Britain’s National Cyber Security Centre has begun deploying a small hardware device on government computer systems that filters malicious signals traveling through HDMI and DisplayPort cables. The device, called SilentGlass, sits inline between a computer and its monitor and blocks unauthorized data before it can reach either end of the connection. The NCSC, which operates as the cybersecurity arm of GCHQ, announced the deployment, calling SilentGlass a “world-first” device engineered entirely in-house. As of May 2026, it remains the only publicly known hardware device purpose-built to secure wired display connections at the protocol level.
The premise behind SilentGlass is simple but largely ignored across the security industry: the cable connecting a computer to a screen is an attack surface. Organizations spend billions on firewalls, endpoint detection, and network monitoring, yet the display link typically gets no scrutiny at all. SilentGlass is designed to change that for the U.K. government’s most sensitive environments.
How SilentGlass works
The device is plug-and-play. It requires no drivers, no software agents, and no configuration changes on the host computer or monitor. From the perspective of both endpoints, the cable simply appears slightly longer. Internally, SilentGlass acts as a protocol-aware filter. It inspects the data structures and control messages that make up an HDMI or DisplayPort session in real time, allowing through only those elements that match a predefined model of legitimate display traffic. Anything that falls outside expected parameters is blocked before it reaches the destination device.
This approach targets two distinct threat categories that academic research has documented in recent years.
Threat one: eavesdropping through electromagnetic leakage
HDMI cables radiate faint electromagnetic signals as they carry video data. With the right equipment, those signals can be captured at a distance and reconstructed into readable screen content. This class of attack, known in intelligence circles as TEMPEST, has been a concern since the Cold War. What has changed is the cost of pulling it off.
Researchers at Uruguay’s Universidad de la Republica demonstrated this shift in a preprint study posted to arXiv (not a peer-reviewed journal publication) describing a technique they call Deep-TEMPEST. Using a software-defined radio, an open-source GNU Radio pipeline, and deep-learning models, the team intercepted HDMI emanations and recovered on-screen text with significantly lower character error rates than traditional signal-processing methods achieved. The hardware involved is commercially available, and the software is open source. The barrier to entry for this kind of surveillance has dropped sharply.
SilentGlass addresses this vector by tightly constraining the signals that pass through the cable, reducing the amount of exploitable information that leaks as electromagnetic radiation. Software running on the host computer cannot solve this problem because the leakage occurs in the physical layer of the cable and its associated electronics.
Threat two: malicious commands hidden in HDMI protocols
HDMI is not just a video pipe. It carries auxiliary channels, including Consumer Electronics Control (CEC), a protocol that allows devices on the same HDMI link to send commands to one another. CEC was designed for convenience features like letting a TV remote control a Blu-ray player. It was never built to withstand adversarial use.
A separate academic study, originally posted to arXiv in 2019, examined how CEC signaling can be abused in complex AV distribution networks, such as conference rooms and broadcast facilities where switching equipment connects many devices. The age of the paper is worth noting: the vulnerability class it describes has been publicly known for several years, yet no widely adopted mitigation has emerged in the consumer or enterprise market. In those environments, an attacker who gains access to one point on the HDMI network can inject commands that propagate to other connected devices, sometimes without any IP network connectivity at all.
SilentGlass blocks this vector by filtering out malformed or unauthorized control messages at the cable level, below the operating system’s visibility. In many system configurations, CEC traffic is not exposed through standard software APIs, which means endpoint security tools cannot monitor or block it. A physical inline device is one of the few practical defenses.
What the NCSC has confirmed
The NCSC has confirmed that it engineered SilentGlass internally and that the device is already deployed on operational government systems. The agency has not disclosed how many units are in use, which departments have received them, or what specific assurance testing the device underwent before deployment. No independent third-party evaluation has been publicly referenced, and no named NCSC official or independent security researcher has provided on-the-record commentary beyond the agency’s published announcement.
The decision to build a hardware solution rather than push for a software patch or a protocol update reflects the nature of the threats involved. Electromagnetic leakage is a physics problem, not a software bug. CEC abuse exploits a protocol layer that most operating systems do not expose to security tools. Both vectors require intervention at the physical interface, which is exactly where SilentGlass operates.
It is worth noting that governments have used TEMPEST-rated shielded cables and enclosures for decades to protect against electromagnetic eavesdropping. Agencies such as the U.S. National Security Agency and Australia’s Australian Signals Directorate maintain their own TEMPEST certification and shielding programs, but neither has publicly announced a comparable inline protocol-filtering device for display connections. SilentGlass appears to go further than traditional shielding by also addressing active protocol-level attacks, combining two defensive functions in a single inline device. However, the NCSC has not published a direct comparison with existing TEMPEST countermeasures, so the degree of improvement over legacy shielding approaches remains unclear.
Open questions and limitations
Several significant gaps remain in the public record around SilentGlass.
Independent testing. The NCSC’s claims about the device’s effectiveness have not been verified by any external body. No block-rate metrics, no red-team results, and no performance benchmarks have been published. Until independent evaluations appear, outside observers are relying on the agency’s own assurances.
Compatibility. Government systems tend to use standardized hardware configurations. Whether SilentGlass works reliably with the wide variety of monitors, docking stations, USB-C display adapters, daisy-chained screens, and KVM switches found in corporate and consumer environments is unknown. The NCSC has not addressed compatibility with newer HDMI 2.1 or DisplayPort 2.0 high-bandwidth modes.
Cost and availability. The NCSC has not disclosed pricing, manufacturing partners, or any timeline for making SilentGlass available outside government networks. For the device to have broader impact, it would need to be affordable for enterprises and supported at scale. No public procurement records or distribution plans have surfaced.
Wireless display risks. If SilentGlass successfully hardens wired display connections, attackers may shift focus to wireless display protocols, which carry their own vulnerabilities: weak encryption, insecure pairing, and susceptibility to jamming or spoofing. The NCSC’s announcement does not address this potential displacement effect.
Long-term maintenance. Hardware security devices typically require firmware updates to address newly discovered attack techniques and protocol changes. The NCSC has not said whether SilentGlass can be updated in the field, how updates would be authenticated, or how the device will keep pace as display standards evolve.
Why the display cable has become a security boundary
For most of computing history, the cable between a computer and a monitor was treated as inert plumbing. SilentGlass represents a formal acknowledgment by a major intelligence agency that this assumption is outdated. The academic research backing the device’s threat model is grounded in documented experiments: HDMI emanations can be captured and decoded with off-the-shelf hardware, and HDMI control protocols can be weaponized in shared AV environments. Both attack classes have become more accessible as software-defined radios have gotten cheaper and machine-learning toolkits have become freely available.
Whether SilentGlass itself proves to be the right solution at scale is a separate question, and one that cannot be answered without independent testing and broader deployment data. No named NCSC officials or independent researchers have offered public assessments of the device’s real-world performance. What is already clear is that the display link has joined the list of physical interfaces that security teams can no longer afford to ignore. The NCSC has put a stake in the ground. The rest of the industry has yet to respond.
More from Morning Overview
*This article was researched with the help of AI, with human editors creating the final content.
