Steve Thompson:
If that's true, then the government couldn't have stolen it. However, I suspect that mainfraim code of any sophistication is rarely released into the public domain. I imagine the author would be able to clear that up, assuming he has no financial reason to falsify its history.
The page clearly states that the enhanced version was not in the public domain or owned by the government, it was a completely new version and the development was not funded by the government. The old one was for 16 bit architecture whereas the new one was for 32 bit.
Perhaps I am stupid. I don't know how one would go about modifying application software to include a 'back door' that would presumably enhance its suceptibility to TEMPEST attacks. Isn't tempest all about EM spectrum signal detection and capture?
ALL electronic devices emits signals that you can intercept and obtain information from. Whether or not you can extract much useful data or not depends, but generally you can always extract something. This is a vast field and it's hard to generalize. I have personally attended tests at a firm working for the military in a western European country and I've seen how extremely easy it is to do remote classic tempest-reading of the screen of a lap-top, to name only one example. The equipment easily fits in only a station wagon. Generally this is really hard to protect yourself from. Let's say you build yourself a bunker and put your computer inside it but you forget to run it on batteries, then you'll find out that signals will be carried out on the electric cord entering your bunker and they'll be readily readable outside anyway. You can't have any kind of opening in and out of that bunker, not even for ventilation, so you see this is hard to do. Maybe they built in other forms of remotely usable back-doors too, just in case there were able to make contact with the computer remotely over some network. This makes sense too, since one or two or those computers surely were less protected. Some people falsely believe that only CRT screens can be read remotely using TEMPEST techniques, this couldn't be more false, in fact one of the test managers I spoke to said he thought it was easier with TFT type monitors. Also remeber that we're not just talking about monitors, many other devices emits interesting and potential useful informaation: faxes, printers, networking hardware etc. Those PROMIS people built in hardware on the motherboards that emitted signals using a kind of jumping frequency technique. If you have the key giving you he answer to how the frequencies are changed you can easily intercept the data otherwise it becomes really hard to do and esp hard to find out that there's anything emitting in the first place - it looks like noise. The purpose of this was so that they could sell the whole package, the PC with the software pre-installed to customers and then they could sit in their wan down the street and record. It's no only happening in the movies you know :) BTW: I would also be interested in some more comments on Michael Riconosciuto as a person, doesn't anyone have an opinion or know of interesting info in this regard? Are there any books written by him or by people on "his side" of the story?