At 07:18 PM 7/3/04 -0400, Tyler Durden wrote:
I dunno...as an ex-optical engineer/physicst, I'm sceptical about this whole scary "tempest" bullcrap. Even if it can be made to work fairly reliably, I suspect deploying it is extremely costly.
So? The State can print money... And people are cheap. And digital edges are sharp, in the Ghz even when the "clock" is in the Mhz. And boxes need ventilation slots. Any questions? Look at eg what NASA can do re: finding fireflies on the moon. Now drop one "A". Or replace ASA with RO.
Hey--if they want me that bad these days, it would probably be cheaper just to send the van and beat whatever they need out of me.
That lets you know they're listening. Or they have to dispose of the body, which lets your colleages know they're onto y'all. You really need to get up to speed on your Tradecraft, friend.
On Sat, 3 Jul 2004, Major Variola (ret) wrote:
And digital edges are sharp, in the Ghz even when the "clock" is in the Mhz.
How much do the "spread spectrum clock" feature on the modern motherboards help here?
And boxes need ventilation slots.
Not necessarily. There are other ways of heat transfer. A good way could be water cooling for transport of the heat from the CPU and other parts to a massive metal heatsink that's the part of the case, with an optional fan on its outside. Voila, water cooling is not only for case mod freakz anymore.
Any questions?
I expect much bigger problem in the attached cables and connectors. How to solve this?
Thomas Shaddack <shaddack@ns.arachne.cz> writes:
And boxes need ventilation slots.
Not necessarily. There are other ways of heat transfer. A good way could be water cooling for transport of the heat from the CPU and other parts to a massive metal heatsink that's the part of the case, with an optional fan on its outside. Voila, water cooling is not only for case mod freakz anymore.
Any questions?
I expect much bigger problem in the attached cables and connectors. How to solve this?
Optic fibre.
As far as education goes, if you're constantly seeing black vans with big funky antennas on them parked in front of your house any time you're on the computer, you've really got far more serious worries than just a bit of TEMPEST. It's either time to line up your lawyers because of stuff you do know you've been doing, or else time to get your shrink to up your meds a bit.
On Sat, 3 Jul 2004, Major Variola (ret) wrote:
And digital edges are sharp, in the Ghz even when the "clock" is in the Mhz. And boxes need ventilation slots. ... water cooling .... At 07:35 PM 7/3/2004, Thomas Shaddack wrote: I expect much bigger problem in the attached cables and connectors.
It's been 15-20 years since I worked on TEMPEST environments, so technology has overtaken most of what we were doing. We tested the TEMPEST room at 450 MHz, and needed something like 100-120 dB of shielding to be comfortable with it, and at those frequencies, you'd easily find leakage if the copper-wool packing in the joints wasn't tight. Our VAX ran at something like 10 MHz, and our Sparcstations might have been as fast as 40 MHz, but basically there wasn't a lot of high-frequency signal out there, even with harmonics. The standards for cable penetration were that a waveguide hole needed to be N wavelengths deep and no more than 1/x wide (I think it was something like half-wave wide), and most of ours were an inch or two deep with quarter-inch holes. That was convenient for running fiber through. If you stuck a paper-clip about halfway through, the RF meter would peg. These days, of course, most of the equipment's at much higher frequencies; I doubt the room would be meaningfully tight with 5GHz machines. Power connections were filtered, which was much more expensive, using boxes with big inductors in them. That part of the job would be much easier today - the VAX needed three-phase power, and the room drew lots of amps, as did the two one-ton water-cooled Liebert air conditioners. That AMD 64-bit CPU might look like a space-heater, but it really isn't that bad. And a laptop's a lot better. We occasionally used TEMPEST-shielded PCs. They weren't bad - they had solid metal boxes, and special shielded cables for the rather heavy keyboards, and the monitors were a bit bulky. The monitors were mostly CGA or mono text - maybe some EGA, but basically they were a lot lower end that you'd want today. Don't expect that laptops will keep you out of trouble - I once had a laptop projecting its image onto a TV I was near. The image was out of sync, with three partial images, and it was probably in the 640x480 days, maybe 800x600, ~1997, but I'd done nothing special and it was an average TV. Probably the signal was leaking out the VGA jack on the laptop. The easy part of TEMPEST monitoring is finding some signal. The hard part is sorting it out from the noise. If they're not nearby, they're unlikely to be using TEMPEST on you; they're much more likely to be tapping your ISP connections. ---- Bill Stewart bill.stewart@pobox.com
On Sat, 3 Jul 2004, Major Variola (ret) wrote:
At 07:18 PM 7/3/04 -0400, Tyler Durden wrote:
I dunno...as an ex-optical engineer/physicst, I'm sceptical about this whole scary "tempest" bullcrap. Even if it can be made to work fairly reliably, I suspect deploying it is extremely costly.
Scary or not, I can attest from first hand personal knowledge that this type of monitoring is in active use by the US, and has been for over 4 years (although it's only been "mainstream" for ~2). -- Yours, J.A. Terranson sysadmin@mfn.org "...justice is a duty towards those whom you love and those whom you do not. And people's rights will not be harmed if the opponent speaks out about them." Osama Bin Laden
On Sat, Jul 03, 2004 at 09:41:44PM -0500, J.A. Terranson wrote:
On Sat, 3 Jul 2004, Major Variola (ret) wrote:
At 07:18 PM 7/3/04 -0400, Tyler Durden wrote:
I dunno...as an ex-optical engineer/physicst, I'm sceptical about this whole scary "tempest" bullcrap. Even if it can be made to work fairly reliably, I suspect deploying it is extremely costly.
Scary or not, I can attest from first hand personal knowledge that this type of monitoring is in active use by the US, and has been for over 4 years (although it's only been "mainstream" for ~2).
Would you care to comment on any technical or other details ? Tempest monitoring of raster scan CRTs has been around for a long long time... but most current LCD displays are much less vulnerable as pixels are switched in parallel (and of course not painted at high speeds allowing optical monitoring). But many video cards generate the rasterized stuff anyway... and use that interface to talk to the LCD monitor. Tempest monitoring of energy on communications lines and power lines related to internal decrypted traffic has been around since before the Berlin tunnel... and used effectively. But the heyday of this was the mechanical crypto and mechanical Teletype era... where sparking contacts switched substantial inductive loads. Tempest monitoring of CPU and system behavior is a newer trick in most cases if it is effective at all in typical situations. Obviously Tempest monitoring of copper wire ethernet LAN traffic is possible. Wireless LANs, of course, aren't a Tempest issue. Perhaps some keyboards radiate detectable keystroke related energy... But given the current statist tendencies here and elsewhere, it would not surprise me at all to hear that any and all techniques for surveillance anyone has shown to be effective are likely in active use - there is money, interest, and a great lowering of inhibitions. And certainly there has been more than enough open discussion of Tempest type side channel attacks, unlikely the folks behind the curtain have just ignored all of it... On the other hand the cost, complexity and sophistication of the gear required to extract information at useful ranges is still daunting compared to other methods of obtaining the same information (such as black bag jobs with disk copiers and use of trojans to capture passphrases). -- Dave Emery N1PRE, die@dieconsulting.com DIE Consulting, Weston, Mass 02493
On Sun, 4 Jul 2004, Dave Emery wrote:
Would you care to comment on any technical or other details ?
I do not have the detailed technical details I would have liked - I did ask some of these types of questions and received little more than careful "decline to answer"s. What I do know is that this type of monitoring is being done on a regular, although limited scale, in FISA proceedings. The targets are generally CRT emissions, and the distance between target and acquisition gear is under .5 miles - still a shocking range which I was totally unprepared for. I engaged one of the operators in a discussion about the tempest resistant typefaces, and he was unaware of them. Food for thought... Interestingly, I have had more than one report of aural acquistion of typists keystrokes being used to attempt to calculate the content of a short keysequence (I assume a password is what was meant by "short keysequence"). These reports indicated "poor, but occasionally lucky results". I have also been told that there is a broadcasting keyboard cable inline device which is in wide use (this is pretty easy to do, but requires blackbagging - something that was a lot more limited prior to 9/11). -- Yours, J.A. Terranson sysadmin@mfn.org "...justice is a duty towards those whom you love and those whom you do not. And people's rights will not be harmed if the opponent speaks out about them." Osama Bin Laden
participants (6)
-
Bill Stewart -
Dave Emery -
J.A. Terranson -
Major Variola (ret) -
Thomas Shaddack -
Yeoh Yiu