Most of these attacks can be mitigated through physical separation; the official standards specify allowable signal strengths at perimeter for spurious emanations. (Obviously attackers can use directional/high gain antennas, but there are RF limitations.) The stuff Cryptography Research does vs. Android phones to extract keys from tens of feet is pretty terrifying. http://www.cryptography.com/technology/dpa/dpa-qa.html
One interesting extension beyond the classical 1960s TEMPEST/Van Eck stuff is: If you can run malware on the target computer, you can obviously increase the effective gain through a variety of techniques.
What I'd be super interested in would be active RF attacks -- similar to the NSA toolkit with the passive external-RF-powered transmitter for implants, but ideally without modifications. Either causing specific errors or something else. Forcing resets might be enough. It'd be sort of a crossover between EMP and TEMPEST. Knowing, for instance, that the target security system controller is the only device connected to an 18.2m long wire within a facility might make it profitable to do a targeted attack on a certain frequency.
One interesting extension beyond the classical 1960s TEMPEST/Van Eck stuff is: If you can run malware on the target computer, you can obviously increase the effective gain through a variety of techniques.
What I'd be super interested in would be active RF attacks -- similar to the NSA toolkit with the passive external-RF-powered transmitter for implants, but ideally without modifications. Either causing specific errors or something else. Forcing resets might be enough. It'd be sort of a crossover between EMP and TEMPEST. Knowing, for instance, that the target security system controller is the only device connected to an 18.2m long wire within a facility might make it profitable to do a targeted attack on a certain frequency.