
How Hackers Can Steal Secrets from Reflections - makimaki
http://www.sciam.com/article.cfm?id=hackers-can-steal-from-reflections
======
chaosmachine
Reminds me very much of the recent "copying keys from photos" story:

[http://www.jacobsschool.ucsd.edu/news/news_releases/release....](http://www.jacobsschool.ucsd.edu/news/news_releases/release.sfe?id=791)

------
J_McQuade
I find it interesting that this sort of snooping is now being attributed to
'hackers' - even making the fairly safe assumption that they mean 'crackers'.

Really, a lot of this seems to be plain old espionage of the type that you
could easily imagine popping up in a 1960s spy serial. Interesting, for sure,
but not really the sort of clever manipulation that you would normally ascribe
to 'hackers'.

Now, the curious part of me wants to go off and think about whether this
seemingly false attribution is indicative of anything more significant in the
wider world... but the cynical part of me wants to seize the moment and start
marketing super-high-end non-reflective eyeglasses to paranoid executives!

------
3pt14159
I stopped reading after the first page. It is obvious that this article goes
over the top. "Reading your data by observing the flashing red LED on your
network switch," nonsensical.

~~~
kragen
You can extract several bits of entropy per typed character from network
traffic timing information. That's plenty to bring an exhaustive password-
guessing attack down into the feasible range, if you have some way to know
when a particular person is typing a particular password.

As a crude countermeasure, I leave about a second between adjacent characters
in a password when I am typing the password over a network.

------
wlievens
lo-tech Van Eck Phreaking, it seems

