Optical TEMPEST
This work is incremental, as it reviews and updates the relevance of optical TEMPEST vulnerabilities for privacy in modern systems without introducing new methods or data.
The paper addresses the evolving vulnerabilities in optical TEMPEST, highlighting that despite some reductions in risks through standardized solutions, new trends like IoT, HFT, GDPR, and drones have revived privacy concerns, emphasizing that fixed vulnerabilities can re-emerge.
Research on optical TEMPEST has moved forward since 2002 when the first pair of papers on the subject emerged independently and from widely separated locations in the world within a week of each other. Since that time, vulnerabilities have evolved along with systems, and several new threat vectors have consequently appeared. Although the supply chain ecosystem of Ethernet has reduced the vulnerability of billions of devices through use of standardised PHY solutions, other recent trends including the Internet of Things (IoT) in both industrial settings and the general population, High Frequency Trading (HFT) in the financial sector, the European General Data Protection Regulation (GDPR), and inexpensive drones have made it relevant again for consideration in the design of new products for privacy. One of the general principles of security is that vulnerabilities, once fixed, sometimes do not stay that way.