At 07:46 PM 12/9/04 -0500, Steve Thompson wrote:
--- "Major Variola (ret)" <mv@cdc.gov> wrote:
Perhaps I am stupid. I don't know how one would go about modifying application software to include a 'back door' that would presumably enhance its suceptibility to TEMPEST attacks. Isn't tempest all about EM spectrum signal detection and capture?
You have your code drive a bus with signal. The bus radiates, you 'TEMPEST' the signal, game over. Back in the 60s folks programmed PDPs to play music on AM radios. Same thing. Dig?
Fine. That's great as an example of transmitting data over a covert channel, but so what? As you suggest, people have been doing that with AM radios since the 60's, although the folklore mentions the phenomenon in
the context of monitoring the computer's heartbeat, purely as a debugging technique.
The poster didn't understand how to backdoor a program using unintentional RF as the channel. I told them. That's "so what"