Should we be worried about that?
An obvious mitigation is to
for i in $(seq $(nproc)) ; do while true ; : ; done & ; fi when booting the airgap machine so it is always at 100% CPU, regardless.
@dachary I am familiar with this group of researchers, they do very similar research on developing malware that steals keys using power or with audio or with bluetooth or whatever differential power analysis. I think we should not worry about this. One of the many assumptions they make in their model is that the device already has malware on it. I think people uploading malware is a very serious risk but I think the best protecting is our airgapped SVS has the private keys needed to read a source’s documents.