1992-12-17 - No Subject

Header Data

From: pmetzger@shearson.com (Perry E. Metzger)
To: cypherpunks@toad.com
Message Hash: c8916fc7359b7b75543f8ad9d66a5e280c0b0e16313a04e0adc5edd4b26c629f
Message ID: <9212171925.AA04923@maggie.shearson.com>
Reply To: N/A
UTC Datetime: 1992-12-17 20:53:31 UTC
Raw Date: Thu, 17 Dec 92 12:53:31 PST

Raw message

From: pmetzger@shearson.com (Perry E. Metzger)
Date: Thu, 17 Dec 92 12:53:31 PST
To: cypherpunks@toad.com
Subject: No Subject
Message-ID: <9212171925.AA04923@maggie.shearson.com>
MIME-Version: 1.0
Content-Type: text/plain


Close, but no cigar, Mr. "Treason". Anyone reading your "proof" can see
for themselves that there is no law making it illegal to shield your computers,
only some regulations on people that sell equipment to the government can't
tell other people what their specifications are. Big deal.

The line in the article saying 
          Without  the right to possess  TEMPEST ELINT
          equipment  manufacturers  who  wish to  sell  to  the public
          sector cannot determine what a  safe level of emanations is.
is mostly bull, in the sense that people can probably judge what is safe
without knowing the government standards. In any case, you have demonstrated
nothing making it illegal to shield your computers, and we've already seen
a post containing a dozen purveyors of shielding equipment. Repeating,
you don't know what you are talking about. Now go away.

Perry

Original message included for reference:


> From cypherpunks-request@toad.com Thu Dec 17 14:13:11 1992
> Date: Thu, 17 Dec 92 12:38:34 -0500
> From: treason@gnu.ai.mit.edu
> Content-Length: 3194
> 
> Here is parts of the article I posted regarding the legality of the use
> of emf shielding.  Read it carefully, and I suggest you also read the
> posted document in full as well.  This poses many problems to the public
> in general, and the private sector in specific.
> PERRY, I suggest you read this.              
>  
>                NACSIM 5100A is  classified, as are all  details of TEMPEST.
>           To  obtain  access to  it, contractor  must  prove that  there is
>           demand within  the government for the specific  type of equipment
>           that intend to  certify.  Since  the standard is classified,  the
>           contractors can not sell the equipment to non-secure governmental
>           agencies or the public.  This prevents reverse engineering of the
>           standard  for its physical  embodiment, the  Certified equipment.
>           By  preventing  the   private  sector  from  owning   this  anti-
>           eavesdropping equipment,  the NSA has  effectively prevented  the
>           them from protecting the information in their computers. 
>                A number of  companies produce  devices to measure  the
>           emanations from electrical equipment.  Some of these devices
>           are  specifically   designed  for   bench  marking   TEMPEST
>           Certified equipment.  This does not  solve the problem.  The
>           question  arises:  how   much  radiation  at   a  particular
>           frequency  is compromising?  The  current answer is to refer
>           to NACSIM  5100A.   This document  specifies the  emanations
>           levels suitable  for Certification.   The  document is  only
>           available  to United  States  contractors having  sufficient
>           security  clearance  and  an  ongoing  contract  to  produce
>           TEMPEST Certified computers  for the  government.   Further,
>           the correct levels are specified by the NSA and there  is no
>           assurance that, while these levels are sufficient to prevent
>           eavesdropping by unfriendly operatives,  equipment certified
>           under NACSIM  5100A will have  levels low enough  to prevent
>           eavesdropping by the NSA itself.
>                The  accessibility  of  supposedly  correct  emanations
>           levels  does  not solve  the  problem of  preventing TEMPEST
>           eavesdropping.     Access   to  NACSIM   5100A   limits  the
>           manufacturer to selling the equipment  only to United States
>           governmental  agencies  with  the  need  to  process  secret
>           information.[33]  Without  the right to possess  TEMPEST ELINT
>           equipment  manufacturers  who  wish to  sell  to  the public
>           sector cannot determine what a  safe level of emanations is.
>           Further  those  manufacturers with  access  to  NACSIM 5100A
>           should  want  to  verify that  the  levels  set  out in  the
>           document are, in  fact, low enough to  prevent interception.
>           Without an actual  eavesdropping device with which  to test,
>           no   manufacturer  will   be   able  to   produce  genuinely
>           uncompromising equipment.
> 
> PERRY, now I put up, now YOU SHUT UP!
> 
> sheesh.
> 
> treason@gnu.
> 





Thread