You have to first install a program on the computer, then you have to have a detector with line of sight to the HDD LED. I suppose this would make a good plot for a TV episode, but at this level of intrusion, why not monitor the user’s screen?
Years ago there were a lot of modems and network devices (routers, etc.) where the Tx and Rx LEDs (or equivalent) had sufficiently fast response times that you could actually read the data going through the device [cite]–no special software required.
That’s one of the neatest side-channel attacks I’ve seen. Intercepting data just by looking at the device.
The novelty is in leaking the information covertly with some sort of control. Observing a user’s screen isn’t exactly the same.