1994-02-07 - Re: TEMPEST - Electronic eavesdropping

Header Data

From: tcmay@netcom.com (Timothy C. May)
To: R.O.Jackson-SE1@computer-science.birmingham.ac.uk
Message Hash: fc21c49f408fc69cbbf0580e16a7ead1e1b21612d97ee79c49653b4353fa9606
Message ID: <199402062359.PAA20879@mail.netcom.com>
Reply To: <13893.9402062244@heffalump.cs.bham.ac.uk>
UTC Datetime: 1994-02-07 00:00:30 UTC
Raw Date: Sun, 6 Feb 94 16:00:30 PST

Raw message

From: tcmay@netcom.com (Timothy C. May)
Date: Sun, 6 Feb 94 16:00:30 PST
To: R.O.Jackson-SE1@computer-science.birmingham.ac.uk
Subject: Re: TEMPEST - Electronic eavesdropping
In-Reply-To: <13893.9402062244@heffalump.cs.bham.ac.uk>
Message-ID: <199402062359.PAA20879@mail.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain



> In the US it not illegal to posess TEMPEST-surveillance equipment but
> it is illegal to take appropriate counter-measures to prevent 
> surveillance. The US government has refused to release details of its

Please provide a reference for this. We've discussed this _many_ times
on this List, and the consensus is that no such law exists, nor is it
plausible that folks could be told they cannot "shield" their
computers.

(In fact, FCC regulations call for various levels of RF shielding, as
we all know. Is there a law which says "You must shield--but not _too_
much"? Of course not.)

I don't want to sound rude, but saying it is illegal to take
appropriate counter-measures to prevent surveillance is a serious
statement, requiring some support. (I'll look for the ftp paper
you cite later...do you have a pathname handy in the nist ftp site?)

I can believe that _certain_ countermeasures, like active jamming with
RF signals, may be somewhat restricted, but mainly for FCC reasons. I
cannot believe that shielding a keyboard or computer, or using LCD
displays to reduce Van Eck emissions, or even putting one's computer
in a Faraday cage, could be illegal. 

> TEMPEST research and has restricted the dissemination of independent 
> research by classifying it.

Parts of the TEMPEST spec (and TEMPEST is not an acronym for anything,
I understand) are classified, for various reasons, but this does not
mean shielding or other countermeasures are forbidden. In fact,
shielding supplies and TEMPEST-related supplies can be bought from
several companies. Every time this thread comes up, someone cites the
suppliers.
 
> The US Drug Enforcement Agency (DEA) makes use of TEMPEST secured
> electronics and computers as they believe that the drug cartels may
> possess surveillance equipment.

I'll phone Pablo Escobar and ask him.

> I am interested in gathering comments on the social, legal, ethical,
> and technical aspects of use of TEMPEST surveillance equipment in
> the US and Europe with the aim of including it in a discussion
> of the threats to computer/digital systems.
> 
> thanks, 	- Rob Jackson
> 
> (more information on TEMPEST can be found in the paper
>  "Eavesdropping On the Electromagnetic Emanations of Digital
>   Equipment: The Laws of Canada, England, and the US" by
>   Cristopher Seline - available on FTP from csrc.ncsl.nist.gov)

Lots of interesting stuff there. But where is the paper you cite? A
pathname would be appreciated.

--Tim May


-- 
..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,  
tcmay@netcom.com       | anonymous networks, digital pseudonyms, zero
408-688-5409           | knowledge, reputations, information markets, 
W.A.S.T.E.: Aptos, CA  | black markets, collapse of governments.
Higher Power:2**859433 | Public Key: PGP and MailSafe available.




Thread