1998-02-09 - Re: SOFT TEMPEST (fwd)

Header Data

From: Jim Choate <ravage@ssz.com>
To: cypherpunks@ssz.com (Cypherpunks Distributed Remailer)
Message Hash: 98b248a860fe01f9e9d168e15d8cc0b8482f71421e8df7b61ebb1f3204b796e1
Message ID: <199802092357.RAA25254@einstein.ssz.com>
Reply To: N/A
UTC Datetime: 1998-02-09 23:59:43 UTC
Raw Date: Tue, 10 Feb 1998 07:59:43 +0800

Raw message

From: Jim Choate <ravage@ssz.com>
Date: Tue, 10 Feb 1998 07:59:43 +0800
To: cypherpunks@ssz.com (Cypherpunks Distributed Remailer)
Subject: Re: SOFT TEMPEST (fwd)
Message-ID: <199802092357.RAA25254@einstein.ssz.com>
MIME-Version: 1.0
Content-Type: text



Forwarded message:

> Subject: Re: SOFT TEMPEST 
> Date: Mon, 09 Feb 1998 16:44:52 +0000
> From: Markus Kuhn <Markus.Kuhn@cl.cam.ac.uk>

> The software that displays the license number plus activation instance
> random code in your windows toolbar as an easy receivable spread
> spectrum barcode would have to take care of this depending on how
> exactly your license agreement is formulated. This can be resolved
> in many ways.

Has your technique been verified by any 3rd parties who are not affiliated
with you or your firm? Do you expect to do any public demonstrations of this
technology in the near future? Would it be possible to arrange for a
indipendant 3rd party to receive a test setup for evaluation?

> The technique of hunting software license violators via Tempest
> monitoring is not really targeted at providing 100% accurate
> and reliable identification of abuse at any point of time as

That's good. The thought that given current technology a signal reception
van could pull one monitors display out of a building that could potentialy
have 1,000+ pc's (my last job had about 1500/floor and 3 floors) at a range
of say 200 ft. is truly incomprehensible. If it works that is a feat worth
many laurels.

> (e.g., has bought a single copy of an expensive CAD software but
> uses it on over 80 workstations all day long), which then can
> justify to get court relevant proof by traditional means of
> police investigation.

You show up in my companies parking lot without my permission and start
snooping you'll be the one sitting in jail facing industrial espionage
charges. Any defence lawyer worth a damn would be able to blow this out of
the water, private citizens don't have the right to invade my privacy any
more than police without a warrant - and that take probable cause.

> One obvious countermeasure are Tempest shielded computers or rooms,

It's the monitors that need shielded, the computers already sit in a Faraday
cage. Simple copper screen glued to the inside of the monitor case with a
paper sheild and then grounded will resolve that problem. Be shure to put a
grounded screen on the front of the tube as well (similar to those radiation
shields that some companies make that don't work because they aren't
grounded).

> Another countermeasure are software reverse-engineering and modifying
> the broadcast code. This is around as difficult as removing dongle
> checking code: Not impossible, but for the majority of users too
> inconvenient.

A simple Gunn Diode oscillator driving a broad-band 100W rf amplifier will
swamp any signal you could hope to catch. Cost, about $250 ea. With the
new low-power transmitter rulings there wouldn't be much anyone could do
about it either.

> an interesting application. Tempest research requires some
> expensive equipment (special antennas, very high-speed DSP
> experimental systems, an absorber room, etc.).

Gee, and to think that when I've done this sort of stuff I only used a
Commodore 1702 composite monitor and some rf amplifiers and filters...
Duh, silly me. Any claim that it can *only* be done with lots of money is
almost always wrong.


    ____________________________________________________________________
   |                                                                    |
   |       The most powerful passion in life is not love or hate,       |
   |       but the desire to edit somebody elses words.                 |
   |                                                                    |
   |                                  Sign in Ed Barsis' office         |
   |                                                                    | 
   |            _____                             The Armadillo Group   |
   |         ,::////;::-.                           Austin, Tx. USA     |
   |        /:'///// ``::>/|/                     http://www.ssz.com/   |
   |      .',  ||||    `/( e\                                           |
   |  -====~~mm-'`-```-mm --'-                         Jim Choate       |
   |                                                 ravage@ssz.com     |
   |                                                  512-451-7087      |
   |____________________________________________________________________|






Thread