About Tempest. The ability to monitor is real; it's more powerful than you would first imagine. You can get a lot of insight into what is possible by looking at what is sold as parts for Tempest certification. There is some trade publication devoted entirely to such matters; it's called EMI/RFI News, or Interference Protection News, or something like that. It's free to qualified subscribers. The articles are interesting, but cannot delve into the really interesting stuff. But the ads! Look at what people are selling, and remember that it is protecting against something. Stuff like copper impregnated gasket material, both for computer cases and for doors (in walls). Copper braid and cloth. Conductive glues and caulks. Special connectors. Electrical isolators. Fiber optics. (Aside: If you don't know how to be a qualified subscriber, you're no hacker. Look closely at the subscription card and then figure out where the publisher of a free magazine gets its money.) What is possible? CRT monitoring. A Dutch guy named van Eyck demostrated six years ago or so a CRT monitoring system which he built out of spare parts. It consisted of an TV roof antenna, a non-detent UHF tuner (which you can make yourself by removing the detent plate from an old TV), and a multi-scanning monitor. No amplification beyond what was in the tuner, no sync stabilization, no special directional antennas or any other tricks. He was able to reliably pick up monitor emissions from 100 meters, if I remember correctly. Fancier equipment knows what your screen sync rate is, uses bandpass filters, uses better antennas, knows to look for mostly-persistent frame information, looks for emissions signatures, and is able to read one CRT out of a hundred at half a mile. I suspect this is a low estimate of the ability of modern equipment. Hal mentions using flat panel displays to combat emissions. This works, as evidenced by the continued existence of Grid Computer. Remember Grid, who came out with these way-expensive gas plasma laptops around 1985/6? The reason they sold so many of those and are still around was that a large number of them were Tempest certified. (Even larger revenues!) I understand that the Tempest spec Grids had a thin layer of gold foil in front of the screen, even so. Yes, gold thin enough to see through. Signal wire monitoring. Using twisted pair or coax cable, reduces transmitted energy down to very low levels, improving energy transfer and reducing monitorability. But even with zero radiated energy there is still the near field of the wire which can be inductively tapped. No conductive contact is necessary. If you can put a wire next to my phone line somewhere, you can tap my phone. It's by nature a high impedance tap, requring sensitive ampilifiers but at the same time difficult to find even by a reflectometer. Without a twisted pair, the situation is worse. Keyboards for the PC use a serial protocol at a fixed frequency. The cables are not twisted pair. I haven't heard anything about that specifically, but I presume that keystrokes can be read extremely easily. CPU monitoring. Yes, it's possible. I've heard that it is possible to actually run a CPU in parallel with a monitored one. In order to do this, you need to correlate signals in real time across a fairly wide RF spectrum. Each CPU pin or I/O bus signal occurs in a different physical location inside the case. The case is active in terms of emmission, reflecting signals around like mad. All these different physical locations and reflections give rise to phase differences and interference patterns. Once you figure out what the signatures of the various signals are, you can separate them out from each other by correlation and deconvolution. George's concern about emissions through phone lines falls into this category. Other stuff. I've heard rumors about using microwave pinging to determine stuff about electrical equipment. Or about implanting passive devices that alter the EM field locally in order to make monitoring easier. It's safe to presume that there is some amazing stuff going on. Read The Puzzle Palace for more hints. (Like the valley in WV which is one big antenna.) Emissions monitoring is also all economics. The price to monitor increases with each more sophisticated attack. CRT's are easy, CPU's are hard. I would like to see public research in this area, just like there is public research in cryptography. Until the public has a better idea of what various attacks cost, there can't be rational decisions about emissions security. Eric