If it's electronic, it makes noise. Not necessarily noise that you and I can hear, of course – unless you know how to tune in. The air around us is filled with bloops, bleeps, and bzzts of machines going about their business, betraying their existence through walls or even from across the street. The unintentional noise lurking among intentional signals can even reveal what the machine is currently doing when it thinks it's keeping that information to itself. Attacks exploiting electromagnetic radiation, such as TEMPEST, have long been known, but government-sized budgets are no longer needed to procure the radio equipment. USB television receiver dongles can be used as software-defined radios (SDR) that cost less than a slice of Raspberry Pi. The goal of this talk is to show you that anyone with twenty bucks and some curiosity can learn a great deal about your computers and other equipment without ever leaving a trace, and you shouldn't neglect this risk when managing your organization's security.
Melissa Elliott (better known as 0xabad1dea) is a professional security bug finder who has seen unspeakable horrors in corporate codebases from around the world. Her very name causes systems to crash, especially ones that use jQuery. Her hobbies include programming the Nintendo Entertainment System, criticizing other people's C code, and an interest in radio emissions that resulted from a trip to the National Radio Astronomy Observatory in Green Bank, West Virginia.