Slashdot Mirror
Declassified Tempest Material Comes Online
D-Fly writes "John Young, who runs the Cryptome repository of cypherpunk documents, has obtained a small batch of declassified documents from the NSA on TEMPEST monitoring-getting computer data through electromagnetic emissions. Young got the stuff declassified through the Freedom of Information Act, and has appealed their denial of the rest of his request. A lot of what he has received so far is appendixes and tables of contents, and addresses testing equipment to prevent TEMPEST emissions. For a comprehensive archive of what is know about Tempest monitoring, check out a clearing house of information.. "
I was looking awhile ago for something and I came across MECO.ORG. Seems they have some surplus TEMPEST PC/Monitors for sale.
Anderson and Kuhn's original paper is well worth reading for a very informative look at what Soft Tempest technologies can do for both attack and defence. I strongly recommend against speculating about any part of this technology until you've read this clear and extraordinary paper.
--
Xenu loves you!
The PC was in a heavy duty metal case with no openings. Their was an RF filter (metal mesh) over the opening for the power supply fan. All of the cables were thick, high quality, shielded cables. The monitor was in a special shielded enclosure. The keyboard looked normal but it was noticably heavier than a normal keyboard.
All mechanical joints in the case had RF gasketing material where the parts fit together. Every part in the system or attached to the system had to be TEMPEST certified. You couldn't install a normal I/O board, cable or peripheral without voiding the certification.
I've forgotten the price but it was two or three times the price of a non-TEMPEST equivalent.
Mea navis aericumbens anguillis abundat
The Nazis were no good at keeping secrets. By the time Joe Nazi knew it, the Jews knew as well. As did most other countries. That was no secret.
It is technically possible, but I've yet to see any credible proof that this method works. There are a lot of outside factors that first must be isolated, not to mention tuning in on the right frequency range. I believe it'd take some pretty advanced equipment to make any sense of the radition given from the CRT itself at a reasonable distance. If you know of credible source, or a site that really describes that method in detail, please do tell.
Where as my described method is pretty much industry standard, and is much easier to reconstruct. I've seen it in action.
I'm no expert, but from what little I have read it doesn't read the CRT emissions itself, it reads from other things. Such as the PC card or monitors' frame buffer or whatever. But there are restrictions on distance as its a rather feeble signal. I have little doubt that having multi buffers written to simultaneously, or just random noise on that frequency, would confuse things greatly.
I know nothing I'll say will change your mind, but i'm going to say it anyways. While I can understand why people might be concerned about Echelon, TEMPEST is not in the same league. If the government wants to kill or spy on you, there isn't much you can do about it. There will always be other methods which you're simply not aware of. FOIA in case of TEMPEST is neither necessary, nor very beneficial (as a countermeasure against the gov't).
When you starting implying that "The Government" (Justice Dept.) knowing murdered innocent people, you blow a great deal credibility. Widespread conspiracies are myth.
Try the keywords "Wim Van Eck Electronic Eavesdropping" in your favorite search engine (like www.google.com). That should give you the links you want.
Surrounding something with a conductor (ie copper wiring cage) to mask out EM transmissions is called a Faraday Cage.
(quick definition here
Nifty stuff here too.
Anything more, just use Google.
POpe
It doesn't mean much now, it's built for the future.
OK, I'm not sure if I understand you, but are you complaining because you think we don't want the government to protect its own data? If so, you got it wrong.
I don't like the classification of TEMPEST data and specifications because it makes it difficult for ME to protect MY data. It's the same thing as crypto.
Michael Gentili
- He's just some guy, you know?
I wonder how resistent those babies would be to a HERF gun... In my noisy environment, maybe I could use one too... ;)
Geeky modern art T-shirts
Why just versus the [domestic] Gov't? They're not the only folks with the technical know-how.
Think folks like disgruntled techies trying to grab payroll data. Or somebody stealing a competitor's secrets. Or so forth. There are, potentially, circumstances under which somebody would be willing and able to attempt TEMPEST ELINT surveillance, but not send folks to do a B&E or a little physical coercion...
Only the dead have seen the end of war.
I found a couple places through Altavista:
Advanced Technology Systems Corporation -- has TEMPEST-compliant and "ruggedized" (their word not mine) devices.
Candes Systems, Inc. -- Offers TEMPEST-compliant desktops and laptops.
The EMF Safety Catalog -- Mostly stuff about reducing EMF radiation, but also has some TEMPEST-compliant devices
Friends don't let friends misuse the subjunctive.
The 'r' in "dara" is obviously some sort of secret code. Perhaps it stands for DARPA, which would definitely have a vested interest in this sort of thing. And if you take the 'r' in DARPA and replace it with a 't', it becomes DATPA, which is meaningless. This proves my theory.
:-)
Another alternative is that the CIA is under control of a renegade communist band that fled Russia after the collapse of the U.S.S.R. Notice the "da" in the beginning of both DARPA, data, and dara. And the 't' being changed to an 'r' has to be a secret message; perhaps they want to "transfer" top-secret government information about TEMPEST so they can spy on Microsoft, steal the source code for Windows, and take over the world!
Wait. How can the source code to Windows possibly help them?
Friends don't let friends misuse the subjunctive.
TEMPEST and its ilk are bad, because they protect governmental/military sensitive data.
It's a poor sort of logic that has to be internally consistent.
---
Book(n): Utensil used to pass time while waiting for the TV repairman
When you starting implying that "The Government" (Justice Dept.) knowing murdered innocent people, you blow a great deal credibility. Widespread conspiracies are myth.
Yeah, right. You probably don't believe Kennedy was killed by aliens, the philidelphia experiment irradiated apple pie loving American soldiers against their will, Jimmy Hoffa peaks up umpires crotches, or the that the CIA is in league with NOW to get Gloria Steinam elected "Mrs. America" AND president in 2004, in a nihilistic attempt to discredit American politicians in the voter's eyes.
You are sadly mistaken, and clearly naive.
Worse than an untouchable, when I reincarnate I'll be lucky to return as bacteria.
You're confusing broadspread high level malice with low level screwups. When you bunker up in some compound, and start shooting at people you can't expect to be perfectly safe. Even if you personally aren't pulling the trigger. Things get hairy. Everyone's life is on the line.
Civil trials are NOT proof of innocence or guilt. It is a proponderance of the evidence, not beyond a shadow of a dobut. Futhermore, its being reviewed by a layman jury who knows nothing of what it is like to be under fire. The question is, what where they looking at?
Any lawyer worth his weight is capable of painting the Feds as being evil, and can then take admissions of shooting to the bank. But just because a single sniper shot an "innocent" (person not happening to be carrying a gun), doesn't even mean he violated protocol. A jury simply isn't qualified to review such cases. Even if he did violate protocol, it doesn't mean he did so maliciously or even particularly recklessly. Nor does it indicicate higher level involvement. Why do you assume his superiors would want an "innocent" person killed? It is just hogwash...
Because I care:
GUID
Win98 profiling
Professor Spokesman
Astroturf
Ads as news
Video
i can see the console on my pmac 7100/80 on channel 4. it only works if the rabbit ear antenna is at the correct angle, otherwise it just looks like high freq interference. just find an old 7100/80, hook up a monitor running at 60hz 640x480, boot up mklinux, run bitchx or just hit 'a' at the booter to get the bootstrap console. now tune to channel 4 (it might help if you use an old tv) and move the antenna around. you probably won't be able to make out the characters, but you'll at least be able to tell it's the console. btw, i know it's not the monitor or the vga cable leaking the signal cuz i've turned the monitor off and unplugged the video cable and the signal was just as strong. i guess apple didn't ground/shield the case well enough.
Getting all my secrets department"? Uh-huh. More paranoid ravings from the YRO folks. The more YRO read, the less it sounds like a legitimate concern and the more it sounds like the delusions of people who been watching too many "X-Files" episodes. Here's a hint: TV isn't real.
Paranoid rantings? Ok, for the vast majority of the population, who doesn't care what happens to the world as long as they can have a house in the burbs, SUV, 2.5 kids, and no one messes with their bowling night, yes. The NSA has already said in documents released through FOIA, that if you fit into this profile, they're not going to mess with you.
However, the rest of us, who have actually been paying attention to the events of the world, have reason to be nervous. Those of us who have noticed that our rights have been slipping away one by one, those of us who have noticed that the government is wresting control from the people, and those of us who may have been very vocal about their dissatisfaction with having their Constitutional liberties and god-given rights being taken away have a real serious reason to worry. And those of us who have seen the Justice Department kill innocent victims and children at Waco and Ruby Ridge have real reason to be upset.
Granted, the NSA, FBI, CIA, or whatever else government agency is not going to spy on everyone. But if the NSA find reason enough to tap you, there is plenty of evidence to suggest that you will be tapped. What violates national security might interest you. For all I know they could go definately go after ESR next, with all that huge arsenal he has. (HHOS)
Yes there is reason to worry, there is reason to look at the government with a cautious eye. Its people who are completely ignorant who will be the first against the wall when the revolution starts.
My journal has hot
However, the rest of us, who have actually been paying attention to the events of the world, have reason to be nervous.
Maybe you do, and maybe you don't. I am not trying to prove that one way or the other. Personally, some of the things the government does do worry me, and I am concerned about them.
But EMSEC isn't one of them. EMSEC is about as much a violation of your rights as strong crypto is. Note: Not restrictions on strong crypto, but the possestion of it. If EMSEC is a threat to my privacy, then so is strong crypto. See my point?
And those of us who have seen the Justice Department kill innocent victims and children at Waco and Ruby Ridge have real reason to be upset.
Right. The entire DOJ decided, "Hey, let's go kill some innocent people. And children! Make sure you go after the children first! They make the best targets!"
Have you ever been in a firefight? Things are not quite so cut-and-dry as you seem to think. When you start getting shot at, you shoot back at any available target. Otherwise, you'll have a bullet in the brain quicker then you can say "Constituional liberties".
The fact of the matter is, the people at Waco were holed up in a compound, in violation of multiple laws, and shooting at people. The police fired back. What do you expect?
I think it is a shame that some of the people in that compound who were just caught up in the whole thing got hurt, but shit happens. You seem to think the police went out of their way to hurt these people. Did it ever occur to you that it was an accident?
<FLAME SETTING=MILD>
To put it bluntly: Get a grip.
</FLAME>
dragonhawk@iname.microsoft.com
I do not like Microsoft. Remove them from my email address.
Purely depends on the quality of the monitoring equipment - picking up individual monitors in one room can be done: let me refer to a demonstration done by Frank Jones (CEO of TheCodex)
"We had no problem viewing computer screens on adjacent floors in the building (we were sometimes hindered by noise) and were able to differentiate (to my surprise) between different computers in a large office. We aimed our device out the window across the street at an adjacent office building and were able to view CRT screens without too much difficulty."
The full article is here (scroll down to "WHAT WE WERE ABLE TO CAPTURE...")
I would like to point out something I thought was more relevant about the link and story, which I'd seen a this morning.
These documents were acquired by people submitting paperwork for the Freedom Of Information Act and acting on their beliefs. We can all sit around and argue about Echelon, or worry about some other terrible conspiracy, but I think that until people really start to hold their government responsible for it's actions, things will continue as before and worse.
Ask 'em for the documents. Make em worry about what to classify. Cause the office that checks for classification issues to overload; after all, classification decisions are pretty high level, and the model doesn't scale well. As the office becomes more clogged with requests for information, either they will mess up and release material they wouldn't have otherwise, or they will get so clogged they can't process all of the information coming in and going out.
Take responsiblity for the destiny afforded you by your government. Alone you are nothing, but in groups you are its greatest enemy.
Check my Go-related blog for beginners: DGD
There was an interesting sidebar to an article in Scientific American about a year ago describing a technique to hide data on a screen so that the user could not detect it's presence, yet the data could be picked up by Van Eck freaking.
Microsoft was funding a project to use this to put product serial numbers on the screen so they could drive a truck through an office park and pick out software pirates. Honest.
EMSEC (Emissions Security, the name for the security practices the TEMPEST program evolved into) is common practice in the world of Information Assurance today. It mainly consists of buying shielded everythings from certified vendors. IBM is one of them. With simple protections, EMSEC is no problem. Such practices are universal in the military world (even if compliance is not). In the civilian world, as usual, it almost always is not worth the effort.
"Getting all my secrets department"? Uh-huh. More paranoid ravings from the YRO folks. The more YRO I read, the less it sounds like a legitimate concern and the more it sounds like the delusions of people who have been watching too many "X-Files" episodes. Here's a hint: TV isn't real.
dragonhawk@iname.microsoft.com
I do not like Microsoft. Remove them from my email address.
3.1.4 (U) Bit Rate. -- A general term used to express the dara transfer rate of binary digital signals.
clearly indicates the spelling error "dara" instead of "data". Well, this proves that, as of 1992, the entire government has not been usurped by artificial or alien intelligence.
However, since 1992, I can make no assurances. Or that dara represents some coset of the coin data, with more specific meaning (or more general meaning), of some purpose I cannot yet surmise.
Here's the article you were talking about:
From www.sciam.com/1998/1298issue/1298techbus4.html
And like a predictable villian from a tired James Bond movie:
Of course Microsoft wouldn't abuse this technology, right? They may sneak the GUID serial number into user's documents, track users' PCs who install Windows 98, pay your college professors to push their products, organize an astroturf campaign to fake support for their DOJ lawsuit, disguise advertisements as news stories, and fake evidence during their DOJ trial, but they're honest, dammit!
Sorry if there are any typos in this, but it's hard to type when you have your head buried in the sand.
GUID: //www.news.com/News/Item/0,4,33413,00.html
Win98 profiling: //www.techweb.com/wire/story/TWB19990312S0008
Professor Spokesman: /chronicle.com/data/articles.dir/art-44.dir/issue- 33.dir/33a03001.htm
Astroturf: http://www.latimes.com/HOME/NEWS/BUSINESS/UPDATES/ lat_microsoft0410.htm
Ads as news: //www.thestandard.net/articles/display/0,1449,6087 ,00.html?home.bf
Video: //www.wired.com/news/news/politics/story/17938.htm l
Insert simplistic political, ideological, or personal proselytization here.