This has been around for a long time.
In the book "Spycatcher" by ex-MI5 agent Peter Wright, he describes a bug used by the KGB to spy on the American ambassador in Hawaii (I think).
There was a metal membrane hidden inside a wooden carving, which would passively vibrate with sounds in the room. A strong RF beam of around 900 MHz (details are hazy again, and it's not quite microwave) was directed towards the office from a fair distance away, then the signal would be minutely modulated and reflected by the metal membrane. It was able to work for several years, and this was in the 1960's. You can only guess what's available now.
Late to the party, but I'd like to add this. This only holds if you ignore the fact that the majority of audible sound does not come directly from the source, but from "re-radiated" sound waves emanating from the (metal) exterior of the case. How is this significant? Conduction of sound waves through metal is 10-20 times faster than through air(http://www.newton.dep.anl.gov/askasci/phy00/ph y00058.htm), so positional phase variation can be ignored (it's scaled by the same factor). This vastly simplifies the whole process in both hardware and software. Considerations: - Only one microphone is needed, although there would have to be multiple "speakers" attached to the case with outputs differing in frequency and magnitude content. Fairly easily accomplished in software - feedback control. A "long range" fft/wavelet based solution would circumvent this, although "random" noise (as opposed to the predictable whine of motors in fans and hdd's) would still remain at low levels. - damping issues, although we're mainly interested in the higher frequencies lying well above the resonance point of the case and panels
One issue not mentioned (but which Microsoft would have considered) is malicious alteration of the serial. If you change the key to something that is currently valid but will shortly be blacklisted, the computer will pass any security checks but is guaranteed to be ready and waiting to be compromised when the next vulnerability is discovered.
You're glossing over several issues.
* high frequencies are decay very quickly (by distance)Even with an antenna connected, it would be very short range
* he's using the harmonic of the 76.5 Mhz pixel clock, so the harmonics will repeat in multiples of this. If you're talking about sidebands, the bandwidth is limited to 25.1Mhz so you will only have to worry about harmonics of the sidebands
* The second harmonic of an 80m rig is only 7.5Mhz - still in that shortwave region used by hams FOR LONG DISTANCE TRANSMISSIONS
* Interference would be primarily AM in nature, and (since all police radios use FM) will be mitigated by the AM rejection circuitry in their receivers
* the power output is incredibly small - bear in mind that a direct connection is being used and it still comes up as only 60%.
There's a small mention in the article about the PLL used for clocking in the 9200SE being capable of up to 400Mhz. If the DAC's could be run fast enough, the carrier could be generated directly and you would get a much stronger signal.
Does someone have any details?
All the spammers have to do is to filter out the domains of known honey pots. Even with the donation of additional IP's by vounteers, this would be trivially easy to do.
Re:I'm surprised no one has said this yet
on
A College Guide to EA
·
· Score: 2, Insightful
In light of this comment, maybe he's not being as wilfully deceptive as other posters have made out.
"my way or the highway" people tend to see only what fits in with their pre-conceived notions, and I would also bet that his interaction with EA employees was heavily chaperoned. He also seems to miss the fact that as a "special guest" of upper management, a lot of employees would have been quite reluctant to be completely candid with him.
With his lab's high-resolution photoluminescent meter, one of his students performed a simple test that no major lab had thought to perform before
It angers me that they didn't even bother to name the student who thought of it. Meanwhile the emeritus professor gets to bask in all the glory of keeping the homeland safe.
This has a long history, and misappropriation has been ingrained into the academic culture. Offhand I can think readily of a couple of similar examples, such as the discovery of pulsars where the supervisor took all the credit for the student's innovation.
So, they screwed that one up slightly- IRC the main problem there was a short circuit.
I was referring to another incident, although I should have pointed out that this didn't fail during flight. If I remember correctly, the output driving an optoisolator unit was sourcing way more current than it was rated for. Carmack was quite flippant about it afterwards, and it didn't seem to occur to him that even a cursory check would have uncovered that problem ahead of time.
It doesn't take a rocket scientist, it just takes someone with a moderate understanding of fundamental electronic principles. John Carmack is no dunce, but like other programmers seems to place a far stronger emphasis on practical implementation rather than theory.
This is a great approach for software design, but not when you're dealing with components which will progressively weaken then fail.
Rocket science is not easy, but almost all of Armadillo's mishaps were due to easily forseeable problems, such as:
*battery connectors coming off *no protection against inductive kickback(essential around any combination of electromechanical and electronic devices) *not restricting allowable user inputs (ie joystick) *underrated power transistors for drive unit (this is very basic stuff) *finally, not setting minimum fuel level for takeoff
When you are dealing with a field as complex as this, you can't afford to make such stupid mistakes.
Slashdot Mirror
No, my bad. But I did read the book nearly 15 years ago.
This has been around for a long time. In the book "Spycatcher" by ex-MI5 agent Peter Wright, he describes a bug used by the KGB to spy on the American ambassador in Hawaii (I think). There was a metal membrane hidden inside a wooden carving, which would passively vibrate with sounds in the room. A strong RF beam of around 900 MHz (details are hazy again, and it's not quite microwave) was directed towards the office from a fair distance away, then the signal would be minutely modulated and reflected by the metal membrane. It was able to work for several years, and this was in the 1960's. You can only guess what's available now.
Late to the party, but I'd like to add this.h y00058.htm), so positional phase variation can be ignored (it's scaled by the same factor). This vastly simplifies the whole process in both hardware and software.
This only holds if you ignore the fact that the majority of audible sound does not come directly from the source, but from "re-radiated" sound waves emanating from the (metal) exterior of the case.
How is this significant?
Conduction of sound waves through metal is 10-20 times faster than through air(http://www.newton.dep.anl.gov/askasci/phy00/p
Considerations:
- Only one microphone is needed, although there would have to be multiple "speakers" attached to the case with outputs differing in frequency and magnitude content. Fairly easily accomplished in software
- feedback control. A "long range" fft/wavelet based solution would circumvent this, although "random" noise (as opposed to the predictable whine of motors in fans and hdd's) would still remain at low levels.
- damping issues, although we're mainly interested in the higher frequencies lying well above the resonance point of the case and panels
One issue not mentioned (but which Microsoft would have considered) is malicious alteration of the serial. If you change the key to something that is currently valid but will shortly be blacklisted, the computer will pass any security checks but is guaranteed to be ready and waiting to be compromised when the next vulnerability is discovered.
You're glossing over several issues. * high frequencies are decay very quickly (by distance)Even with an antenna connected, it would be very short range * he's using the harmonic of the 76.5 Mhz pixel clock, so the harmonics will repeat in multiples of this. If you're talking about sidebands, the bandwidth is limited to 25.1Mhz so you will only have to worry about harmonics of the sidebands * The second harmonic of an 80m rig is only 7.5Mhz - still in that shortwave region used by hams FOR LONG DISTANCE TRANSMISSIONS * Interference would be primarily AM in nature, and (since all police radios use FM) will be mitigated by the AM rejection circuitry in their receivers * the power output is incredibly small - bear in mind that a direct connection is being used and it still comes up as only 60%.
There's a small mention in the article about the PLL used for clocking in the 9200SE being capable of up to 400Mhz. If the DAC's could be run fast enough, the carrier could be generated directly and you would get a much stronger signal. Does someone have any details?
All the spammers have to do is to filter out the domains of known honey pots. Even with the donation of additional IP's by vounteers, this would be trivially easy to do.
In light of this comment, maybe he's not being as wilfully deceptive as other posters have made out. "my way or the highway" people tend to see only what fits in with their pre-conceived notions, and I would also bet that his interaction with EA employees was heavily chaperoned. He also seems to miss the fact that as a "special guest" of upper management, a lot of employees would have been quite reluctant to be completely candid with him.
With his lab's high-resolution photoluminescent meter, one of his students performed a simple test that no major lab had thought to perform before It angers me that they didn't even bother to name the student who thought of it. Meanwhile the emeritus professor gets to bask in all the glory of keeping the homeland safe. This has a long history, and misappropriation has been ingrained into the academic culture. Offhand I can think readily of a couple of similar examples, such as the discovery of pulsars where the supervisor took all the credit for the student's innovation.
So, they screwed that one up slightly- IRC the main problem there was a short circuit.
I was referring to another incident, although I should have pointed out that this didn't fail during flight. If I remember correctly, the output driving an optoisolator unit was sourcing way more current than it was rated for. Carmack was quite flippant about it afterwards, and it didn't seem to occur to him that even a cursory check would have uncovered that problem ahead of time.
It doesn't take a rocket scientist, it just takes someone with a moderate understanding of fundamental electronic principles. John Carmack is no dunce, but like other programmers seems to place a far stronger emphasis on practical implementation rather than theory. This is a great approach for software design, but not when you're dealing with components which will progressively weaken then fail.
Rocket science is not easy, but almost all of Armadillo's mishaps were due to easily forseeable problems, such as:
*battery connectors coming off
*no protection against inductive kickback(essential around any combination of electromechanical and electronic devices)
*not restricting allowable user inputs (ie joystick)
*underrated power transistors for drive unit (this is very basic stuff)
*finally, not setting minimum fuel level for takeoff
When you are dealing with a field as complex as this, you can't afford to make such stupid mistakes.