For nearly 80 years, governments and intelligence agencies have known that computers leak secrets not just through hacking, but through the very physics of their operation. Now, a bipartisan pair of US lawmakers is pushing for an investigation into how vulnerable ordinary Americans are to this decades-old spying technique – known as TEMPEST or side-channel attacks – and whether tech companies should be forced to strengthen their defenses.
The Physics of Espionage
Computers emit radio waves, sound, and vibrations as a byproduct of normal function. These signals, though unintentional, can be intercepted and deciphered by skilled adversaries to reveal private data. This isn’t a hypothetical threat: the US government has been aware of it since the 1940s, and actively protects its own classified information using shielded facilities called SCIFs (Sensitive Compartmented Information Facilities).
The concern now is that the public remains largely unprotected. Senator Ron Wyden and Representative Shontel Brown recently sent a letter to the Government Accountability Office (GAO) demanding a review of the scale of this threat, the feasibility of countermeasures, and potential policy options – including forcing manufacturers to build security into their products.
A Long-Known Weakness
The core problem isn’t new. Early experiments at Bell Labs showed that encryption machines radiated enough electromagnetic energy to leak cryptographic clues to anyone with the right equipment. A declassified NSA report from 1972 confirmed that classified computers could transmit detectable signals for up to half a mile, potentially exposing sensitive data.
More recent research demonstrates that this remains possible today. Researchers have built devices for under $300 that can extract data from computers within a few feet using electromagnetic emanations, or even eavesdrop on keystrokes via acoustic vibrations picked up by a mobile phone.
Why This Matters Now
While the practicality of widespread side-channel attacks is debated, the lawmakers argue that the threat is growing. As surveillance technology improves and becomes cheaper, it will trickle down from intelligence agencies to state-sponsored hackers, law enforcement, and eventually, criminals.
Wyden specifically notes that industrial espionage is a significant risk: companies developing strategically important technologies are already targets. The lack of public awareness or manufacturer requirements leaves Americans vulnerable, potentially for years to come given the time needed to redesign products for greater security.
Is This a Real Risk for Most People?
Experts disagree on how urgent this threat is for the average user. While side-channel attacks are possible, they’re technically challenging. Security researchers at the Electronic Frontier Foundation believe they’re primarily a concern for national security personnel or companies engaged in high-stakes industrial espionage.
Moreover, modern devices are becoming more efficient, reducing unintentional radiation. The shift towards cloud computing further complicates attacks, as data centers are harder to surveil.
However, the rise of AI tools that can extract signals from noise could make these attacks easier. And “smart” devices – speakers, TVs, industrial controls – may still be vulnerable.
The Path Forward
The US government has several levers to address this: the FCC could regulate radio emissions, the FTC could deem lax security deceptive advertising, and agencies could simply share more intelligence. Until then, the extent of our silent data leaks remains uncertain.
The bottom line: decades-old spying techniques remain a potential risk, particularly for high-value targets. The debate now is whether the government should intervene to force better security measures across consumer devices.
