I used this again just the other day with the cantor.dust plugin. My rev.eng skills are dull and were never great to begin with, but for anything below a real APT with obfuscation, runtime decoding and unpacking, Ghidra is an equalizer. Between this and Chef from gchq, someone with devops skills can probably skill up to an entry level threat analyst level in a few weeks or months. The tooling available today is really good.
If people are worried about running systems backdoored by NSA, they probably shouldn't use things like electricity either. It's a threat actor you can't really do anything about.
It was a wry comment about emanations security and TEMPEST (https://en.wikipedia.org/wiki/Tempest_%28codename%29), which people think about mainly for CRTs, with the implication I have no doubt there exist methods for remote differential power analysis of crypto operations as well.
I think their point is that it's either so futile to attempt, or so unlikely an issue, that the NSA targets US civilians that living off the grid is lower hanging fruit from an absolutist opsec perspective.
Some people like me, can hear data movement on PCB's. The electrical circuit has noise signatures which change if other data is injected by Ethernet over powerline equipment. The distance from which this works is quite large, up to a few houses with consumer hardware. Fear equipment with built-in LoFi.. that's reachable without cooperation of LAN equipment..
When you say you can “hear data movement on PCBs”, do you mean you have some kind of superhuman ability, or that you know how to use some combination of instrumentation and analysis to “hear” the data?
Depending on the particular PCB designs, there may be piezoelectric capacitors and magnetostrictive inductors that produce noises that ordinary, non-super, humans can easily hear. Of course the spectrum of these vibrations extends up into the GHz, but it generally also extends down to near DC, until the physical size of the components is too small to efficiently couple the vibrations into the air. (And PCBs, in particular, lower that high-pass frequency a lot, by providing a large, fairly rigid area that's soldered to a lot of surface-mount components.)
Typically DC-DC converters are the easiest thing to hear, because of the sheer amount of energy involved. Normally these are operated at PWM (pulse) frequencies well outside hearing range—40–300 kHz—but often enough the feedback scheme for controlling those pulses oscillates in a way that generates audible subharmonics whose frequency depends on the power draw at any given moment. Modern computers are full of DC-DC converters.
Also, though, it's common for computers to contain sensitive low-noise audio-frequency amplifiers connected to a periodic sample-and-hold circuit which can alias high frequencies down into the audio range, with the output hooked up to loudspeakers; these are called "sound cards" and it's not at all unusual for them to produce clearly audible sounds that depend on the computation happening, at least if you turn the volume up all the way.
Finally, regular, non-super, humans can directly perceive radio frequency emissions as sounds: "The human auditory response to pulses of radiofrequency (RF) energy, commonly called RF hearing, is a well established phenomenon. RF induced sounds can be characterized as low intensity sounds because, in general, a quiet environment is required for the auditory response... Effective radiofrequencies range from 2.4 to 10000 MHz." https://pubmed.ncbi.nlm.nih.gov/14628312/
So "hearing data movement" because of "noise signatures that change" is not at all unusual. You can probably do it yourself if you have a quiet room to listen in. It's plausible that Ethernet-over-powerline equipment could produce audible sounds from the power supplies in the same house or nearby houses, but I haven't observed that myself and this is the first time I've heard of that happening.
If people are worried about running systems backdoored by NSA, they probably shouldn't use things like electricity either. It's a threat actor you can't really do anything about.