In cypherpunks, fergp@sytex.com (Paul Ferguson) replied to my article (elisions[...] added)
[...] The precise standards are classified (some SECRET, some CONFIDENTIAL COMSEC), [...], but as long as you're not using classified information as your sources, you can do anything you want. [...]
I beg your pardon, but this is _not_ the case. TEMPEST requirements are _not_ classified and are available for public scrutiny. (You obviously do not know where to look.)
Ok, there may be standards that aren't classified. (Good!) I was referring to NACSIM 5100, 5100A, 5203, and their friends; different generations of the documents are NACSEM rather than NACSIM.
TEMPEST isn't particularly about transients or electromagnetic pulses, it's about overall electromagnetic emissions.
You're trying to separate issues that are one and the same. With the proper equipment, I can put you and an IBM Selectric (tm) typewriter on a wooden raft in the middle of Lake Superior, monitor and realize every keystroke that you make and you'd not be the wiser. This type of monitoring is easily defeated by low yield TEMPEST requirements. I've worked in this area, Bill, and have tested these _facts_. I don't care how you care to word it, it _is_ transient electromagnetic emissions.
I'm not arguing about whether the stuff works, I believe that :-) VT100s and Brother electronic typewriters are two other classic emitters; I hadn't heard that the IBM was loud, but it's certainly a good target. The wording *is* relevant when you're discussing whether a proposed acronym is real or made-up-to-fit, and as I said,
I never saw TEMPEST expanded as an acronym in any of the documents I read. and the proposed expansions are really stretching credibility, as were the quoted article's contentions that using TEMPEST protection was illegal.
I know the technical specifics of TEMPEST (it is an acronym, BTW) If it really is, it sounds like they made up the name TEMPEST first and stretched the words *real* hard to fit, since it's not really about EMP.
In the case of the Crippler Chip, however, you knew it had a built-in wiretap when you bought it, which changes some of the reasonable expectations about privacy a bit. This issue is one where I must disagree with you emphatically. The majority of the American public don't even know about Clipper.
Sure, but if you're a pro-government court trying to rationalize the behavior of government officials, as the courts have been doing lately, the fact that most Americans haven't read the White House Press Releases or the New York Times won't be given much respect - they've found a presumed lack of privacy in the use of cordless phones, and I'll bet you a floppy disk they'll find some excuse to support unauthorized wiretapping of Crippler* phones if the things become widespread.
Stop the Wiretap (Clipper/Capstone) Chip.
Yeah. Actually, I won't mind much if government officials use the system when for their internal communications; it's presumably fairly secure, and makes it possible to subpoena "secure" conversations by government officials if we need to, though it does risk giving the NSA more power over the rest of the government if they've stolen the keys. Bill Stewart * Clipper is a trademark of Intergraph.