On Thu, 20 May 93 18:33:52 EDT, Bill_Stewart <anchor.ho.att.com!wcs> wrote -

This is distinctly not the case. You can take any countermeasures you want. The precise standards are classified (some SECRET, some CONFIDENTIAL COMSEC), so you can't find out how good the government's abilities to eavesdrop are, or precisely what level of protection the government thinks is necessary to protect classified information, or how good the NSA thinks the Russians are, but as long as you're not using classified information as your sources, you can do anything you want. (If you're not protecting yourself *enough*, the FCC will get on your case, but over-protection is fine.)

I beg your pardon, but this is _not_ the case. TEMPEST requirements are _not_ classified and are available for public scrutiny. (You obviously do not know where to look.) I _know_ this to be true: I working in the COMSEC arena within the US military for the better part of five years. In fact, I helped design and construct the first tactically-based, X.25 packet switched, PC based, uHF interfaced network in Europe back in the early '80's using Zenith Z-248's and KG-84's. We did everything from designing the cabling pin-out's on up.

TEMPEST isn't particularly about transients or electromagnetic pulses, it's about overall electromagnetic emissions.

You're trying to separate issues that are one and the same. With the proper equipment, I can put you and an IBM Selectric (tm) typewriter on a wooden raft in the middle of Lake Superior, monitor and realize every keystroke that you make and you'd not be the wiser. This type of monitoring is easily defeated by low yield TEMPEST requirements. I've worked in this area, Bill, and have tested these _facts_. I don't care how you care to word it, it _is_ transient electromagnetic emissions.

Electromagnetic Pulses are the big fast spikes you get from nuclear explosions (or similar slower spikes from lightning, etc.) and the techniques you use for protection against EMP don't solve your TEMPEST problems, and vice versa, though both kinds of protection are some help for the other.

In my previous incarnation as a Tool of the Military-Industrial Complex, I never saw TEMPEST expanded as an acronym in any of the documents I read.

As I stated above (and I place myself in jeopardy of being accosted by Big Brother by admitting it), I was a COMSEC flunky during my junket with the US Army. Originally, I was a 31S(ierra) and later a 29S(ierra) when two MOS's (Military Occupational Specialties, in Army jargon) were later merged. I was also a COMSEC Custodian (alternate, actually) and I can admit that I have a deep understanding of cryptographic key systems, cryptographic theory, cryptographic hardware design and integration and "BLACK" and "RED" separation principles. This type of technology does not require a rocket scientist (trust me, I've worked with them too at NASA)(oh yeah, I forgot -- I've also done contract work for Bell Labs and AT&T Secure Systems).

In the case of the Crippler Chip, however, you knew it had a built-in wiretap when you bought it, which changes some of the reasonable expectations about privacy a bit.

This issue is one where I must disagree with you emphatically. The majority of the American public don't even know about Clipper. Hell, most of them think those AT&T commercials (Aretha singing "Freedom") are cute. Personally, I think its pretty sick, considering how they worked in collusion with Big Brother (No Such Agency) and announce that they would be immediately using this "technology" on the same day that the NIST made its announcement that Clipper would be the "weapon of choice" in their war on drugs, would-be criminals and the American public (April 16, 1993). I know the technical specifics of TEMPEST (it is an acronym, BTW) and the reason it was developed as a SIGINT (SIGnal INTelligence) standard. Cheers. Paul Ferguson | The future is now. Network Integrator | History will tell the tale; Centreville, Virginia USA | We must endure and struggle fergp@sytex.com | to shape it. Stop the Wiretap (Clipper/Capstone) Chip.