If you're under the impression that the PC Gamer hardware team practices perfect cable management, I have some disappointing news for you. Beneath our desks and behind our rigs lies a tangled web of cable calamity, and somewhere in the mix there's likely to be an HDMI cable or two knocking around.
Messy as HDMI cables might be, according to the efforts of a research team from Uruguays University of the Republic, they might just be a cyber security hazard, too (via Techspot). The research team's been experimenting with a new technique [PDF warning] to spy on digital signals being transmitted through HDMI connections by recording and decoding electromagnetic signal leakage, and the key to the whole puzzle appears to be our good friend, AI.
Digital signals sent through an HDMI connection are remarkably complex, and while it's possible to capture leaks (or the rather beautifully phrased "unintended electromagnetic emanations") from a cable or connector with an SDR (Software Defined Radio), what you're left with is a lot of very complicated data that's difficult to rebuild into a useable result.
That's where AI comes in. The researchers trained an AI model on samples of matched original and intercepted signals, before letting it loose on leaked signal data in an attempt to decipher the results.
They then took the resulting visual data and ran it through text recognition software, comparing the results to the original output. While some data is inevitably left unreadable, the researchers claim that reconstructed text from the signals maintained around a 70% accuracy rate.
That's easily enough to allow a human to make educated guesses as to what missing text data might be, meaning that common passwords, email addresses and more can be left mostly legible by the AI-enhanced technique.
As to how feasible such an attack might be in the real world? Well, the real secret sauce here is the AI model training, not the signal pickup itself. Still, it's unlikely that your home connections would present much of a risk, as someone would have to capture them specifically from a nearby vicinity, before feeding them into a similar model to decode the results.
That'd be a whole lot of effort go to in order to spy on a private individual, so unless you're on the Interpol Red Notice list I wouldn't worry too much. Still, as lead researcher Federico Larroca says:
"Governments are worried about this, [but] I wouldn't say that the normal user should be too concerned. But if you really care about your security, whatever your reasons are, this could be a problem"