My uncle described the air gapped facility he worked in… when they said no EM out, they meant nothing in or out except humans and filtered air. It was behind dual interlocking nuclear blast doors and concrete. Even the water was sourced and recycled on site to prevent documents or capsules exfiltration via the sewer.
I would think that a much more likely exfiltration method (assuming a compromised employee) would be via a capsule in the metaphorical "prison wallet" rather than the sewer.
Can you bring in a lunch (is that a Coke bottle or a secret camera?)? Are there trash bins? If there is water, does that mean there are bathrooms (who does the restocking?)? Is there coffee?! Who/how do you get data into the network? Who/how do you get data out of the network? Can you bring in printed reference materials from a slightly less secure facility?
Bottom line: probably a huge pain in the butt if you have to work like that.
Honestly I’ve never asked him, this was me listening as a 12 year old at the dinner table as he ranted about another search as he went into work. Now I have questions haha.
Actually, it's probably the opposite. The searches are more than likely to make sure you're not bringing anything in that could exfiltrate data like a camera, usb drive, or even pen and paper.
I work in a similar, secure environment. We are not allowed to bring any items in other than our persons, smart card that we scan on enter/exit, and the clothes on our back. We have to leave the facility to use the bathroom, eat, drink, etc.
The typical SCIF is configured with the break room, bathrooms and maybe lockers outside of the secure perimeter, the "regular" office space. Along with a wall mounted shelf area for people to put their wallets and phones.
That just blew me away! I didn't think I was going to hear anything, but yeah, immediately it gave an almost pulse-width modulated high pitch tone. I'm not surprised, but it is also awesome. I'm so many years old yet I can still hear the hum from CRT's, but I'd say that tone is much higher frequency.
Two meters seems like a pretty short distance to bypass an airgap.
At that point, in the kind of situation where someone is actively trying to exfiltrate data, couldn't they point their phone camera at a screen?
Like, maybe there are scenarios where the exit device is compromised without the wearer knowing, or the spy wants to remain discrete, but they seem a bit niche.
- It is possible that the airgapped system still has a publicly viewable screen displaying harmless information. But you use this technique to leak secret information from the system.
- If the authors established that 2m is the maximum distance that you can reliably leak information this way, then that is in principle useful information for someone designing the security system. No audio recording software allowed within 2m of the screen!
In some alternate timeline, there's yet another attack vector of noise from still-in-use floppy drives. (In addition to other less-obsoleted things like flatbed scanners.)
Much the same way that people have used them to make music.
Not an alternate timeline, I went to a blackhat talk that was exfiltrating data from airgapped computers with unconnected parallel port pins, printers (exact same thing as making them make music but faster and with EM), and other peripherals. At a usable distance of some meters too.
There's also a recent "RAMBO" paper about using code to control how memory is accessed so that standard DRAM chips/circuitry will emit decode-able radio signals, at least enough to extract private keys from otherwise air-gapped computers.
This author appears to be quite focused on side channel attacks against various computer components. It appears nearly all of his 32 publications are regarding side channel attacks.
I mean, that's how academia works. You find your niche and then publish a bunch of articles around it. Much harder to publish on a bunch of unrelated topics.
