An intriguing and novel eavesdropping technique has been disclosed by a group of German scientists, who describe and demonstrate in their paper “Compromising Reflections, or How to Read LCD Monitors Around the Corner” (warning: PDF download) how your monitor screen can be read from a distance, by pointing a telescope at its content reflected in nearby objects. Teapots, spoons, plastic bottles, glasses and even the surface of the user’s eye offer sufficient quality for text on the screen to be intelligible, even at long distance.
Many passive techniques have been employed in the past to non-intrusively grab data from computers, all with a very low risk of detection. 30 years ago, cathode-ray tube emissions were being sniffed, and the screen content reconstituted, by those engaged in military and industrial espionage. Shielding the tube and cables helped put a stop to this exploit. Keyloggers, hardware or software, run the risk of being detected, but techniques to analyze the sound of individual key clicks and recover typed content are well-known; an interesting paper is that by Asonov and Agrawal. Indeed, extracting information using acoustic cryptanalysis has even fuelled a TV writer’s fevered imagination.
Michael Backes, Markus Dürmuth, and Dominique Unruh from Saarland University in Saarbrücken, Germany, used an inexpensive camera and telescope, costing together less than $1500 and available off-the-shelf, to view reflected 12-point Word documents from a distance of 10 metres (33 feet). Smaller font text could be viewed from closer distances, with a longer exposure time, or if reflected from a less curved surface, such as a user’s pair of glasses. The 10 metre distance can be extended to over 30 metres (about 100 feet) with a $27,500 telescope.
But never fear, The Internet Patrol has great news for the paranoid. Firstly, you’re likely to notice someone maneuvering a cumbersome 3-feet long telescope and camera combination 15 feet from your coffee shop seat, and so you’re unlikely to be compromised in such a situation. Secondly, if the bad guy is extraordinarily persistent and positions their telescope twice as far from your coffee shop seat, the telescope has to have a diameter twice as large, and this typically means twice as long and likely more than twice as expensive. So for now you’re likely to be safe, indoors and outdoors. At least, you’ll be safe until these three complete their current experiments, in which they’re looking at diffuse reflections from walls or clothes, and reconstituting the image from these. If these experiments are successful, we’ll have to all work indoors with the curtains closed.
The Internet Patrol is completely free, and reader-supported. Your tips via CashApp, Venmo, or Paypal are appreciated! Receipts will come from ISIPP.
CashApp us
Venmo us
Paypal us
