It's a valid concept, but the concept is already existing - infect a machine and have it blink a light or emit RF.
I guess it isn't very interesting, for me, compared to passive side channel attacks (interpreting naturally generated RF).
'“this isn’t a complete attack by itself and is therefore uninteresting” seems myopic to me'
I think you are misunderstanding me. I do agree that how attacks are put together and coordinated is interesting. I just don't see much to get excited about for this exploit. So viewing this from a larger perspective... Most of the time if you are attacking air gapped systems for data exfil, the physical site will have security countermeasures, especially for RF. I would be more interested to see an exploit that doesn't use RF (at least not in the known data bands like wifi in this case) to rely data since RF is so scrutinized in the target setting.
So my position isn't that I don't like it because it's not a full attack, it's that I don't like it because the author is basically recycling old ideas and I view this idea, for the intended use (air gapped data exfil), to be lacking when evaluated from a systems thinking perspective. It's like giving someone a knife and telling them to sneak into a secure facility with metal detectors to stab someone. Can it work? Sure, but probably not as well as other options. It isn't very imaginative either.
I guess it isn't very interesting, for me, compared to passive side channel attacks (interpreting naturally generated RF).
'“this isn’t a complete attack by itself and is therefore uninteresting” seems myopic to me'
I think you are misunderstanding me. I do agree that how attacks are put together and coordinated is interesting. I just don't see much to get excited about for this exploit. So viewing this from a larger perspective... Most of the time if you are attacking air gapped systems for data exfil, the physical site will have security countermeasures, especially for RF. I would be more interested to see an exploit that doesn't use RF (at least not in the known data bands like wifi in this case) to rely data since RF is so scrutinized in the target setting.
So my position isn't that I don't like it because it's not a full attack, it's that I don't like it because the author is basically recycling old ideas and I view this idea, for the intended use (air gapped data exfil), to be lacking when evaluated from a systems thinking perspective. It's like giving someone a knife and telling them to sneak into a secure facility with metal detectors to stab someone. Can it work? Sure, but probably not as well as other options. It isn't very imaginative either.