1996-05-28 - Re: Tempest Info

Header Data

From: Bill Stewart <stewarts@ix.netcom.com>
To: SpyKing <spyking@mne.net>
Message Hash: cb39a5a2149266e47d8d792d13be45562274abff54dd26301a93df8fbda5f95e
Message ID: <199605280739.AAA07817@toad.com>
Reply To: N/A
UTC Datetime: 1996-05-28 11:35:54 UTC
Raw Date: Tue, 28 May 1996 19:35:54 +0800

Raw message

From: Bill Stewart <stewarts@ix.netcom.com>
Date: Tue, 28 May 1996 19:35:54 +0800
To: SpyKing <spyking@mne.net>
Subject: Re: Tempest Info
Message-ID: <199605280739.AAA07817@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


There was some interesting stuff on the web page about
experience TEMPEST-surfing CRTs, and Sarah Ellerman's article
is better than some of its sources, but there's still bogosity around.

>It's so secret that the Feds refuse to even release its real name. 
>Privacy advocates have filled the void by nicknaming this
>technology "TEMPEST," which stands for "Transient Electromagnetic Pulse
>Emanation Surveillance Technology." 

Nope.  TEMPEST _is_ its real name.  It's not an acronym, and the stuff
doesn't even deal with Transient ElectroMagnetic Pulses; that's somebody's
attempt to take a non-acronym and find plausible buzzwords to fill it.

>What it does is allow a simple scanning device to read the output from 
>your monitor from up to one kilometer away.

It's not just about monitors; they're just easy targets because they're
usually electrically noisy, and the stuff they broadcast is in an easily
usable form (if you've got a monitor around that can handle the output
frequencies required, which is to say it costs at least as much
as the monitor you're bugging :-).  One reason they're noisy is the
basic technology they use; another is that they're hard to stick in 
metal boxes because you'd like to be able to see the screen.
In the days before FCC Class A and Class B certification became
near-mandatory, there were a _lot_ of noisy devices out there;
one early dot-matrix electronic typewriter could be read a couple
of miles away.  On the other hand, random signals from your CPU's crunching
are not only harder to detect among all the other electronic noise,
it's hard to translate them into anything human-readable.

>We headed east toward the New York Post newspaper offices and read the
>latest news off their monitors (which was printed the next day). We headed
>north toward City Hall and NYPD Police Headquarters. Guess what? They're not
>Tempest-certified either...Neither is the United Nations, any of the midtown

About 8-10 years ago, TEMPEST-certified computers typically cost about
$5000 more than equivalent regular computers, as well as being 6-12 months
behind the commercial products they were based on.  A big reason for
this is that certification is an expensive technical and paperwork process,
and most products aren't going to sell enough units to spread the cost around.
Sure, some of it's due to shielded cables, grounded metal boxes, and
paying careful attention to board design.

As one of the posters pointed out, you can cut down your exposure a lot
by using an LCD display instead of a CRT, and sticking to FCC Class B equipment,
which is a tighter standard than Class A.

One of the articles also described making a shielded room using some of 
the non-woven carbon-fiber fabric shielding, and said it didn't stop everything.
Shielding is a tricky business - modern computers have a lot of harmonic energy
in the 100 MHz - 10 GHz ranges, especially now that clock speeds are
in the 100 MHz range instead of the 8 MHz range that was common when I started,
so the wavelengths get very short and stuff leaks out easily around joints
unless you're very careful about both the technology and the installation;
you've _got_ to test a room for tightness and hunt down all the leaks
before you can trust it.  Also, of course, your electrical power system
needs to be shielded and filtered, so only 60Hz gets through,
unless you plan to stick to laptops and bring in spare battery packs.


#					Thanks;  Bill
# Bill Stewart, stewarts@ix.netcom.com, +1-415-442-2215
# goodtimes signature virus innoculation







Thread