Several of the servers where I work have multiple monitors. While it is rare that I have several instances of the same application being displayed on these monitors, I do, at times, do just that. Easier for cutting and pasting large blocks from one to the other as well as other editing of code. So, when the software police pull up outside of my place of business see that there are six instances of a program being displayed with one license I can expect a warrant to be issued? That would suck. Unfortunatley, I do not have the time to read through the entire document at the URL provided, and can't save it either from the .pdf ... the defensive measures sound interesting. Also, does this only work with CRTs or can it detect LCD too? Furthermore, it was written:
So Markus and I sat down and tried to figure out what we could do for the Evil Empire. We concluded that
(1) large companies generally pay for their software;
(2) if you try to coerce private individuals, the political backlash would be too much; so (3) if the Evil Empire is to increase its revenue by cracking down on piracy, the people to go after are medium sized companies.
I have worked on contract with several 'large' companies who are running illegal copies of software, often without the knowledge of the sys admin...better check those 'findings.' Scott R. Brower http://www.infowar.com http://www.efflorida.org
"WebWarrior3@InfoWar.Com" wrote on 1998-02-08 17:29 UTC:
So, when the software police pull up outside of my place of business see that there are six instances of a program being displayed with one license I can expect a warrant to be issued? That would suck.
The software that displays the license number plus activation instance random code in your windows toolbar as an easy receivable spread spectrum barcode would have to take care of this depending on how exactly your license agreement is formulated. This can be resolved in many ways. The technique of hunting software license violators via Tempest monitoring is not really targeted at providing 100% accurate and reliable identification of abuse at any point of time as you seem to imply. Nor is it alone an effective tool of proofing abuse. It is more an additional tool in getting an initial hint that a company is violating a software license at large scale (e.g., has bought a single copy of an expensive CAD software but uses it on over 80 workstations all day long), which then can justify to get court relevant proof by traditional means of police investigation.
Unfortunatley, I do not have the time to read through the entire document at the URL provided, and can't save it either from the .pdf ... the defensive measures sound interesting.
One obvious countermeasure are Tempest shielded computers or rooms, but these are rather expensive, inconvenient and not always reliable. Another countermeasure are software reverse-engineering and modifying the broadcast code. This is around as difficult as removing dongle checking code: Not impossible, but for the majority of users too inconvenient.
Also, does this only work with CRTs or can it detect LCD too?
Oh, yes, beautifully! Ross' TFT laptop radiates better than the CRT on my desk here. It is true that LCD displays do not have the <400 kHz signals caused by the deflection coils that are of concern for the TCO/MPR low-radiation standards. But they radiate as well in the
1 MHz range where the information carrying signals are broadcasted as harmonics of for instance the dot clock rate. LCDs are connected to high-speed drivers with sharp edges and lot's of nice harmonics.
One more remark: This was so far unfunded research initiated by our private interest in the subject of compromising radiation. In this field, the available research literature is very close to zero (there are the van-Eck/Moeller/Smulder papers and that's it basically), and all the real knowledge is tightly guarded by the military and diplomatic community. We hope that developing commercial applications for compromising radiation will open the way to non-military funding and open research in this field. Copyright protections seems to be an interesting application. Tempest research requires some expensive equipment (special antennas, very high-speed DSP experimental systems, an absorber room, etc.). If Microsoft or someone else would like to make some Tempest funding available, I think this should be highly welcome if the results are going to be published in the open literature. There is no good reason, why knowledge about compromising emanations should be restricted to the military community in a time where industrial espionage with these techniques is probably a larger threat to economies than the results of foreign intelligence operations. The preprint of our first paper on this is now on my home page. Markus -- Markus G. Kuhn, Security Group, Computer Lab, Cambridge University, UK email: mkuhn at acm.org, home page: <http://www.cl.cam.ac.uk/~mgk25/>
In an interesting discussion on software tempest measures, Markus Kuhn <Markus.Kuhn@cl.cam.ac.uk> writes:
One more remark: This was so far unfunded research initiated by our private interest in the subject of compromising radiation. In this field, the available research literature is very close to zero (there are the van-Eck/Moeller/Smulder papers and that's it basically), and all the real knowledge is tightly guarded by the military and diplomatic community. We hope that developing commercial applications for compromising radiation will open the way to non-military funding and open research in this field.
People who are interested in communications and data security to the extent of arguing about the difference in security offered by 56 bit keys as compared to 128 bit keys ought to be worried about RF information leaks and tempest shielding. Perhaps similar justification can be used for the relevance of tempest research -- it is just the hardware half of assuring confidentiality of information. There should be a reasonably large supply of commercial funding candidates even given the 90 : 10 ratio of business interest in availability over confidentiality.
Copyright protections seems to be an interesting application.
Personally I view technology to assist copyright piracy a more interesting research goal! Candidate technologies include high bandwidth eternity services, anonymous remailers with sufficient bandwidth, pipenets, DC-nets, free software movements, countries with modern intellectual ownership rules like Argentina*, and undermining the power of the state so that state provided copyright enforcement susidies disappear. (* See my previous post: reposted news report "ARGENTINE SUPREME COURT RULES SOFTWARE PIRACY LEGAL"). I am not sure I want to see my computer narcing out over RF frequencies what software is installed -- once enabled for corporates there is the risk it will be used against individuals. This sounds about as (un)desirable as CPUs capable of running encrypted instruction streams, with per CPU keys loaded at manufacture enabling software to be purchased for your CPU only (and hence disempowering users who will thus be unable to even disassemble such code prior to running), or smart cards as modernized next generation dongles. Adam
Adam Back wrote on 1998-02-09 21:34 UTC:
There should be a reasonably large supply of commercial funding candidates even given the 90 : 10 ratio of business interest in availability over confidentiality.
Availability is usually based on authenticity, and authenticity is based on the confidentiality of keying variables, therefore at some level, everyone interested in computer security should be interested in research about the hardware aspects of confidentiality.
Copyright protections seems to be an interesting application.
Personally I view technology to assist copyright piracy a more interesting research goal!
Come on, copyright piracy is technically trivial today! Little software is sold with any copyright protection technology, and if, then it is usually easily broken as the full cleartext machine code is always available for reverse engineering.
I am not sure I want to see my computer narcing out over RF frequencies what software is installed -- once enabled for corporates there is the risk it will be used against individuals.
This concerns only individuals who feel important enough to fear that any organization might want to spend hundreds of dollars per day to park a grey van full of state-of-the-art DSP and HF equipment in front of your home exclusively to observe what you do on your home machine. Quite unrealistic. Of course, in the future, when cellular base stations become freely programmable DSP software radios that can via the network be turned from GSM-BTSs into Tempest monitoring stations by a minor software update, then the paranoid's deep desire to be observed could actually be fulfilled by evil organizations on a very large scale. Stay tuned ...
This sounds about as (un)desirable as CPUs capable of running encrypted instruction streams, with per CPU keys loaded at manufacture enabling software to be purchased for your CPU only (and hence disempowering users who will thus be unable to even disassemble such code prior to running), or smart cards as modernized next generation dongles.
Well, I have been thinking about this one, too, and I am quite sure that we will see such mechanisms showing up in common desktop processors within the next few years. Then, copyright piracy will become an interesting technological challenge and research on attacks will become orders of magnitude more fascinating than now. See http://www.cl.cam.ac.uk/~mgk25/trustno1.pdf for details. I am not sure, whether high-security copy protection is a really bad idea: It could also mean that strict technical copyright enforcement like it is possible with cryptoprocessors will change the market situation favourably: Small startup companies suddenly become able to sell mass market software at prices in the range of <10 dollars per copy with only a cheap web server as their distribution infrastructure. When the success of software marketing is not any more dependent on the distribution infrastructure that big players like Microsoft enjoy today (retailers, bundling contracts, etc.), market success would much more depend on the quality of product and service than on the control over a distribution system infrastructure. If the copy protection offered by cryptoprocessors would allow small companies to compete successfully with high quality ultra-low price software against Microsoft, then the old shareware distribution concept might actually start to work. In addition, the same transistors used for bus encryption can also be used to keep your entire harddisk encrypted without performance loss and the encrypted software distribution protects you better against Trojans, so you'll get increased overall security as a free side effect. Markus -- Markus G. Kuhn, Security Group, Computer Lab, Cambridge University, UK email: mkuhn at acm.org, home page: <http://www.cl.cam.ac.uk/~mgk25/>
At 1:34 PM -0800 2/9/98, Adam Back wrote:
I am not sure I want to see my computer narcing out over RF frequencies what software is installed -- once enabled for corporates
Why not monkeywrench the narcware to narc out falsely? Imagine 100 copies of a program all screaming "Bill Gates"! (ObCrypto: One can imagine methods to broadcast a new signifier each time a program is started...some kind of zero knowledge approach. But this gets difficult when the broadcast program is under the control of those trying to defeat the system. A well known problem. E.g., if N copies are all identical, and the ZKIPS approach is generated in software, the N copies will overlap signals. And so on. I expect the Anderson-Kuhn approach broadcasts a single identifier, though I have not yet had time to look at their paper, so I may be wrong here.) Narcware will face a lot of customer resistance. --Tim May Just Say No to "Big Brother Inside" ---------:---------:---------:---------:---------:---------:---------:---- Timothy C. May | Crypto Anarchy: encryption, digital money, ComSec 3DES: 408-728-0152 | anonymous networks, digital pseudonyms, zero W.A.S.T.E.: Corralitos, CA | knowledge, reputations, information markets, Higher Power: 2^3,021,377 | black markets, collapse of governments.
participants (4)
-
Adam Back -
Markus Kuhn -
Tim May -
WebWarrior3@InfoWar.Com