From: Petro <petro@playboy.com>
To: Jim Choate <cypherpunks@einstein.ssz.com (Cypherpunks Distributed Remailer)
Message Hash: a23a70d7240ce4b2d526f2b3acf173f05670c0f1863f800774e0e177d6db405d
Message ID: <v03110700b22d93e4449b@[206.189.103.244]>
Reply To: <199809221743.MAA05104@einstein.ssz.com>
UTC Datetime: 1998-09-22 05:14:38 UTC
Raw Date: Tue, 22 Sep 1998 13:14:38 +0800
From: Petro <petro@playboy.com>
Date: Tue, 22 Sep 1998 13:14:38 +0800
To: Jim Choate <cypherpunks@einstein.ssz.com (Cypherpunks Distributed Remailer)
Subject: Re: Stego-empty hard drives... (fwd)
In-Reply-To: <199809221743.MAA05104@einstein.ssz.com>
Message-ID: <v03110700b22d93e4449b@[206.189.103.244]>
MIME-Version: 1.0
Content-Type: text/plain
At 12:43 PM -0500 9/22/98, Jim Choate wrote:
>Forwarded message:
>> I don't know how hard this would be, but how about running a
>> seperate memory check, and while those numbers are flashing on the screen,
>> do the wait for imput?
>
>So hide the keyscan in the memory counter code. Would work externaly, would
>probably not show up on TEMPEST. Since both the keyscan and the memory scan
>are repetitive TEMPEST might have a problem telling them apart. Provided you
>could get the keyscan in the same footprint as the mem check the BIOS
>would not show up as anomolous in size. As long as they're not running
>around doing checksums you'd be ok (I suspect).
At a certain threat level or level of "interest" in your affairs,
whether you can hide the fact that you are using crypto or not is going to
become irrelevant.
In otherwords, if your threat level realistically includes CIA/NSA
you're well and fucked. If "they" think you are a serious threat to them
(as opposed to being a serious threat to the government/country) they will
get you, they will lie, they will cheat, they will give some poor bastard
plastic surgery to look like you, and take pot shots at the president on
National TV, and then "escape custody".
If you are operating at this level, you are trying to hide _your_
activities from prying eyes, true, but you are also trying to prevent
_others_ from being compromised.
If your opponent is using tempest, you are operating at that level.
Tempest is expensive, and I'd imagine would have to be calibrated not only
for each processor ([3-6]86, with all the variations (sx/dx, celeron, xenon
etc,) as well as the NEC. AMD. and Cyrix clones thereof, ARM & StrongARM
processors, PPC 601/3/4/G-3 processors, Motorola 68k processors, sparc
processors etc) but (if you are looking at what the POST & BIOS actually
does) for each BIOS AND OS. This is NOT an easy task, nor can it be done by
a Bozo operating a X-Ray machine at an airport.
If you have attacted enough attention to warrant the expense that
this investigation is bringing on, you better either be totally clean AND
on everyones good side, or they ARE going to find something. They're the
government, locking people up is what they do best.
--
petro@playboy.com----for work related issues. I don't speak for Playboy.
petro@bounty.org-----for everthing else. They wouldn't like that.
They REALLY
Economic speech IS political speech. wouldn't like that.
Return to September 1998
Return to “Petro <petro@playboy.com>”