including racism, sexism, ableism, homophobia, transphobia, or xenophobia.
No Ads / Spamming.
No pornography.

Community Rules

Idk, keep it semi-professional?
Nothing illegal. We're all ethical here.
Rules will be added/redefined as necessary.

If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.

Learn about hacking

Hack the Box

Try Hack Me

Pico Capture the flag

Other security-related communities [email protected] [email protected] [email protected] [email protected] [email protected]

Notable mention to [email protected]

founded 2 years ago

MODERATORS

kid

[email protected]

Researchers Details How Hackers Can Steal Passwords via HDMI Cables (gbhackers.com)

submitted 5 months ago by kid to c/cybersecurity

7 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 6 points 5 months ago* (last edited 5 months ago) (1 children)

https://arxiv.org/pdf/2407.09717

The paper- Deep-Tempest

https://en.wikipedia.org/wiki/Tempest_(codename) Tempest 2 - Bugaloo

Old tempest used the electronic noise from the CRT itself to decode the signal, this paper is interesting in that it uses the HDMI cable as the transmission source, which is really cool!

I highly recommend the paper, if this threat factors into your activities some thoughts come to mind

Use a Skif
Use a shielded HDMI cable and ground the shield
Use a self contained laptop (and ground it) for your very sensitive data (less cable length, less radio transmission loops)
Don't display passwords on your screen unless absolutely necessary

[–] [email protected] 5 points 5 months ago (1 children)

Besides, with the next Windows 11 on computers with a neural network chip, co pilot will be taking screenshots regularly to send to an AI. So you'll want to not display any passwords at all.

[–] [email protected] 2 points 5 months ago (1 children)

I can't imagine a single corporation or government that wont cut a tattle tale like co-pilot out of its system... imagine the data-leak, ransom-ware, possibilities! HIPPA violations for everyone

[–] [email protected] 3 points 5 months ago* (last edited 5 months ago) (1 children)

Yeah for some reason I don't see it making its way to builds of Enterprise LTSC or Server (esp. not Server Core.)

[–] [email protected] 3 points 5 months ago (1 children)

No it's definitely a desktop feature. Not for servers. There will probably be a way to disable it in pro versions. But for the everyday users? Nah. They'll siphon all the information they can to sell it.

[–] [email protected] 3 points 5 months ago

Can you imagine microsoft one-drive exfiltrating HIPPA data to MS cloud with their "opt-out" auto-enabling?