Laptops And Flat Panels Now Vulnerable to Van Eck Methods

An anonymous reader writes "Using radio to eavesdrop on CRTs has been around since the 80s, but Cambridge University researchers have now shown that laptops and flat-panel displays are vulnerable too. Using basic radio equipment and an FPGA board totaling less than $2,000 it was possible for researchers to read text from a laptop three offices away. 'Kuhn also mentioned that one laptop was vulnerable because it had metal hinges that carried the signal of the display cable. I asked if you could alter a device to make it easier to spy on. "There are a lot of innocuous modifications you can make to maximize the chance of getting a good signal," he told me. For example, adding small pieces of wire or cable to a display could make a big difference.'"

Bad story submission title

[drinkypoo]

The title given to this story on slashdot is awful, especially for a geek news site. Haven't we already established that obscurity is not security? And about a million times over?

An unpublished vulnerability is no less real than one that has been announced, and is in fact more dangerous because the lack of an announcement leads to a false feeling of security. The real story is that your laptop has in fact been vulnerable to van eck phreaking for years and year, not just "now".

It's a good thing I haven't had faith in slashdot for a long time now, or I'd be really disappointed. As it is, I'm just pointing this out for those who didn't already notice.

van Eck only made it public

[michaelmalak]

Russia and the U.S. had been snooping VDT images since the early 1970's or earlier. van Eck just made it public by publishing a paper on how to do it with $100 of Radio Shack parts. cryptome.org forum postings include a reference to a 1973 book.

Cryptonomicon?

[chochos]

So the hack that is mentioned in Cryptonomicon is pure sci-fi? It says that van-eck was possible on a laptop because of some backwards compatibility issue, in which laptops still refreshed the display 60 times per second or so, even if they didn't need to, so you could pick up on that radiation or something for the phreaking. It wasn't really possible until now? Or is this a different method where you can spy on LCD's using some method specific to LCD's?

TEMPEST

[Detritus]

The NSA, and other intelligence agencies, have been exploiting stuff like this for more than fifty years. Technology changes, but the fundamental principle, interception of EM radiation stays the same. You can even spy on certain models of electric typewriters. If you ever get the chance to look at TEMPEST certified hardware, you will see the lengths that the engineers have to go to, to shield and filter an electronics device. Besides the box itself, all cables have to be well shielded and filtered, or they just function as antennas for your sensitive data.

More information

[Masato]

I recently finished a research project on this subject and have actually had a chance to read a few of Kuhn's paper. From what I've seen and what other researchers have done, not a lot of thought has gone into making most equipment EMSEC compatible, so I'm not at all surprised by this finding. Most of the time, having "secure" equipment isn't required as very few individuals beyond large government entities have the money, resources and knowledge to be able to conduct such an attack. Extensive design and testing is required to ensure that equipment conforms to EMSEC standards and most companies are simply not willing to spend the extra money to certify their equipment for something very few people know anything about. According to Kuhn (see Security Limits for Compromising Emanations - warning PDF) emissions levels need to be as much as six orders of magnitude lower to prevent unauthorized snooping on most modern equipment.

Another paper that is very relevant to this article is from a Japanese group who did research on the same topic (LCDs, laptops, etc) A Trial of the Interception of Display Image using Emanation of Electromagnetic Wave - again, a PDF. What's interesting to note from this paper is the fact that the researchers found that minor inconsistencies in the production of the equipment caused slightly different synchronous frequencies to be detected. This means in an office it could be possible for an attacker to "choose" which monitor they wish to look at by its frequency signature.