Slashdot Mirror

← Back to Stories (view on slashdot.org)

Laptops And Flat Panels Now Vulnerable to Van Eck Methods

Posted by Zonk on from the i-seee-you dept.

An anonymous reader writes "Using radio to eavesdrop on CRTs has been around since the 80s, but Cambridge University researchers have now shown that laptops and flat-panel displays are vulnerable too. Using basic radio equipment and an FPGA board totaling less than $2,000 it was possible for researchers to read text from a laptop three offices away. 'Kuhn also mentioned that one laptop was vulnerable because it had metal hinges that carried the signal of the display cable. I asked if you could alter a device to make it easier to spy on. "There are a lot of innocuous modifications you can make to maximize the chance of getting a good signal," he told me. For example, adding small pieces of wire or cable to a display could make a big difference.'"

9 of 144 comments (clear)

  1. Re:ch0wned! by LiquidCoooled · · Score: 5, Interesting

    I wonder if this could be used (at close range to reduce errors) for the only remaining analog hole

    The MPAA will be furious!

    --
    liqbase :: faster than paper
  2. Re:HDMI? by drinkypoo · · Score: 4, Interesting

    wonder if they're just reading the signals that are being sent over the wire? With analog signals this is pretty easy to to, but with DVI it's a lot harder, and way harder still if the signal is encrypted.

    With DVI it's probably a lot harder, but the signal might actually be clearer if you knew how to pick it up, kind of like how you can pick up UWB radio at high ranges. The on-off style of the signal creates a sharper signal. It might require more hardware but I wouldn't be surprised if you could do it at longer range.

    An encrypted signal, of course, will be much harder to deal with whether there's an easy-to-receive digital signal or not.

    I'm skeptical of the idea that the main video link will be encrypted any time soon though, because of the immense bandwidth involved.

    Also, I have to wonder if you could simply pick up the signal between the controller, which decodes the signal (digital or no) and the panel itself...

    --
    "You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
  3. Not too surprising by mobby_6kl · · Score: 3, Interesting

    This shouldn't be too surprising to anyone who's tried listening to audio output from a typical laptop. You can hear everything, including processor load, disk access, mouse or window movements (the sound noticeably changes depending on the cursor, hovering over a text area sounds differently than over the desktop or window resize areas) and typing. I'm sure some of that audio noise also escapes as electromagnetic emission which, can be picked up with appropriate equipment.

    I'm not an expert on Van Eck phreaking, so it's possible that the previously used methods were incapable of detecting this for whatever reason, but the presence of these emissions and the possibility of spying shouldn't be surprising.

    This reminds me of the scheduled tinfoil supplies delivery I need to take care of...

  4. Old Fashioned Countermeasures Still Work! by voodoo+cheesecake · · Score: 1, Interesting

    The Commodore 64 Blue Book had a section on this. It talked about how to shield your environment by enclosing a room with screen and grounding it. It also mentioned to coat your power cords with a certain paint high in sulfur content. I also suggest taking measures to prevent access and emissions from your grounding rod, if you're connected to a public utility. That also prevents your light bulb from being used as a microphone.

  5. Article Polls! by mobby_6kl · · Score: 5, Interesting
    Holy shit, I just now noticed that this article has its own poll, how awesome is that!

    My first reaction was "WTF did the relatively recent end-of-civ poll go" and then when I voted it showed this article's comment under the poll results, which was another WTF moment. When was this feature added/first used? I can already see great use for the article polls, for example the editors could try to guess the popular tags and use them for poll items.
    • Yes
    • No
    • Hellno
    • Its
    • Chairthrowing
    • CowboyNeal
  6. Oh bull by Anonymous Coward · · Score: 5, Interesting

    No one knew? That's utter nonsense. I noticed that my laptop lcd monitor would cause interferce at times on my FM radio seven years ago, depending on what it was doing, and what station I was listening to.

    That's a pretty big red flag that these suckers were subject to Van Eck.

    And if the NSA could hear Scott McNealy's friggin keyboard outside in the parking lot (as they later told him during a meeting in the late 1990's), you'd better believe that the NSA has had LCD monitor reading capability for at least that long.

    Just because it's not in the popular press, or published papers, hardly means that no one knew. The only thing surprising here is that it took so long for someone to get a paper out it.

    I don't mean to disparage the researchers, who deserve a lot of credit to finally bringing this to public knowledge, but this is really low-hanging fruit.

  7. Trinitron? by Anonymous Coward · · Score: 1, Interesting

    For example, adding small pieces of wire or cable to a display could make a big difference.


    Like the Sony Trinitron CRTs?

    I never bought their explanation for the "aperture grill" and "damper wires". Considering this kind of EM surveillance, they make perfect sense however.
  8. Yes, we've known for a decade by billstewart · · Score: 5, Interesting
    ... i.e. just about as long as laptops have been usable. Wireless eavesdropping and TEMPEST issues were a common discussion topic back in the Cypherpunks era, among the technical experts as well as among the tinfoil hat crowd, and a number of us had worked with TEMPEST professionally.

    My ~1995 laptop (486? Pentium 60? MHz) would display on my parents' TV screen when I visited them. (No, I didn't live in their basement, I'd just avoided having a TV in my house back then:-) It wasn't in sync, so there were three partial screen images scrolling slowly, and there weren't enough pixels, but it was readable enough to be obvious that a real receiver would be able to display the output cleanly. My guess was that the culprit wasn't really the LCD drivers, but the auxiliary VGA port on the back of the laptop; I no longer remember if I tried turning that on and off, or exactly which laptop model it was, but Google probably knows.


    The real difficulties are getting enough focus to only grab signals from the laptop you're looking for, and not all the other CRTs and TVs and LCDs around, which is why you're reading an interview with an expert like Markus Kuhn and not just some 1337 k1dd13z, and doing so without parking a big antennaful van on the street in front of your target.


    If you look at the real security threats here, there are two sides -

    • Crackers trolling for whatever they can find, like passwords and credit card numbers they can abuse, who are willing to eavesdrop on anybody nearby, such as people in an airport
    • Cops and spooks and secret police who are targeting *you*, in which case you've got much more serious security problems than whether your laptop screen can be eavesdropped.
    --

    Bill Stewart
    New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
  9. Re:Cryptonomicon? by Anonymous Coward · · Score: 1, Interesting

    I don't mean to alarm you... But Cryptonomicon was, in fact, entirely sci-fi.

    Damn. All this time, I thought that Alan Turing was a real person. I'm so embarrassed!

    But seriously. Cryptonomicon wove real events, real people and real technology with fiction in a pretty seamless way. It's not so bad to ask where the fact ends and the fiction begins, and it's wrong to call it "entirely sci-fi".