From: Anonymous <nowhere@bsu-cs.bsu.edu>
Date: Tue, 25 May 93 20:47:09 PDT
To: cypherpunks@toad.com
Subject: No Subject
Message-ID: <9305260350.AA27590@bsu-cs.bsu.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 25 May 93 21:26:20 EDT,
 Bill_Stewart <uunet!anchor.ho.att.com!wcs> wrote -
 
[ ... referring to earlier discussions on TEMPEST, ELINT and
  COMINT topics]
 
> I'm not arguing about whether the stuff works, I believe that :-)
 
 It does, and I can expand further in subsequent paragraphs.
 
> VT100s and Brother electronic typewriters are two other classic
> emitters; I hadn't heard that the IBM was loud, but it's
> certainly a good target.
 
 He used a very simplistic example, one which is electro-mechanical, as
 another list participant already pointed out. The same ELINT
 potential eavesdropping techniques exist, which range from keyboard
 monitoring (passive and active) to synchronic monitoring of "visual
 displays," which by all rights, parallels the electronic equivalent
 of monitoring your "visual" data; what is written to your visual
 display.
 
> The wording *is* relevant when you're discussing whether a proposed
> acronym is real or made-up-to-fit, and as I said,
  > > I never saw TEMPEST expanded as an acronym in any of the
  > > documents I read.
> and the proposed expansions are really stretching credibility,
> as were the quoted article's contentions that using TEMPEST protection
> was illegal.
 
 TEMPEST was/is a specification that was written/developed to
 safeguard classified communications which were transmitted
 electronically, and rightly so. Digital Cryptanalysis is easy to
 record, measure and study; emissions are emissions. Its a well known
 fact that INT agencies were/are active in monitoring secure
 communications _recording_ for years, simply on the basis that the
 keys would be eventually compromised. The technical specifications
 of TEMPEST implementations on _SECURE_ systems are classified,
 likewise, the tempest requirements on confidential and FOUO (For
 Official Use Only) communications are less classified, at least to
 the level of their traffic. This was/is done in anticipation of
 secure, captured traffic analysis being eventually compromised. I
 have reason to believe that this exactly the tactics being mined now
 by the FBI/NIST/NSA. (whoops, slap my wrist) Traffic analysis is a
 dangerous concept when used in the wrong context, especially in a
 big brother capacity.
 
 Additionally (no classified information divulged here!), both the US
 INT agencies and the KGB sponsored intelligence agencies, recorded
 _all_ intercepted communications regardless of cryptographic
 tolerance, eventually under the guise that they would be compromised.
 This idealism alluded to the fact that compromised keys could be used
 to analyze past communications and provide information on future
 strategies.
 
 > *Clipper is a trademark of Intergraph.
 
 Oh, don't be silly. Uncle Sugar has already "officially" re-dubbed
 the chip the "Key Escrow" Chip. Silly, isn't it?
 
 Our Government is cheating us. Something needs to be done.
 
 Who's going to do it? Personally, I'm going to take fergp's suggestion
 and "question the powers that be." If any of you have a conscious,
 I'd suggest doing the same.
 
 To Eric Raymond: Include info on anon remailers and why they are
 important. Tell 'em "nobody" sent you. ;-)
 

Quis Custodiet Ipsos Custodes?