If malware via monitor cables is a matter of national security, this might be the gadget for you

Well - if the device is going to remain in any way relevant, then it's firmware would (presumably) need to be updateable. There's your access point for telemetry to the mothership, backdoor snooping, and potential uber-hacker access point all in one. :D

Of course not! VGA never had this problem?

Any device like this with an association to GCHQ is more likely to be spying on your video output than protecting you from attackers.

Re: coax?

HDMI cables are already shielded. At least the good ones are,but probably monitors are leaky, too, and not very well shielded. About this whole idea, what about HDCP? HDMI data should be encrypted by HDCP, to stop us pesky pirates from copying DRM encumbered shit (it seems it's not working as intended, but I digress). So HDMI leaking EM signals should be encrypted, too, I suppose. Picture those pesky Chinese government hackers being thwarted by Hollywood's DRM scheme, LOL.

I'm thinking more of a monitor that has been made specifically for spying, not one that has been pwned. I'd say that a "normal" monitor does not have enough capabilities (memory, etc) to contain a malware injection tool. But what about a malicious monitor, built for the job? It could work, exactly as malicious USB power supplies.

But if we come to this, what about printers, mice, keyboards, and every other usb device that is not a battery charger? The need to communicate, you cannot simply cut them off. To sum it up, I think that a monitor is quite an unusual attack vector. But maybe it's a good one exactly because it's unusual. Nobody expects the Spanish Inquisition.

100% monitor to pc. Monitors have all kinds of connectivity, so given the crap you can do with a USB device (ID spoofing so the host thinks it's a keyboard) , it's possible that IT have locked down the USB ports on the PC, but this becomes another way in.

The malware could be used to infect the SAME machine

The privilege level needed to compromise the monitor (or just send it a firmware update if security around that is rather light) may be less than the privilege level the system is operating at when it does EDID etc. to identify the monitor.

So if you can hack it from a userlevel process, then have the monitor p0wn the system at a root/Administrator level the next time the system is booted or another redoes the EDID process then you've elevated your privilege level even if the system itself was (somehow) totally secure against root level escalation attacks.

While ethernet over HDMI exists there is little support for it - and AFAIK it requires a special HDMI cable to support it so it is probably not a practical attack except in very very limited circumstances.

Exactly. Suppose these devices contain a cellular modem and they are actually made to spy on your hdmi data going through.

The sales promises add credence to this possibility. They can't tell us what can actually be done over an HDMI cable, but they can promise that their device blocks all the threats. Given the complexity of HDMI as an interface, I can believe that there are problems in HDMI stacks which could be exploited, and if you knew about them, then a device that looks for them and blocks them would guard against those threats although one that looks for them and sounds an alarm would be more useful. But that wouldn't be threat-agnostic unless it simply blocked some channels, and those channels presumably have a point or you could block them yourself. Maybe it's as simple as disconnecting some things that they assume people buying this, who are probably using monitors in an office environment, probably aren't using, assuming that those pathways could be abused somehow.

A late entry for April Fools Day?

Re: Goldilocks - just right, or too good to be true?

I read it as it allows known valid traffic and blocks everything else. The everything else is easy as there are only a small number of valid operations. It sounds like monitors may be "lax" in processing and can be subverted by invalid or badly formed messages - and I can beleive that.

Re: I have doubts...

Doesn't sound that crazy to me. HDMI is a well defined standard - and I would assume any legitimate data passing over the data channel adheres to a fairly limited set of types/structures/content - and it would not be beyond the realms of possibility to flag anything that clearly did not conform to the HDMI standards.