Tyler's Education

Major Variola (ret) mv at cdc.gov
Sat Jul 3 21:25:16 PDT 2004 

At 04:35 AM 7/4/04 +0200, Thomas Shaddack wrote:
>On Sat, 3 Jul 2004, Major Variola (ret) wrote:
>
>> And digital edges are sharp, in the Ghz even when the "clock" is in
the
>> Mhz.
>
>How much do the "spread spectrum clock" feature on the modern
motherboards
>help here?

They do complicate things.  But I bet their spread-spectrum jitter
is derived from a PRNG.  All your PRNGs are belong to us.  'Specially
because you can just buy them and either analyze their output, or
strip the layers and get back to the Verilog.

>> And boxes need ventilation slots.
>
>Not necessarily.

Indeed Centaur/Via's x86 w/ crypto is advertized as "fanless"

>There are other ways of heat transfer.  A good way could
>be water cooling for transport of the heat from the CPU and other parts
to
>a massive metal heatsink that's the part of the case, with an optional
fan
>on its outside. Voila, water cooling is not only for case mod freakz
>anymore.

Just put the ventilated box in a bigger box and use some steel
wool in the ductwork to the outside...

>> Any questions?
>
>I expect much bigger problem in the attached cables and connectors. How
to
>solve this?

Shielding.  Shielded room.  Shielded building.

Basic idea: electro-magnetic disturbances penetrate only a short
distance into
conductors.

Folks who deal with low noise amplifiers deal with this all the time.
Ground loops.
Faraday cages.  Low voltage differential signalling.  Grounded thin
metal layer
over your LCD display.

I once worked for a chipmaker and they had a metal room.  Horrible
ventilation.   Copper gaskets on all the seams.  You could probe a chip
in there, with a microscope and micromanipulators.  But they also had a
PC which kinda nulled out the RFI issue. However that PC's output would
not have escaped.  The power cables from
the outside to inside are an issue too.

As Schneier says, pros go after people, not tech; which is not to say
you
can ignore RF tracking if you're a target.  I don't think you can "fish"
with
van Ecyk (sp?) tech, although wardriving/flying sorta counts, except
that
those are intentional emitters.

If I promise you a green card or citizenship, and give you a grand,
will you install this gizmo between the keyboard and computer for me
when you're cleaning the office?  (Assuming you're an 'illegal' working
for shit wages and the Suit has credentials, or cash, or both.  Ask
Nicky Scarfo about this..)

Or plug a camoflaged 802.11blah AP into a RJ-45 and listen from the
van...
(Succeptible to sweeps, but how often are they done?  And real pros use
bursty bugs that aren't broadcasting all the time, eg in the woodwork
of the State Dept.)

More information about the cypherpunks-legacy mailing list