Researchers from Georgia Tech are investigating ways to protect people from so-called "coffee shop hackers."

Users sitting inside a coffee shop as they tap away on their laptops and smartphones may feel safe from being hacked, especially when they did not connect to the Wi-Fi network of the establishment. However, coffee shop hackers could find out what users are doing through the analysis of the low-power electronic signals that mobile devices emit.

The researchers are studying the origin of the data "leaks" to assist designers of software and hardware in preventing the emissions.

By analyzing these leaks from different computers, the research team has developed a means to measure the strength of these emissions, which are called "side-channel signals."

School of Electrical and Computer Engineering assistant professor Alenka Zajic, School of Computer Science associate professor Milos Prvulovic and graduate student Robert Callen have created a metric known as SAVAT, or signal available to attacker, to measure the vulnerability of different computer processes.

The researchers found that the strongest signals came from computers operations that had their processors access off-chip memory.

"People are focused on security for the Internet and on the wireless communication side, but we are concerned with what can be learned from your computer without it intentionally sending anything," Zajic said.

Zajic added that even if the user disables a device's connection to the Internet, the computer or smartphone will still leak information that hackers can abuse.

Side-channel signals released by a computer can be sniffed out across a distance of several feet through different methods, ranging from using simple AM/FM radios and complicated spectrum analyzers.

Electromagnetic emissions can be retrieved with antennas that are hidden inside briefcases, and acoustic emissions released by the computer's electronic parts can be retrieved using microphones placed underneath tables. In addition, power fluctuation information, which hackers can use to find out what the target computer is doing, can be retrieved using fake chargers that are plugged into the power outlet wherein a laptop is also currently plugged in.

Zajic demonstrated a possible hack attack using side-channel signals by typing in a password on a laptop that had its Internet connection disabled. A colleague located on another side of a wall, also using a laptop not connected to the Internet, was able to retrieve the password that was typed in through intercepting the keyboard software's side-channel signals.

While there has been nothing mentioned within hacker communities of using side-channel signals for cyber attacks, the researchers think that the attacks will soon come.

Prvulovic said that it is impossible to eliminate side-channel signals completely. The goal, however, is to weaken the signals to make it much harder for attackers to abuse them.

The team said that people should beware if someone is placing strange things near their computers. However, aside from that, there is not much that people can do to avoid being targeted by coffee shop hackers.