At 11:14 PM 4/25/96 -0700, Paul S. Penrod wrote:
On Thu, 25 Apr 1996, jim bell wrote: ?
This analysis seems to assume that the entire production run of a standard product is subverted. More likely,I think, an organization like the NSA might build a pin-compatible version of an existing, commonly-used product like a keyboard encoder chip that is designed to transmit (by RFI signals) the contents of what is typed at the keyboard. It's simple, it's hard to detect, and it gets what they want.
Jim Bell jimbell@pacifier.com
This is getting more rediculous by the minute. If NSA wanted to find out what you were typing, they dont need to subvert microcode or chips on the board. Unless you have a tempest device - all they have to do is pull RF from your vicinty and they can *see* just exactly what your typing.
You don't understand the subject, do you? While it is possible to determine a great deal of information from RF, there is an enormous difference in effort between analyzing the output of an uncooperative, inadvertent transmitter and a "cooperative" one. The most commonly understood source of RF signals come from CRT's, called Van Eck radiation. But passwords don't generally appear on CRT displays, so that is of limited value. I don't doubt that standard keyboards produce RF that might be analyzed, their output is probably not particularly easy to detect against a background of processor RFI. (It's short and low-amplitude) Far easier to analyze would be a chip that loudly and longly transmitted the current typed keyboard character, perhaps in some sort of serial binary code, possibly by driving the keyboard scanning lines according to a pre-arranged pattern designed to emit RF at a particular rate based on the clock oscillator. This transmission would be just about undetectable to anyone who didn't have a whole raft of sophisticated detection equipment. However, to those who know what to look for, it would probably be relatively easy to see. One particularly important reason for using such a chip, which you entirely overlooked, is that many computers are at sites with more than one, and in some cases many more than one computer. Their signals will mix, obviously, and will be very hard to separate. If it is possible to replace a keyboard chip with a Trojan Horse, the one desired target will be far more identifiable. Jim "He only talks about one thing" Bell jimbell@pacifier.com