On Sat, Jul 03, 2004 at 09:41:44PM -0500, J.A. Terranson wrote:
On Sat, 3 Jul 2004, Major Variola (ret) wrote:
At 07:18 PM 7/3/04 -0400, Tyler Durden wrote:
I dunno...as an ex-optical engineer/physicst, I'm sceptical about this whole scary "tempest" bullcrap. Even if it can be made to work fairly reliably, I suspect deploying it is extremely costly.
Scary or not, I can attest from first hand personal knowledge that this type of monitoring is in active use by the US, and has been for over 4 years (although it's only been "mainstream" for ~2).
Would you care to comment on any technical or other details ? Tempest monitoring of raster scan CRTs has been around for a long long time... but most current LCD displays are much less vulnerable as pixels are switched in parallel (and of course not painted at high speeds allowing optical monitoring). But many video cards generate the rasterized stuff anyway... and use that interface to talk to the LCD monitor. Tempest monitoring of energy on communications lines and power lines related to internal decrypted traffic has been around since before the Berlin tunnel... and used effectively. But the heyday of this was the mechanical crypto and mechanical Teletype era... where sparking contacts switched substantial inductive loads. Tempest monitoring of CPU and system behavior is a newer trick in most cases if it is effective at all in typical situations. Obviously Tempest monitoring of copper wire ethernet LAN traffic is possible. Wireless LANs, of course, aren't a Tempest issue. Perhaps some keyboards radiate detectable keystroke related energy... But given the current statist tendencies here and elsewhere, it would not surprise me at all to hear that any and all techniques for surveillance anyone has shown to be effective are likely in active use - there is money, interest, and a great lowering of inhibitions. And certainly there has been more than enough open discussion of Tempest type side channel attacks, unlikely the folks behind the curtain have just ignored all of it... On the other hand the cost, complexity and sophistication of the gear required to extract information at useful ranges is still daunting compared to other methods of obtaining the same information (such as black bag jobs with disk copiers and use of trojans to capture passphrases). -- Dave Emery N1PRE, die@dieconsulting.com DIE Consulting, Weston, Mass 02493