Slashdot Mirror

Speaking of AM radios and software on the victim computer: this classic.

Unfortunately only works on CRTs; but it's a heartwarmingly neat trick.

I think the display offers more bandwidth: http://www.erikyyy.de/tempest/

A great deal of people here already know, but for the others:
http://www.erikyyy.de/tempest/

Software to generate images (noise) on your CRT screen so that the generated interference will translate as sound you can listen to on a radio receiver

It works great to listen to music when you do not have a sound card!

Use Tempest for Eliza and it'll transmit radio at you for real rather than generating a minor html error :P

Really cool software: Tempest for Eliza. Make use of the old CRT in the corner...

Here you go then: Tempest For Eliza.

You can use your (CRT) monitor to generate tones that can be received on an AM radio. It shouldn't be a stretch to make it play Jingle Bells.

http://www.erikyyy.de/tempest/ is using a video card to make music.

http://www.erikyyy.de/multikey/

This program creates given X files from one file, and you need Y of them (Y=X) to re-create the original.

Each of the files is way less than complete data. It's much more of a key than the cryptogram. There is NO cryptogram as such, only keys. Say, they found two out of 12 (and they need 10 to re-create the original). Can they request me to provide another 8 keys, when they have 20% of the cryptogram? Especially if it's extremely unlikely that what they have does actually contain anything incriminating (the data is not only random, it's way incomplete!) and providing them with the rest of the data WILL mean providing them with incriminating material (other files contain more of the data and combined may produce something actually incriminating).

To imagine thing easier: there's 500MB of incriminating material and 500MB of total randomness. Guy 0 XORs them then saves the result of the XOR result and the 10kb or random noise to separate CDs, erases the original, shuffles the CDs and hands them to Guy 1 and Guy 2. It's impossible to tell which of the CDs is the cryptogram and which is random noise. They are worthless without each other. XORed together they create the compromising material.
Now the Police bursts through the doors and windows of Guy 1 and demands the key to the CD. He says this is the key and the Guy 2 has the cryptogram. So they get the CD from Guy 2 but he says it was his CD that was the key... The data obviously IS incomplete in both cases (you must provide exactly as many bits of data to have it recreated from the noise as the data contains originally - you could just as well provide the data itself and discard the noise, or make up virtually any kind of data by XORing the right input with one of the results.)

So...?

Take a gun apart, into 15 pieces. Hand each of the pieces to one of your friends. None of them is carrying a weapon, or even "incomplete weapon". Then they meet and put the gun together. Unless there are laws that specifically prohibit carrying weapon parts, they can bring the gun anywhere they want.

You can also make an AM radio with your CRT monitor.

Tempest for Eliza is a very interesting demonstration of the whole problem. You feed it with an audio file, and by showing the right graphics on your screen, it transmits that audio file on a configurable frequency.

Remember these are military ships...

1. Blind spot in watch cameras.

This was simple, obvious, and cheap to address. This "simple" vulnerability was overlooked creating an excellent attack vector. It doesn't look like it would be too hard to storm the bridge of the ship undetected. I hope they don't have to anchor off the coast of Yemen any time soon.

2. FLIR Equipment not rated for -40 deg (or 125 deg probably)

The DoD Inspector General investigates parts that "do not conform to Original Equipment Manufacturer specifications." The fact that the Coast Guard will not talk to the Inspector General tells me all I need to know.

Perhaps the requirement gets more real when it is stated this way "we might have to deploy to Alaska or the Middle East. We really need our systems to work in these regions. If we loose the ability to maneuver safely in bad weather everybody on the ship might die."

3. Use of non-shielded cable in "secure" communications systems.

Is it so hard to believe that you can eavesdrop on unshielded cables at a reasonable distance? Have you tried Tempest for Eliza to broadcast your mp3s to a radio via an unshielded computer monitor?

I would think that it would be harder to believe that the US could create a chain of underwater microphones to track every ship in the Pacific (SOSUS). I find it even harder to believe that film canisters could be ejected from space parachuting to Earth only to be caught in mid-air by an airplane (Corona). Governments make it their business to do what the other guy considers impossible.

With military grade technology the system is the solution. The mission of the crews is not to compensate for the oversights built into the technology they rely on to survive. Whenever classified information is compromised lives are put at risk. Whenever mission-critical military systems fail lives are put at risk. That is why this is a major problem.

Government employees in their respective acquisition offices (AO) have a retirement to protect. Their fate (in part) is tied to the success of projects they oversee. No AO wants to hear about fundamental problems in the system they are procuring late in the process when schedule and cost are affected (remember, contractors build these systems AT COST + an "award fee"). Besides the design was approved... What happens to the career (and pension) of the government employee who approved the acquisition of a product that didn't meet the WRITTEN NEEDS of the Coast Guard for a NATIONAL SECURITY system? There is incompetence; but there is more fear than incompetence.

Lockheed Martin (in Colorado) has had problems executing their contracts. When an organization is not doing well nobody wants to hear about problems. Lockheed emphasizes "ethics" training (he makes reference to three "ethics" investigations). The purpose of this training and the purpose of the investigations (by anonymous hot-line) is to legally cover the corporation. "Ethical misconduct" can be a federal crime. Just ask Boeing. Lockheed doesn't have anything to loose now that they have extensive data from three investigations covering their liabilities.

The default settings of P2P applications share all documents and media files on your machine. Which P2P apps are they talking about?
P2P file exchanges generally violate international copyright laws. - Stop lumping P2P with piracy, DoD!
I'd say part scare tactic and part CYA. More than anything I'd wager the presenter was not interested in the breifing becoming a class on how to securely and ethically utilize P2P programs. Let's be honest, bigwigs usually aren't tech savvy - they have assistants for that.

CLASSIFIED CPU's should be at least 3 feet from UNCLASSIFIED CPU's - Cooties?
Google "Computer security TEMPEST". Then you can go download Tempest for Eliza for your own fun. Check out Tinfoil Hat Linux too :D (wiki at http://en.wikipedia.org/wiki/Tinfoil_Hat_Linux

Actually, you may not need to joke about it. I don't know if they tried ASCII specifically (that program requires the Simple DirectMedia Layer library to be installed), but it may very well be feasible.

You're talking about Tempest For Eliza". I never got the "broadcast an mp3" function to work, however - only the broadcast using their special midi-like files. A shame, really. Still, even the midi-like broadcasts make for a neat geeky party trick, and demonstrate the power of tempest ;)

It's called Tempest for Eliza. I remember it being pretty cool when I tried it a few years ago in high school.

Even better, there's a program that will play music to your AM radio by displaying particular images on your monitor

It seems to me like innovative and experimental software is very commonplace in OSS. Unfortunately, a lot of it doesn't get noticed as it is never rolled into a "usable" product. Tempest, a radio broadcaster using CRT, is a good example.

Another obvious place where OSS seems to innovate is in low level networking programs. Ettercap is absolutely brilliant, for instance, and Ethereal is exceedingly useful as well. Perhaps these were created in part because they were necessary to write compatible higher level software to interoperate with other systems. Also, their internationally developed and non-profit nature might make their authors more likely to tread into "legally questionable" territory than a commercial venture would dare.

Despite the relative lack quality Linux-based music and audio software, there are definitely some innovative tools in this area as well, such as Csound, SuperCollider, and TaoSynth, which provide very interesting programmatic sound modeling possibilities. These programs wouldn't be generally useful to musicians, which is perhaps why they haven't been developed as closed-source commercial products, but for the somewhat rare musician-hackers out there, they're very interesting indeed.

There's plenty of innovation in open source. The only thing is, most of it is so niche that it's hard to hear of it.

Poo, when I first saw the title, I thought they were talking about something along the lines of this! (If you can transmit a MP3 with a screen image, surely you can jam a Wi-Fi!) };-)

send radio with your computer this program sends AM signals through a CRT monitor

I dont know about u but Tempest for Eliza sure cuts it for me as an example of someone useing something out of CS and getting it to do something totaly different from its intended purpose.

My CRT has topped that one for a while now.

Tempest for Eliza was getting a little old :-)

I refer you to Tempest for Eliza for a practical demonstration.

How about a monitor into a radio station? --Jeff

There's also compilercache . The homepage details some of the benefits of of using this to supplement make when, for example, changing compiler flags.

This is nothing new, and people actually do that, though they don't have to see your tv. It's called Tempest. And building a receiver that interprets and redisplays monitor/TV signals is not that hard.

Entrapment could be ever so easy: Look! He went to a child porno site!

Wasn't that you sitting outside my house breaking and entering my computer?

Now I can try out tempest for eliza without need to actually use a radio!

Actually, you don't need extra hardware at all, you can use your monitor as an AM transmitter:

Tempest for Eliza

Ok, the sound quality is lousy, but...

You can also get 23-second kernel compiles in software using Compilercache :-).

Look around for info on the U.S. government's declassified Tempest program. That shows how you can really do this, by sampling the radio emissions of the equipment. Any rapid switching creates radio waves, if you don't shield them effectively you may indeed leak information off site. There have been demonstrations of reading a CRT by the video monitors radio emissions

Indeed. Here is a program that implements just that. Tempest for Eliza is an interisting program... it actually played classical music on my AM radio using the monitor color intensity! There's a mod for mp3 even. Check it out.

cheers,

fsm

Over time, you notice that people that read and post on Slashdot are extremely misinformed, narrow minded, and self centred.

There are at least 50 posts now on this story claiming it is a hoax. It's clear from many of these that few have actually read the synopsis at the top of the paper, never mind the rest of it.

It is not talking about 10Mbps communications. It is talking about lower data rate comms, like modems, serial lines, and the like.

It does work, only on a small amount of devices. It is short range. This doesn't make it a hoax.

TEMPEST is at a stage where it is hard to perform - we're talking government/big company level to manage anything impressive or useful. Take a look at this tempest radio site. Neat, but not very useful.

If you have no idea what you are talking about or don't have anything useful to add, keep quiet. Is it just so you can get your karmas up???

http://www.erikyyy.de/tempest/

Ive heard about scavenging screenshots from computers a couple hundred feet away using the EM signal, but had serious questions on how easy this was.

The above link does it in reverse plays MP3's through your MONITOR as an antenna !!!

Now, that said, I have more of a belief in a tempest like system, guess its time to get my copy of tinfiol linux

• You're using a computer that could have a keystroke logger installed. http://www.keyghost.com is an example of a tiny & cheap hardware logger.
• You need to use your personal GPG keys at work, school or a web hosting facility where you don't trust or own the equipment.
• If you maintain a PGP Certificate Authority or signing key and have to have a safe place to use the CA key.
• If you simply don't want to risk putting a PGP key on a hard drive where someone else might have access to it.
• The Illuminati are watching your computer, and you need to use morse code to blink out your PGP messages on the numlock key.

• readme.txt, also on the floppy image
• The source code for files on the floppy
• The tinfoilhat linux floppy image plus disk signature file Transfer this image to disk using rawrite (on windows) , dd on unix (dd if=tinfoil.img of=/dev/floppy ), or Diskcopy on a MAC.

• Q: Why doesn't the floppy I got at codecon match the signature above?
  A: because I screwed up & wrote a nvram.md5 file to the floppy I then used as a master. I had to remove that file from every floppy. The result is that the MD5sum of the codecon floppies should be: 3608290765de7d5283a1a22813677a56
• Q: How do I undo that horrible screen in paranoid mode?
  A: Type "contrast" at the command prompt, or play with ctheme.
• Q: Is this really a 1.0 stable release?
  A: Think of this as a linux kernel 1.0 . Yes, it's stable to the best of my ability, and has been tested, but not for very long or by many people.
• Q: What sort of hardware is required to run tinfoil hat?
  A: Any 386DX or faster IBM compatible with more than 8 megs of RAM. Pretty much any PC made in the last 8 years will work fine.
• Q: where do I send complaints, bugs & feature requests?
  A: anonymous AT nameless DOT cultists.net
• Q: What is the license for this distribution?
  A: The scripts, documentation, and the distribution as a collection are released under a modified BSD license. Obviously, other people's software in this distribution retain their original licenses.

• Aluminum foil deflector beanie from zapatopi
• The man in the Tinfoil Hat . A good example for people confused by the tinfoil hat reference.
• http://www.gnupg.org
• Joelm's comprehensive TEMPEST site.
• Tempest for Eliza A fun tool for observing the radiation from your computer. If anybody ports this to Direct FB, I'll put it on tinfoil hat in a flash.
• Diceware a tool for generating very secure passphrases.

Basically, tempest eavesdroppers exploit the electromagnetic radiation generated by things like your monitor, UTP Ethernet, serial cables... in some cases the radiation thrown into the shortwave band is broadcast fairly significant distances... also advanced techniques -- such as irraditing a building with a certain frequency of electromagnetic radition -- prove that it's been possible to pluck individual instructions of a CPU.

The most simple form of tempest eavesdropping is reconstructing the image displayed on your CRT, however, it would also be possible to grab keystrokes from a PS/2 cable (or your pin code from the serial cable that connects the keypad of an ATM)...

Actualy CRT eavesdropping is fairly simple... all you really need to get started is an old B&W TV with manual sync signal adjustment (the sync signal on a monitor usually isn't powerful enough for "home-made" [i.e. crude] eavesdropping devices to detect-- so in order to get a coherent picture you need to manually control sync.)

Do a search on Google for tempest radiation-- you'll find all sorts of interesting things... Check out also Tempest for Eliza -- it's a neat functional demonstration. With it, you can use your monitor to broadcast music on the shortwave spectrum. It's sort of eerie actually.

BRx.