TEMPEST Question

Bob Stratton strat at intercon.com
Thu Dec 17 18:03:16 PST 1992

>>>>> Doug.Brightwell at corp.sun.com (Doug Brightwell) writes:

	Doug> But as a non-technical person, what I'm struggling to
	Doug> understand is how a surveillance team could monitor the
	Doug> emmisions from such cables and have any clue as to what
	Doug> they are. Let's say they zeroed in on my poorly shielded
	Doug> modem cable and were able to tune into a stream of 0's
	Doug> and 1's. How could they then resolve that digital data
	Doug> into anything meaningful? ...

My understanding, being only a moderate RF weenie, is that UARTs, the
devices which, more often than not, are driving your serial ports,
generate an emission very much like good old frequency shift keying.
It makes sense - having listened to computers on radios before. Think
in terms of sound first, as it's easier. A given sound represents a
"1", and another tone is "0". You waver back and forth between the
tones to describe the data you're transmitting. 

The idea is that some of the normal emission characteristics from
components in computers (like UARTs) correspond to this sort of

With regard to machine types, if it's a serial line, it's fairly easy
to map the communications into a set of probably protocol suites. If
you know *anything* about the use of the machine, it becomes a lot
easier. For instance, given an intercept of TCP/IP traffic over a SLIP
line, I could probably reconstruct a TELNET session log, but it's
nowhere as easy as just reading a terminal session on a link to some

	Doug> Even if it's just a plain text file how could the
	Doug> surveillance team read it? Does each member of the ASCII
	Doug> character set have specific and identifiable radiation
	Doug> signatures? For example, does the letter "k" as it
	Doug> passes through my modem cable have a characteristic EMR
	Doug> that is the same for all machines?

You might also think in terms of things other than screens and modem
cables. For instance, many keyboards emit RF as they are used. It's
not irrational to suspect that these emissions might be tied in some
way to the use of the keyboard - I have an old FCC Class A Wyse
terminal that sounds different depending on which keys I hit. Since we
know that every piece of equipment has a uniquely identifiable (even
compared to other units of the same type) emission signature, it's not
too outlandish to expect that different key encodings in a keyboard
might generate different emission patterns.

	Doug> Sorry if this query is too basic, but I would appreciate
	Doug> any enlightenment...

It's weird stuff, and some people would rather not have the world
learning how to do this. In fact, Van Eck's original article is known
to have some deliberate misinformation in it, as the author didn't
want to make it "too easy" to learn how to do this kind of ELINT.


More information about the cypherpunks-legacy mailing list