[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
BEATING THE TEMPEST
-----BEGIN PGP SIGNED MESSAGE-----
BEATING THE TEMPEST: December 1998
<http://www.sciam.com/1998/1298issue/1298techbus4.html>
Just because you're paranoid doesn't mean they aren't out to get you. Most computer users would be startled to realize that somebody
parked outside their home with the right kind of (very expensive) receiving equipment can read the data that appear on their computer
screens. The receiver uses the monitor's radio emanations to reconstruct the screen's contents. The <A HREF="http://www.state.gov/">U.S.
Department of State</A> and other organizations spend a fortune buying shielded hardware to defeat these signals, known as Tempest <A
HREF="http://www.noradcorp.com/1tutor.htm">radiation</A>, after the code name for a government program aimed at tackling it.
Now Ross Anderson, a computer scientist at the <A HREF="http://www.cam.ac.uk/">University of Cambridge</A>, and graduate student Markus
G. Kuhn say they have developed methods for controlling Tempest radiation. What's different about their techniques is that they run in
software, making them much cheaper and easier to deploy.
The story began, Anderson says, when <A HREF="http://www.microsoft.com/">Microsoft</A> made its $20-million investment in Cambridge's
computer science lab and said the company was particularly interested in ways to control software piracy. Most approaches call for some
kind of copy protection; Anderson's idea was to design something that would enable detection of offenders rather than prohibit copying,
which is a nuisance loathed by consumers. Their concept was to make computer screens broadcast the serial number of the software in use.
In principle, properly equipped vans could patrol business districts looking for copyright infringements. In researching the broadcast
idea, Anderson and Kuhn came up with fundamental discoveries about Tempest.
In particular, they observed that emissions relating to screen content are mostly found in the higher bands--above 30 megahertz, in the
UHF and VHF bands. So altering those frequencies could change the Tempest radiation.
Anderson and his colleagues have fashioned a couple of prototypes that rely on different frequency-alteration methods. One of the lab's
prototypes, built using a black-and-white video display capable of monitoring and receiving Tempest radiation, filters the top
frequencies. As a result, the fonts become unreadable to the eavesdropping receiver. On-screen, the fonts look comfortably legible and
nearly normal. Filtering text requires display software that supports grayscale representation of fonts, but most computers have this
ability. Therefore, Anderson believes this technology could be easily built into existing machines, although the fonts' interference with
graphics makes it more likely they would be included in a security product than in, say, a general operating system.
The second prototype takes advantage of the display technique known as dithering, a method of mixing extra colors from a limited palette
based on the principle that if the dots that make up the display are small enough, the human eye will perceive the mix as a solid color.
Given a monitor of today's high resolutions, the human eye cannot distinguish between a solid medium gray and a pattern of
black-and-white pixels that adds up to the same gray. But the pattern of black and white is much easier for the snooping receiver to
detect, one consequence being that the computer could be programmed to broadcast a different signal from the one that actually appears on
the screen. The demonstration on display at Anderson's lab serves as a nice example, in which the word "Oxford" on the display appears as
"Cambridge" on the receiver.
Aside from stemming electronic eavesdropping, these prototypes could open the way to new types of security attacks on computers, Anderson
and Kuhn suggest. A virus could be designed to find and then broadcast information stored on a machine without a user's knowledge. The
game of spy versus spy goes on.
WENDY M. GROSSMAN is a freelance writer based in London.
- ----------
yeah, yeah....it's old news, but a new article, and from
"Unscientific Scamerican" no less.
Regards,
Ken Williams
Packet Storm Security http://www.Genocide2600.com/~tattooman/
E.H.A.P. Head of Operations http://www.ehap.org/ [email protected]
NC State CS Dept http://www.csc.ncsu.edu/ [email protected]
PGP DSS/DH/RSA Keys http://www4.ncsu.edu/~jkwilli2/pgpkey/
_____________________________________________________________
Get Your Private, Free, Encrypted Email at http://www.nsa.gov
-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 5.0i for non-commercial use
Charset: noconv
iQEVAwUBNlAdPZDw1ZsNz1IXAQFNNQf/Q23VtU0+xj6Cq4Eppm5TMqwd7DzE0k62
wR+hCqa7FXEEHbr+RSK7vdL3PmtaF6zUYAy9+Yn2C7lHnotVCRJ65hEIC+sDx5Rg
AdF9Y8wCiGUenAeFr54uSz8amo6aKXB6eoAFxJSwqp2xsQMqn9rGcEMOUOLi/OtO
b5Lj+e8gk9RREgjhPEIhHeVxqeJsKzB+A35FYr46T8du5+IYQyQucWGJEf/5zLga
Cr1N/8oPOXU4x+o0eUQmafvWNTyvuScu9+QdLyKxhgeRQyOe7U/TljNcp6kJs0q8
D+qlEADpzbKdm8uNAv0e7xRDe5J+CCdEKhUzs0A76TgXR7g6c+Czjg==
=KXvR
-----END PGP SIGNATURE-----