1998-09-22 - Re: (99% noise) Stego-empty hard drives… (fwd)

Header Data

From: Sunder <sunder@brainlink.com>
To: Jim Choate <ravage@einstein.ssz.com>
Message Hash: be1947e901ae56322bc6c5aec2b32e17037c39a6632c4eb9520d78358ebd09d6
Message ID: <3608369E.6018339C@brainlink.com>
Reply To: <199809221948.OAA06096@einstein.ssz.com>
UTC Datetime: 1998-09-22 10:47:48 UTC
Raw Date: Tue, 22 Sep 1998 18:47:48 +0800

Raw message

From: Sunder <sunder@brainlink.com>
Date: Tue, 22 Sep 1998 18:47:48 +0800
To: Jim Choate <ravage@einstein.ssz.com>
Subject: Re: (99% noise) Stego-empty hard drives... (fwd)
In-Reply-To: <199809221948.OAA06096@einstein.ssz.com>
Message-ID: <3608369E.6018339C@brainlink.com>
MIME-Version: 1.0
Content-Type: text/plain

Jim Choate wrote:

> Consider that at any given time there are only a few hundred BIOS'es, made
> from a few dozen base images, driving all the machines out there. The number
> of companies that develop their own BIOS in toto for in-house products is next
> to nil (I know of none). What they do is buy a license and then re-write the
> sections they need to.

See: http://www.ping.be/bios/ for bioses and flash upgrades.
> The TEMPEST signal will be effected by speed, I see no reason to suspect
> that it's going to be processor dependant. Since the code gets executed
> in the same sequence in these shared BIOS there is going to be a shared
> footprint, which may get squeezed because of increased clock speed. Measuring
> that footprint at ranges of inches is nowhere near as expensive as trying to
> catch a monitor image from a block away.
> If you store those few thousand footprints and do a compare any bozo can
> in fact run the machine. Just sit and watch to see if the red light comes
> on and call your supervisor.

Come on guys, this is silly. Why the fuck would the UK tempest scan your 
notebooks?  Manufacturers produce new machines every month, each with modified
BIOSes for the features in their new notebooks, with hardware variations and 
imperfection, with different power levels of batteries, different PC cards
installed, different CPU speeds, different options and other inconsistencies
you get a very difficult situation.  

Your speculation that someone out there will tempest scan to see if you've
modded your notebook is silly.  Are you just pissing against the wind, or do
you have knowledge that they actually do this?

You're forgetting your threat model and planning for a level that's beyond
demented paranoia.


.+.^.+.|       Sunder       |Prying open my 3rd eye.  So good to see |./|\.
..\|/..|sunder@sundernet.com|you once again. I thought you were      |/\|/\
<--*-->| ------------------ |hiding, and you thought that I had run  |\/|\/
../|\..| "A toast to Odin,  |away chasing the tail of dogma. I opened|.\|/.
.+.v.+.|God of screwdrivers"|my eye and there we were....            |.....
======================= http://www.sundernet.com ==========================