--- "Major Variola (ret)" <mv@cdc.gov> wrote:
Perhaps I am stupid. I don't know how one would go about modifying application software to include a 'back door' that would presumably enhance its suceptibility to TEMPEST attacks. Isn't tempest all about EM spectrum signal detection and capture?
You have your code drive a bus with signal. The bus radiates, you 'TEMPEST' the signal, game over. Back in the 60s folks programmed PDPs to play music on AM radios. Same thing. Dig?
Fine. That's great as an example of transmitting data over a covert channel, but so what? As you suggest, people have been doing that with AM radios since the 60's, although the folklore mentions the phenomenon in the context of monitoring the computer's heartbeat, purely as a debugging technique. What makes this odd is that the Wired article makes no mention of Tempest, only of the possibility of there being a back door, which in the usual vernacular of computer security, usually implies a method for unauthorised access or use of the software system in question. Regards, Steve ______________________________________________________________________ Post your free ad now! http://personals.yahoo.ca