Slashdot Mirror
Monitoring Your Monitor
bje2 writes "Rememeber this story from a couple months ago about reconstructing data from the blinking LEDs of modems...well, CNet is running a story about reconstructing the display of a computer by using special hardware and the reflected glow of the monitor." Kuhn's paper (400k PDF) is available.
It reconstructs a monitor image from the monitor glow too. I call it the "video camera"
If you're in a situation in which you can take advantage of this effect, why not just look at the monitor itself?
CNet is running a story about reconstructing the display of a computer by using special hardware and the reflected glow of the monitor."
...like a mirror!
a grrl & her server
While Kuhn calculated that the technique could be used at a range of 50 meters at twilight using a small telescope
Now I can watch my neighbor surf pr0n from his computer, instead of filling up my hard drive with the filth!
Attention all planets of the Solar Federation! We have assumed control! - Neil Peart
What, like, a mirror?
echo Prpv a\'rfg cnf har cvcr | tr Pacfghnrvp Cnpstuaeic
Same article appeared on /. back in March, dinnit?
How is this different from a standard tempest attack which has been around forever?
No todo lo que es oro brilla
my porn distributor is going to sue the FBI for p2p-ing my collection through my monitor via DMCA. haha, got you!
geek page at KY speaks
Because the monitor is facing away from the window through which you're snooping.
CRT Eavesdropping: Optical Tempest by michael with 219 comments on 10:57 10 March 2002
And if I were a little more ambitious I would post a link to this story that was already on slashdot a month or two ago...
The real danger here, I think, isn't some kind of "national security" or "bank fraud" or anything like that -- security schmecurity. The real danger, is Quake cheating!
Think about it. If I can reconstruct what is on your monitor, I can tell where you are. Are you down the tunnel? In the water? Are you on top of that goddamnfucking sniper tower? I could reconstruct your screen and determine exactly where you are in the Quake map.
Quick, someone, solve this problem before it tears society apart!!
-- Ken Kinder ken@_nospam_kenkinder.com http://kenkinder.com/
But this is straight out of Neal Stephenson's Cryptonomicon. Coupla hackers built one on a bet in a hotel room... Just one of thousands of kickin things from that book.
ceci n'est pas une sig.
Hmmm yet another use for LCD monitors, increased security for the paranoid... but whats the use really? if you have line of sight to the *screen* ??? You could use the old fashioned way of "just looking over someone's shoulder..."
This is akin to what you see in the movies all the time. someone has a computer image and the "zoom in" to some obscene level of resolution and then the "Enhance" it. Foolishness. If the data is not there, no algorithm will add it.
I assume some company will get 2-3 million from the government to study this and 2-3 years later they will have wasted the money and concluded its not feasible. If they would start with basic graphics class and take a look at what resolution means they might have a clue...
Now I can begin selling my high-tech, computer privacy protection devices.
I will call them curtains.
Now all I need to do is hide it all in a closet.
Seriously, how does this create a security risk, someone not only has to be in the room with you, but half a meter behind the monitor, which is a meter from the wall. Oh, and did I forget to mention, that all the lights had to be off. Like they said, it's a curiosity, and nothing else.
Xaotik Designs
It's clearly the same as the problem with the blinking modem LED's -- just cover the front of your monitor with duct tape.
free ipod? yeah.
For example:
StegFS: the Steganographic Linux Filesystem from 1999 Information Hiding proceedings
A TEMPEST variation for hiding data, "Soft tempest", from IH'98
A One-time password package intended for login or ftpd
and some other stuff.... cool guy!
Rememeber this story from a couple months ago about reconstructing data from the blinking LEDs of modems... and remember that CNet story about reconstructing the display of a computer by using special hardware and the reflected glow of the monitor.? Well, now it seems that someone has figured out how to recreate Slashdot articles just by not checking to see if they have already been posted!!!
"Until that's resolved, the safest solution is to compute with the lights on. "
Or just close the window shades.
It seems like you can read the contents of a monitor under optimal conditions, but how often do you get optimal conditions? More often that not, a person sits in front of a monitor as he or she works. At best, then, you'd only be able to get bits and pieces of what's on the screen. You also have to contend with different grades of wall paint and/or wallpaper (not to mention furniture behind you) which might make this endeavor fruitless in most cases.
It's a nice trick in a lab, and probably worth publishing. But I think there are too many uncontrollable variables to make this practical.
Just get a pair of those glasses that have mirrors on the outer sides of the lenses. Mind you, everything will be backwards, but you can see what's going on while pretending to look in the other direction.
:)
As for monitor LED monitoring, big deal. They can find out if my monitor's on, in powersave mode, or off. Yeah, big security risk there.
We will be doing a special on Printing Your Printer. More details at 11.
Moon Macrosystems. Sun's biggest competitor.
You can tell what's being displayed on a Windows box from its reflection by looking to see if the reflection is a uniform, unchanging shade of blue.
It usually will be.
but this article goes much more in depth, the other could be considered a prelude. why is everyone on slashdot so critical when the don't bother to read the fucking articles?
--fetch daddy's blue fright wig, i must be handsome when i release my rage
First he'd need to figure out a way to reconstruct the 'glow' that is NOT there, due to the silhouette caused by head being in front of my monitor.
"Just Smile and Nod." --Huck
When decrypting a file, check "Secure View." It makes it slightly hard to read on screen but it renders this method useless. It also removes the ability to copy/paste text and save as a file.
Pi
Mod this poster up. He is correct. The Slashdot editors have done a repeat (that included another repeat in the summary!), and have managed to get the facts wrong, twice in a row now!
go slashdot!
Moon Macrosystems. Sun's biggest competitor.
Now I can justify the 21 LCD at work on the grounds that the CRT poses a risk of industrial espionage.
Nope, no sig
This technology has been around for years. The difference with this article on CNET is that it appears it has fallen into the hands of local law enforcement, rather than outfits like the CIA or FBI. It's called
-R
is monitor LED monitoring so we can find out if the monitor's actually ON or not! Yeah!
Wasn't this posted, like, months ago?
Looks like it doesn't apply to flat panels. It relies on the CRT electrons coming out of the monitor and striking a photosensitive component. Not to mention, what if you have a large person using a small monitor? It would seem to me that you'd have to have an unobstructed view for this to work.
This could be detrimental to geeks though. Quoting the article: the safest solution is to compute with the lights on. Dangit.
There is no reasonable defense against an idiot with an agenda
:wq
well I suppose they will soon be able to reconstruct what I looked on a monitor by looking at my CRT-sunburn.
Obviously I'm just kidding, I have an LCD monitor.
:)
-- There are two kind of sysadmins: Paranoids and Losers. (adapted from D. Bach)
That's what happens when you get trigger happy on the submit button, the comment was to read as: This technology has been around for years. The difference with this article on CNET is that it appears it has fallen into the hands of local law enforcement, rather than outfits like the CIA or FBI. It's called TEMPEST. And it appears I'm smoking something mentioning local law enforcement, I don't know where I got that from, skimmed the article too fast or mixed it up with something else I was reading..Heh, I shouldn't be posting this morning.
-R
I think there was a story on /. before about catching the radiation from the monitor to reconstruct the images.
I wonder which technology can produce the more accurate picture?
"A plan fiendishly clever in its intricacies"- Homer Simpson
Right now, i'm sitting in the bathroom with no windows, the only thing that connects me to the outside world is my network cable and power cable. HA spy on me now!
//drunk, fix later//
--sig fault--
People face there monitors so they are visable to windows. i cant belive the number of first floor offices i see where the monitor's display can clearly be seen with the the naked eve through the window. so dont point your monitor outside.
Tempest is a real risk, but you have to evaluate how sensitive your information is and is a tempest attack likely.
the easiest way i think to reduce these attacks to to put up a big fence around your facility, atleast 50m from any window.
Now you can reconstruct Slashdot from the reflected glow of old stories!
Um, wrong. The original article involved researchers demonstrating that certain modem/network devices allow you to read the actual data stream based on the blinkenlights. Spying is theoretically possible (though unlikely) with this.
They have been able to read your monitor remotely by the RF noise it gives off for quite some time. Now almost decades later you can use this nifty new method that only works for a small window. Oooo wow, so impressed, sNOT! Sorry, the LED issue still seems far more important to me.
;)
But hey, I'm not complaining that this story was posted, its better reading then white space.
That's why I invested in thick shields for my windows.
Well, that's what I call them.
She calls them curtains.
Oh well.
Newsflash!
Covin Technologies Announces Technology Breakthrough!
May 14th, 2002 at 11:55AM EST
Covin Technologies has innovated a new innovative technology!
Our new innovation: the Diaphoresis Device can scientifically measure *exactly*
what your programmers were doing all day just from their caffeine intake!
This will be a boon to middle managers everywhere!
Just think -- you won't have to look over their shoulders or visit their dank caves^H^H^H^H^Hcubicles anymore!
All you have to do, is go through their trash at the end of the day, put all the empty Coke bottles and coffee cups into your brand new Diaphoresis Device, and it will tell you:
1) How many hours they spent programming
2) How many times they left for the bathroom
3) How many emails they sent making fun of *you*!
4) How many times they reloaded Slashdot
You can have it all!
"You have the option of insanity. I do not. And that makes me crazy!" - Brian to Angela, My So-Called Life
Extracting a 3DES key from an IBM 4758
Attacks on SRAMs and microcontrollers
Did you know you can fertilize your lawn with used motor oil?
Remember the comment in that story about Kuhn's paper on this technique?
Of course, we all know that high tech spy computers have monitors that throw a readable image onto the user's face. You see it all the time in the movies. They're reconstructing the image by analyzing the glow bouncing off of your walls and face.
"I'm not impatient. I just hate waiting." - My Dad
There's some really nice signal processing going on in the paper; it isn't like he just feeds the raw signal into pixels or anything.
-m
This is just like in that movie Antitrust , sort of.
Real crypto wouldn't have word breaks. It gives too much away.
"I'm not impatient. I just hate waiting." - My Dad
A .
Nah.
This could have a huge impact on amateur radio! People can now start their own station just by putting their CRT-monitor on the roof and stream their mp3's on it! :)
.midi files on is CRT and receive this with an AM-radio in the same room. I found it pretty cool :)
I think the RIAA would not be happy whith that
But seriously, a friend of me actually managed to play
this sig has intentionally been left blank
Imagine a van driving slowly down the streets of a neighborhood every 10 minutes, monitoring the blue TV glow coming out of windows.
Not reconstructing the actual image - just watching the gross flicker patterns, and matching them against all TV stations in real time.
If it finds someone that's not on a known TV station, it pauses for a minute and logs a longer sequence of flickers to match against the flicker patterns of a large library of videos.
Talk about precise marketing info!
Talk about potential blackmail material - ("Did you enjoy your viewing of 'Under-age Girls' last night Mr. Politician? Doing a bit of research, were you?" What about the previous 15 nights?")
Maybe we need to extend "peeping tom" laws to cover any deliberate use of EM radiation coming out of our homes...
My boss is an old spook who spent time at NASA and some other defense contractors. While there (about 10 years ago) he worked on this project. From what he tells me, they were able to monitor displays from a good distance without any troubles. Not only did they do this ten years ago, they also developed a coating for the monitors that would reduce the radio emissions. That way no one could monitor them...
I don't know what this guy patented but it's already been deemed useless by 10 year old US Government research.
Sit back and relax as Windows 98 installs on your computer.
Jeeze, this is going around your E to your A, people.
Anybody remember the tempest device? Able to lock on to a RF signal produced by hardware and reconstruct it, get displays, and rummored to be able to even spy on a CPU's activity if finely tuned enough. I read a rather lenghty article on how to build one years ago, but I'll be damned if I remember where I found it. I suggest a goodle hunt. The frightening thing is, the people who built it, were able to pick out a single display in a large office building -- eight blocks away.
RF signals are easyer to get to than the reflection of a monitors glow, I would think.
My new top secret key -> C>N|KB
They were doing Van Eck Phreaking which was looking for the electrical eminations of a monitor through a solid wall in an effort to reconstruct the display.
Little Different than staring at the monitor from a distance.
As a rock-in-roll Physicist once said, No matter where you go, there you are.
Strikes me that Van Eck phreaking works better, since you don't have to rely on visibility...
Sure, you have to get closer, but since this seems to be aimed at TLAs for surveilance anyhow, that shouldn't be too hard.
Do you have a
Boy, I definately struck someone's nerves with that comment. Anyone around here able to take a joke?
if you read my monitor from the glow, I'll sue you for decrypting my wall's reflection algorithm!
Punctanym: alternate spelling of words using punctuation or numerals in place of some or all of its letters; see 'leet'
Unofficial Tempest Info site :)
Just for those who may not know the jist of it, ALSO DIY shielding techniques!
Sehr geehrter Toilettenbenutzer!
Given the fact that the CRT is the responsible for the leak of information flow, LCD displays will be become better once again. They do not have enough power to light the wall in front of itself. This comes to add to the list of benefits of using LCDs, instead of common monitors. They are more expensive, but also healthier.
This is no cause for alarm, just put some sort of lightproof cover over your monitor =P
prosebeforehos.com
New way to reconstruct information
/. viewer never even heard of carbon paper.
Carbon Paper
Thats right, cut out a piece and place the carbon paper under the mouse. At the end of the day pull the paper and see the pattern left by the user.
Place the carbon paper under the keyboard to record varies keystokes.
Hide some under a chair. If serveral undulating motions are recorded you may have a porn problem.
The really scaring part of this is the fact the half of
You say things that offend me and I can deal with it. Can you?
This is news? It is a well know effect ... The real trick is picking background noise out of your signal (hint : it is very trivial).
...
... ... ...
...
:-)
Here is a trick for you kiddies
The US power grid is 60 cycles,
That means Fluorescence lights turn on and off 120 times a second
That means filament lights have a detectable 120 hz intensity ripple
60 cycles gives you a wavelength about the size of north America
So the whole US turns on and off 120 times a second
In Europe it is 50 cycles
What does this mean from space?
The whole power grid turns on and off between 120 and 100 times a second (depending which frequency it uses)
Watching the phase of a single light compared to the rest of the grid tells you if that part of the grid has a large inductive load (big motors), resistive load (big computers), or capacitive load (big particle accelerator) on it.
Watching a light that doesn't flicker in sync with the local grid tells you it is on internal generator power (big target).
And you ask how do we know the facility is a viable target?
Lesson : if you want to avoid being noticed stay on the grid and stay in phase. Otherwise big brother will find you and send your coordinates to a circling B-52
TastesLikeHerringFlavoredChicken
Doesn't your first statement "From what he tells me, they were able to monitor displays from a good distance without any troubles" contradict "I don't know what this guy patented but it's already been deemed useless by 10 year old US Government research"?
Here is a good source of information about TEMPEST attacks, including the "Urban Folklore" LCD displays on laptops eliminate the risks of TEMPEST attacks (answers a few posts in this thread). It may be more than 10 years old as these guys claim to have been around 17 years.
Phillip.
Property for sale in Nice, France
Burn my karma!
They that quote Benjamin Franklin on liberty and safety deserve neither.
Um. Go get in your pickup truck tonight and drive into the city. You'll probably drive by many buildings. In some of those buildings you will be able to see glowing from computer monitors. With this technology, you would be able to see what is being displayed on the screen even if it's not facing the window.
1. Get a bunch of monitors
2. Get a bunch of composite to VGA Converters
3. Attach All.
4. Play Brittney Spears videos 24/7
This will produce enough noise to negate any spy system other than direct view. Brittney might damage the watchers as well.
Who watches the watchers while watching the watched?
SD
âoeWho knew something as harmless as willful ignorance could end up having real consequences?â
He said that you could (theoretically) be outside the room quite some distance away as long as you had a half-way reasonable telescope. Of course you get a trade-off with distance, ambient lighting level (S/N ratio is the big problem) etc.
But he reckoned that if I sat at this computer right here with all the lights off and the curtains open the reflection of the monitor on the wall behind me should be readable from the bottom of the garden. (The monitor isn't facing the window so you can't read it directly with a telescope.)
Probably safe, though, because I only have all the lights off if I'm playing games - if I'm doing real work there's usually a light on.
In related news, it has been discovered that the source code for Windows can be reconstructed by analyzing the arrangment of empty Mountain Dew cans in developer's cubicles.
-Vercingetorix
"Necessitas non habet legem." -St. Augustine
I'm not any sort of expert in this, however from what I know of video the process has to be something like this:
The phosphors in the CRT do not emit only when hit by the electron beam. They have a certain persistence, so a dot keeps on glowing while the beam moves on through other dots. If you get a perfect recording of the signal, then reconstructing the picture requires merely syncing onto the video scan by means of the long and short black intervals (vertical and horizontal retrace), calculating each pixel's actual output by subtracting the fading output of previous pixels, and feeding the resulting video and sync into your own monitor.
However in using this in a normal "spying" situation, you get room lights and other "noise" in the signal. You've got to guess at the average ambient level and compensate (subtract it out) so the picture isn't washed out. Then, you are probably working with such a low level of signal per pixel that quantum fluctuations add significant noise. Subtracting signals accentuates the noise, so you'll wind up with a pretty grainy picture -- after lots of trial and error adjustments to find the best background level compensation, pixel fade rate, etc. But most data on computers is presented in quite high contrast, and stays on the screen for quite a while, so you can improve the picture by averaging frames. So it does sound possible to get a good enough picture for most espionage purposes (extracting text and diagrams, or sometimes just finding out what the guy is reading).
What it probably won't do unless you get really close:
-Spy on your Quake rivals; (I assume, not being a
Quake player myself) the picture changes too fast for frame-averaging to help much, and in general it's a detailed, lower contrast picture so graininess would have a greater impact.
-Pirate the Playboy channel from your rich neighbor, unless you are so hard up that just staring at a screen of approximately fleshtoned grains and imagining there's a nekkid woman somewhere in there is enough...
-Steal passwords protected by the "*" character, unless the login was incompetently programmed and it shows the actual character for a frame before covering it up. And probably not even then, because frame-averaging will often be needed for legibility...
Just handwaving here, but I expect that if someone can get a camera where this process works for any of the above, they probably could have focused it right on the screen and also physically wire-tapped the machine.
Hasn't this been posted already?
This technology is kinda like most of the magic tricks that I try to ignore in ST: Voyager: Long range scans. :)
It seems so far from being taken seriously, though.
"Wireless : LAN
This is nothing new, and people actually do that, though they don't have to see your tv. It's called Tempest. And building a receiver that interprets and redisplays monitor/TV signals is not that hard.
Anyone who's ever been in a secure facility run by a halfway competent government or any large corporation knows that there are several countermeasures already in place. Many of them were designed for other reasons but serve the same purpose. For example, at one secure computing facility I've visited, the ENTIRE shell of the building's secure area is entirely surrounded by a Faraday cage of solid metal 1/8" thick. Even the floor and ceiling are covered. Seams are bolted shut. Wires and pipes run thru special conduits that trap EM energy. Doorways have metal-finger contacts and vault-style closing mechanisms. I doubt you'd get much diffused light through those measures. Also, several slightly less secure conference rooms I've seen included double blinds on the windows, including metal venitian blinds and thick pull drapes. Again, pretty light resistant. Now, those measures are designed for things like Tempest resistance (the metal Faraday cage) and preventing optical snooping (deadening the sound hitting the glass, thus preventing using an IR laser to bounce a reflection off the window, in an attempt to reconstruct the sound inside the room). But any company that is serious about security already takes great care to protect that information and wouldn't be susceptible to this problem.
The one thing it does reemphasize is that simply sitting with your back to the wall isn't enough. Well, thanks to Tempest and LED blinking and insecure wireless and hosts of other issues, we already knew that.
Frankly, the one surprising thing about this article is that it made it into the mainstream media. I'm quite surprised that the British government, or whatever home country, didn't consider this research highly classified and quickly squelch its publication.
--Brandon / Split Infinity Music
In theory this is interesting, but would be practially useless in real life. What if someone was sitting in front of the computer, and there was no convenient white wall a metre away? Where would you hide your "special light sensing device"?
Again, an interesting piece of theory, but I can't see many situations where this could be applied in real life. On the other hand, the concept of "Van Eck Phreaking" (using a tv, antenna, & tuner to pick up electromagnetic radiation from a monitor and duplicate the picture from a distance) is quite old now. It's a much more realistic approach, but even still, it hasn't been explored very well.
if this inneffective light-and-reflection approach interests you, perhaps you'd like to check out some information on a more likely way to watch someone's monitor remotely like tempest, or the original paper on electromagnetic radiation as a security risk, by Wim Van Eck, the paper being written about tests he conducted in 1983.
I read an article about something like this, that scanned for the radiation emitted by the monitor, and worked down the street, rather than just up close. It only had to be facing the monitor.
Simple: Close your blinds and curtains and make
sure no light is getting through!
We can always start looking at our computers in lead-walled cameraman boxes such as in old photography cameras.
Me? I'll opt for the best choice ever.
Blinking modem light? NO PROBLEM!
DUCK IT!
Glowing Monitor? NO PROBLEM!
DUCK IT!
Big stupid mouth shouting a lot of bullshit to make people paranoid? NO PROBLEM!
DUCK IT!
When will people learn?
[)(]subliminal labs[)(]
It all sound pretty bogus to me. The claim that blinking LED's can be used to reconstruct what you do on the computer is laughable. To reconstruct from a LED what is being written you would have to be able to correlate each blink as one bit. a 0 or a 1. 8 bits per byte, 1024 bytes per kilobyte etc.. ad nauseum.
Let's use the first half of a ripped mpg version of Star Wars Attack of the Clones.
The first half is 701 MegaBytes or 5,883,382,624 bits (that's close to 6 billion bits)
I can write that on my hard drive in 2 minutes which gives us apporximately 49,028,188 bits per second.
Now can anyone tell me that an LED is capable of blinking at a rate of 49 million times per second? And if it can are we able to discern 49 million blinks with the technology we have? From a distance?
Please...
- A Frog in a pond utters an azure cry. -
you can look in the window and see the iMac sitting on the desk. (Unlike daytime, when you can see that my laptop is pointed the wrong way.) Of course, if you look more closely, you'll see that it's really just an iMac *poster* positioned at the right height :-)
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks