Repeatedly applying the question "can we leverage <computer hardware subsystem> to exfiltrate data?" is valuable research.

The value is pretty limited when the answer is consistently and predictably "Yes".

The author is clearly an expert in exfiltration and has deep insights in the area. But instead of working on presenting the big picture, prefers to throw breadcrumbs to the community. After a dozen of "exfiltration using X" papers, one would at least expect an SoK paper.

> The value is pretty limited when the answer is consistently and predictably "Yes".

If the answer was "we tried really hard, but couldn't figure it out" pretty sure the paper would not get published.

I know of at least two security-related workshops that explicitly call for "negative results". So, even failures in this research field are definitely publishable, if accompanied with adequate insights.

It’s really not, the answer tends to be obvious.

This feels really unfair.

If it was so trivial other people would be doing it.

Nonsense, most people don’t try to maximize the quantity of their academic publications.