1992-12-16 - Re: tempest devices and use

Header Data

From: karn@qualcomm.com (Phil Karn)
To: treason@gnu.ai.mit.edu
Message Hash: bdb0e838d970ef4757b8a7f0ee0a13148681c44e66cc66abe91d53c8ab1b91e9
Message ID: <9212161918.AA03733@servo>
Reply To: N/A
UTC Datetime: 1992-12-16 19:48:04 UTC
Raw Date: Wed, 16 Dec 92 11:48:04 PST

Raw message

From: karn@qualcomm.com (Phil Karn)
Date: Wed, 16 Dec 92 11:48:04 PST
To: treason@gnu.ai.mit.edu
Subject: Re:  tempest devices and use
Message-ID: <9212161918.AA03733@servo>
MIME-Version: 1.0
Content-Type: text/plain


>It is illegal to use any device as a tempest shield, including lead, 
>tesla coils or any other materials that can possibly interfere with tempest
>reception!  You need a government license to use these, and then you must have 
>reason to have such a device(this is how banks can use such things.)

Eh? The specific purpose of TEMPESTing a computer that handles
classified information is to contain any incidental information-
bearing electromagnetic emissions so they cannot be received at a
distance. But shielding is not only a security issue, it is also
highly desirable to minimize interference to users of the radio
spectrum (e.g., broadcast TV sets and radios).

Now the FCC Part 15 rules (which govern "incidental radiation devices"
such as computers) are much less stringent than TEMPEST, but this is
only an economic tradeoff because full TEMPEST-level shielding of a
computer can be very expensive. In fact, many classified shops have
instead built "screen rooms" (or entire screened buildings, such as
those at the NSA) so they can use standard commercial-grade computer
hardware. Anyone is free to add as much shielding to their computer
equipment or their entire buildings as they want.  There's absolutely
nothing illegal about it; in fact it's highly commendable to do so.
The FCC (and your neighbors) will thank you for it.

Now if you wanted to "mask" your computer's RF emanations with some
sort of RF noise source (such as a Tesla coil) that's another story.
Most transmitters require licenses for the obvious reason that they
can interfere with other users of the radio spectrum. But this has
nothing to do with your right (or even duty) to shield your computers.

Unfortunately the TEMPEST rules themselves are classified, so we
really don't know how much shielding is necessary, or what one can
pick up from an unshielded system, or exactly how you'd do it.
Obviously this is an attempt to protect NSA's own SIGINT methods. But
there is, to coin a phrase, "equal protection under the laws of
physics".  Star Warriors' claims notwithstanding, they're the same
for everyone, black (classified) or white, and they're open for
all to discover and apply on their own.

Phil









Thread