Geez! You guys have the DUMBEST ideas ever! For fuck's sake, go and RTFA! (For the dumb: READ THE FUCKING ARCHIVES!)
Behold your dogs of war for a moment more, please. :)
Anything displayed on your screen is visible to the guy across the street with a TEMPEST detector unless you work in a Faraday cage.
So far, this is orders of magnitude more expensive than a keylogger. I am not aware there is too high amount of the receiver units in use (nor I suppose they are easy to operate by a non-specialist), so the number of targets being threatened this way is much more limited than if some software or comparably cheap hardware is used. For now, at least. Then there is the shielding...
Failing that a hidden pinhole camera, or an RF transmitter attached to your cable -- hell these are available for hobbist use right now: x10.com has small devices that you can use to broadcast video from one room to another. Getting the same done for VGA, XVGA, etc. shouldn't be any harder.
Specified it as a threat. But this is what physical security is for. Again, this brings the threat of being discovered. Also, a TSCM sweep can reduce the risk.
Using IR or RF is one of the stupidest things you could possibly do. Think! IR and RF are detectable from a distance!
Ok, some IR auth is ok, provided it's in a sealed chamber and no photons leak out. i.e. think of a two cylinders, sealed at the ends where the cables go, where one fits inside the other... sort of like fiber optic cables and connectors. No leaks.
Use challenge-response. Immune against replay attack. With proper algorithm, reasonably immune against cryptographic attack on intercepted transactions. If it works over the Wild Wild Net, it should work over an IR/RF connection as well.
Direct contact's obviously fine, so long as your alleged attacker can't tap into it.
True. Again, physical security / tamperproofness issue.
participants (1)
-
Thomas Shaddack