[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: trusting the processor chip




	I realize that when one argues with a fool, no one can tell the 
difference, but as the dumbest person on the list, I figure I can learn 
from just about anyone here. Not that I am calling Mr. Bell a fool.

On Sat, 27 Apr 1996, jim bell wrote:
> At 12:25 AM 4/27/96 -0500, Snow wrote:
> >On Thu, 25 Apr 1996, jim bell wrote:
> >> product is subverted.  More likely,I think, an organization like the NSA 
> >	I thought that most (all?) chips already radiated on the 
> >electromagnetic spectrum? Isn't that what tempest is about?
> There's a difference between trying to find a needle in a haystack, and 
> finding a day-glo, red-hot needle that plays music at 110 decibels in that 
<snip>
> The best place to put such a chip would be a location outside the computer's 
> relatively small number of different designs.

	I still maintain that this would be less feasible than either:

	a) Tempest. Why bother resubverting each new processor (think 
about it, Which processor? Intel (all variants) Motorola (all variants), 
Digital (Alpha) etc. When it would be easier (It seems to me at least) to 
develop a system that _can_ find that needle in a hay stack, and simply 
develop translators for each kind of chip (which could be done in 
software I'd think) to show what the chip is doing. 

	b) physcailly compromising the work enviroment so that you see 
what the person is typing as well as what is on the screen. As well as 
get Voice etc.

	c) This I just thought of, and is kind of a hybrid of Mr. Bells 
idea and a tempest style attack, it isn't thought through real well, but 
I _think_ it would work. 

	Each processor would emit on a certain band, so you build a 
"repeater" that takes that band, encodes it, steps it to a different band 
and retrans it. This device probably could be made small enough to fit 
_easily_ inside a case, and draw very little power (the transmitting 
distance would not need to very far) and since most people never open 
their cases, it would be fairly safe from detection. It could even be 
designed to piggyback on common device interface cards (parallel/serial 
cards, Video cards) so that even if one _did_ open ones case you probably 
wouldn't notice.
	All that this would entail _after_ development would be a simple 
B&E. This wouldn't solve the problem of decoding, but it heats the 
needle, and makes it sound off at many times less cost than subverting 
the chip. 

Petro, Christopher C.
[email protected] <prefered>
[email protected]