GPG RSA key extraction via phone mic

FAQ on the Paper is here - http://www.cs.tau.ac.il/~tromer/acoustic/

It does sound like science fiction though doesn't it? accoustint has a long and storied history though, if you read the book spycatcher by Peter Wright the same method i.e. accoustic cryptanalysis was used against the Hagelin machines in the 50's

Yep - in 1950 they could figure out the settings of a crypto machine remotely with just an accoustic attack.

Reflecting on Channel 4's alternative christmas message by Snowdon -
http://www.channel4.com/news/edward-snowden-nsa-gchq-whistleblower-surveillance-spying

where he says,

“A child born today will grow up with no conception of privacy at all. They’ll never know what it means to have a private moment to themselves an unrecorded, unanalysed thought. And that’s a problem because privacy matters, privacy is what allows us to determine who we are and who we want to be.”

You do have to wonder that he might have a point, forget about what he did for a moment because I am certainly not a fan of his (he did betray his employers trust, he may have betrayed his country and a sizeable percentage of security (rather than privacy) people hate his guts because when you get hired to protect and defend you do undertake to protect and defend what you are asked to - regardless of your personal beliefs) if you dont like it quit, or resign without acting against what you signed up for))

Think about the difference between being able to make dumb mistakes as a child and not have them follow you the rest of your life via google, facebook, twitter etc. - that was the freedom you had had before the internet, unless you were unlucky enough to live in East Germany or a similarly unpleasant place - then think about the fact that in the public domain capability (i.e what you think can be done) for remote accoustic surveillance is catching up to the 1950's now (yes its an unfair direct comparison but its fair in the context of FOI)

Interestingly - the paper (which includes one of my all time hero's Adi Shamir (the S in RSA) was sponsored by the checkpoint institute (citation below)- you sort of have to ask why they wanted anyone to know this was possible or had advanced from the work that was published before?

Dunno....

This work was sponsored by the Check Point Institute for Information Security; by the Israeli Ministry of Science and Technology; by the Israeli Centers of Research Excellence I-CORE program (center 4/11); and by NATO's Public Diplomacy Division in the Framework of "Science for Peace".

Anyone who's ever used an AM radio in the vicinity of a PC knows that the interference emitted changes with the activity of the PC. Although this is audio, the principle is the same. This isn't really all that surprising, just another sidechannel attack, and easily enough obfuscated / defeated. The principle that the attack works on was demonstrated about ten years ago (although not to the point of actually cracking a cypher.)