PGP SIGNED MESSAGE
Hash: SHA512
Hi list,
I've seen some fuss about the technique called "tempest" lately. Some
people claim it would be "the thing" in modern security. This bugs me
somehow because first of all I think it is way to much of an effort
compared to the more casual techniques used today. Also all information
that I can find on the Internet refers to some stuff the NSA released in
the mid-nineties. Now that is not really a good and reliable source of
information in my believe. :)
Can anybody tell me how far evolved this technique is today and who uses
it? Maybe some reference to a whitepaper or something similar. Would be
great.
Thanks
Paul
Brief definition of tempest for those who have never heard of it:
Picking up the radiation produced by a monitor or cables that connect
the graphics-card or graphics-chipset with the monitor in order to spy
the screen of the user. Kind of like getting access to a VNC server on
the box without having input yourself. The interesting part is that it
is technically undetectable.
PGP SIGNATURE
Version: GnuPG v1.4.5 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
wi9z1V+h5m0YJFdz9IZK+EI=
=2pu2
PGP SIGNATURE
Full-Disclosure - We believe in it.
Charter:
Hosted and sponsored by Secunia - http://secunia.com/

Fri, 2006-08-18 at 18:45 +0200, Paul Sebastian Ziegler wrote:
Can anybody tell me how far evolved this technique is today and who
uses
it? Maybe some reference to a whitepaper or something similar. Would
be
great.

than the NSA, you mean?

By the way, Tempest did/does not just refer to picking up signals from
monitors and keyboards, almost any kind of electronic device emits
signals.

Full-Disclosure - We believe in it.
Charter:
Hosted and sponsored by Secunia - http://secunia.com/

PGP SIGNED MESSAGE
Hash: SHA512

Joe Barr wrote:
Fri, 2006-08-18 at 18:45 +0200, Paul Sebastian Ziegler wrote:
>Can anybody tell me how far evolved this technique is today and who
>uses
>it? Maybe some reference to a whitepaper or something similar. Would
>be
>great.
>
than the NSA, you mean?

By the way, Tempest did/does not just refer to picking up signals from
monitors and keyboards, almost any kind of electronic device emits
signals.
--

Yeah I was hoping for something else than the NSA-papers.

my definition was a inaccurate. The fuss I hear about is on picking
up the monitor's signal, however of course about anything can be picked
up this way.

PGP SIGNATURE
Version: GnuPG v1.4.5 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

g8lx4xE072pdx1QkC3trxBM=
=94cc
PGP SIGNATURE

Full-Disclosure - We believe in it.
Charter:
Hosted and sponsored by Secunia - http://secunia.com/

PGP SIGNED MESSAGE
Hash: SHA512

Thanks to everyone, I got enough info to suffice.
It's good to see that just asking a question still provides an answer
without paying thousands of dollars or sliding into several networks.

Thanks!
PGP SIGNATURE
Version: GnuPG v1.4.5 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

PbUnaJ1/9JNddJ1kstGYAVI=
=13id
PGP SIGNATURE

Full-Disclosure - We believe in it.
Charter:
Hosted and sponsored by Secunia - http://secunia.com/

you may try playing with this:
http://eckbox.sourceforge.net/
-KF
Full-Disclosure - We believe in it.
Charter:
Hosted and sponsored by Secunia - http://secunia.com/

, here is something from the book that I was trying to assemble/write.

Some Links: http://www.eskimo.com/~joelm/tempest.html
http://www.erikyyy.de/tempest/

Lets

Faraday cages may be used to provide protection from HERF and EMP effects.

Countermeasures:
It is easy to defeat ordinary audio eavesdropping, just by
sound-proofing a room. And simply drawing the curtains or creating a
specially crafted background noise or by using double glass with air
gap in the middle can soundproof and can defeat newer systems, which
shine a laser beam onto a glass window and decode any modulation of
the reflected beam caused by sound vibrations in the room.

Faraday's cage: The charge on a charged conductor resided only on its
exterior, and had no influence on anything enclosed within it. To
demonstrate this fact he built a room coated with metal foil, and
allowed high-voltage discharges from an electrostatic generator to
strike the outside of the room. He used an electroscope to show that
there was no electric charge present on the inside of the room's
walls. A Faraday cage is best understood as an approximation to an
ideal hollow conductor. A round drum, sphere etc can act like a
Faraday's Cage. Basically, the enclosure may be made of an unbroken
conducting sheet, like the metal box surrounding a sensitive radio
receiver, or a wire mesh, like that in the door of a microwave oven.
Any holes in the box or mesh must be significantly smaller than the
wavelength of the radiation that is being kept out, or the enclosure
will not effectively approximate an unbroken conducting surface.

This shielding effect is used to eliminate electric fields within a
volume, for example to protect electronic equipment from lightning
strikes and other electrostatic discharges (ESDs). Faraday cages are
often put to a dual purpose: to block electric fields, as explained
above, and to block electromagnetic radiation. The latter application
is known as RF shielding.

Some traditional architectural materials act as Faraday shields in
practice. These include plaster with wire mesh, and rebar concrete.
These will affect the use of cordless phones and wireless networks
inside buildings and houses. While Some buildings have designs that
block radio signals by accident due to thick concrete walls or a steel
skeleton.
RF and Magnetic shielding: Radio frequency (or RF) shielding is
required when it is necessary to block high frequency - 100 kilohertz
and above - interference fields. These shields typically use copper,
aluminum, galvanized steel, or conductive rubber, plastic or paints.
These materials work at high frequencies by means of their high
conductivity, and little or no magnetic permeability. Magnetic shields
use their high permeability to attract magnetic fields and divert the
magnetic energy through them. With proper construction, magnetic
shielding alloys have the ability to function as broadband shields,
shielding both rf and magnetic interference fields.

Electromagnetic shielding: It is the process of limiting the coupling
of an electromagnetic field between two locations. Typically it is
applied to enclosures, separating electrical content from the outside
world, and to cables, separating internal wires from the environment
the cable runs through. The shielding is achieved using a conductive
material as a barrier. Typical materials include sheet metal, metal
mesh, ionized gas, plasma and aluminum foil. The shielding can reduce
the coupling of radio waves, visible light, electromagnetic fields and
electrostatic fields. The amount of reduction depends very much upon
the material used, the method of connection of the shield (or screen)
and the frequency of the fields of interest. example is a coaxial
cable, which has electromagnetic shielding in the form of a wire mesh
surrounding an inner core conductor. The shielding impedes the escape
of any signal from the core conductor, and also signals from being
added to the core conductor.

Though i have practically seen putting a dipole near the coaxial cable
can sniff its signal within despite the sealing. The rf sealing strict
depends on the quality which i've seen is rare in MST commercial
products for general uses.

Shielded Tent: It Shielded enclosures, tempest equipment, shielded
chambers Another way of making sure you are not being bugged is to use
a shielded tent, which prevents radio waves entering or leaving.
Though Mobile phone calls are impossible from inside the tent, but
no-one will be able to listen to your conversations using bugs or
radio wave listening devices. It will also prevent anyone intercepting
radio emissions from computers, preventing them from seeing what you
have on screen. A more sophisticated - and expensive - method is to
build a "clean room", of the type used by the military, to shield
radio waves and electromagnetic signals.

Wireless Shielding Paint: A company, Force Field Wireless makes three
products that it says can dramatically reduce the leakage of wireless
signals from a room or building. The paint contains copper filings and
an aluminum compound. When spread evenly on a wall, the paint reflects
signals in frequencies from 100 MHz to 5 GHz. Paint four walls, a
floor, and a ceiling, and you effectively have a Faraday cage, which
is a specially constructed metal room that blocks all radio signals in
or out. It also makes copper/aluminum powder that homeowners can add
to their own paint. The company also makes a window film that cuts
down on signal leakage. This product DefendAir would be an attractive
option to
protect an RFID-enabled warehouse.

Critic: Though wireless signals are very hard to completely block.
They will simply radiate over and around obstacles. Metallic paint
might reduce the signal strength, but that's easily compensated for by
an antenna. Further-more its drawbacks are like it could reduce
cellular reception. Any such technology won't block all signal - it
won't block signal eminating from windows, doors, and screw holes.
What it will do is lower the range from which you can sniff or
connect, with constant equipment, which is plenty to be useful for
some cases. Like a building situated near the center of a military
base. Up to a quarterkilometer away is secured area. But obviously it
will help you lower the sniffable range of the radiation to
within that security perimeter and it's possible to arrange any
conductive medium to actually amplify RF signals in a given direction
You are quite likely to find a spot where the signal is considerably
stronger.

Full-Disclosure - We believe in it.
Charter:
Hosted and sponsored by Secunia - http://secunia.com/