"WebWarrior3@InfoWar.Com" wrote on 1998-02-08 17:29 UTC:
So, when the software police pull up outside of my place of business see that there are six instances of a program being displayed with one license I can expect a warrant to be issued? That would suck.
The software that displays the license number plus activation instance random code in your windows toolbar as an easy receivable spread spectrum barcode would have to take care of this depending on how exactly your license agreement is formulated. This can be resolved in many ways. The technique of hunting software license violators via Tempest monitoring is not really targeted at providing 100% accurate and reliable identification of abuse at any point of time as you seem to imply. Nor is it alone an effective tool of proofing abuse. It is more an additional tool in getting an initial hint that a company is violating a software license at large scale (e.g., has bought a single copy of an expensive CAD software but uses it on over 80 workstations all day long), which then can justify to get court relevant proof by traditional means of police investigation.
Unfortunatley, I do not have the time to read through the entire document at the URL provided, and can't save it either from the .pdf ... the defensive measures sound interesting.
One obvious countermeasure are Tempest shielded computers or rooms, but these are rather expensive, inconvenient and not always reliable. Another countermeasure are software reverse-engineering and modifying the broadcast code. This is around as difficult as removing dongle checking code: Not impossible, but for the majority of users too inconvenient.
Also, does this only work with CRTs or can it detect LCD too?
Oh, yes, beautifully! Ross' TFT laptop radiates better than the CRT on my desk here. It is true that LCD displays do not have the <400 kHz signals caused by the deflection coils that are of concern for the TCO/MPR low-radiation standards. But they radiate as well in the
1 MHz range where the information carrying signals are broadcasted as harmonics of for instance the dot clock rate. LCDs are connected to high-speed drivers with sharp edges and lot's of nice harmonics.
One more remark: This was so far unfunded research initiated by our private interest in the subject of compromising radiation. In this field, the available research literature is very close to zero (there are the van-Eck/Moeller/Smulder papers and that's it basically), and all the real knowledge is tightly guarded by the military and diplomatic community. We hope that developing commercial applications for compromising radiation will open the way to non-military funding and open research in this field. Copyright protections seems to be an interesting application. Tempest research requires some expensive equipment (special antennas, very high-speed DSP experimental systems, an absorber room, etc.). If Microsoft or someone else would like to make some Tempest funding available, I think this should be highly welcome if the results are going to be published in the open literature. There is no good reason, why knowledge about compromising emanations should be restricted to the military community in a time where industrial espionage with these techniques is probably a larger threat to economies than the results of foreign intelligence operations. The preprint of our first paper on this is now on my home page. Markus -- Markus G. Kuhn, Security Group, Computer Lab, Cambridge University, UK email: mkuhn at acm.org, home page: <http://www.cl.cam.ac.uk/~mgk25/>