Spy Pita Sandwich Steals Encrypted Data From Computers
This pita is full of electronics and designed to pilfer encryption keys from unsuspecting users. Drop the device — which has been dubbed PITA by its creators at Tel Aviv University — within two feet or so of a laptop and it’ll listen for the stray electromagnetic pulses being produced. Bit by bit it starts wirelessly harvesting data.
The team focused their efforts on GnuPG (or GPG): a free software implementation of PGP maintained by the GNU Project. It’s widely used, and it’s definitely not the kind of software you want to read about being exploited by a $300 wireless device (it’s little more than a Chinese HDMI stick PC and a radio dongle) the size of a pita.
GPG secures things like sensitive chat conversations, emails, and BitCoin wallets. Fortunately, the GNU folks have already issued an update that mitigates this particular attack. As long as everyone who makes hardware and software that relies on GPG has updated too, then there’s no need to panic.
Here’s where things get a bit more nerve-wracking. The PITA crew says that their method may also work against RSA and other forms of encryption. They also want to work on expanding the device’s range.