Full Disclosure mailing list archives

RE: Tempest today

From: <Bryan_McAninch () McAfee com>
Date: Fri, 18 Aug 2006 12:09:30 -0500


I believe the attack to which you're referring is known as Van Eck
phreaking; it was discovered in the mid-80's. TEMPEST is a USG standard
for limiting/eliminating EMR emanations and was declassified in the
mid-90's (which you mentioned). Faraday shielding seems to have been
used effectively as an EMR eavesdropping countermeasure, though I'm
uncertain if its pervasively used.


-----Original Message-----
From: full-disclosure-bounces () lists grok org uk
[mailto:full-disclosure-bounces () lists grok org uk] On Behalf Of Paul
Sebastian Ziegler
Sent: Friday, August 18, 2006 11:45 AM
To: full-disclosure
Subject: [Full-disclosure] Tempest today

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Hi list,

I've seen some fuss about the technique called "tempest" lately. Some
people claim it would be "the thing" in modern security. This bugs me
somehow because first of all I think it is way to much of an effort
compared to the more casual techniques used today. Also all information
that I can find on the Internet refers to some stuff the NSA released in
the mid-nineties. Now that is not really a good and reliable source of
information in my believe. :)

Can anybody tell me how far evolved this technique is today and who uses
it? Maybe some reference to a whitepaper or something similar. Would be
great.

Thanks
Paul


Brief definition of tempest for those who have never heard of it:
Picking up the radiation produced by a monitor or cables that connect
the graphics-card or graphics-chipset with the monitor in order to spy
the screen of the user. Kind of like getting access to a VNC server on
the box without having input yourself. The interesting part is that it
is technically undetectable.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFE5e6XaHrXRd80sY8RCg/9AKCBAs2SjvitArRFHs+6moRb0UX4GQCfbCo9
wi9z1V+h5m0YJFdz9IZK+EI=
=2pu2
-----END PGP SIGNATURE-----

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

Re: Tempest today, (continued)
- Re: Tempest today J. Oquendo (Aug 18)
  - Re: Tempest today Paul Sebastian Ziegler (Aug 18)
  - Re: Tempest today Trey Keifer (Aug 18)
- Re: Tempest today K F (Aug 19)
  - Re: Tempest today Bipin Gautam (Aug 19)
- RE: Tempest today Bill Stout (Aug 20)
  - Re: Tempest today J. Oquendo (Aug 21)
    - Re: Tempest today Michael Holstein (Aug 21)
    - Re: Tempest today J. Oquendo (Aug 21)
    - Re: Tempest today John Dietz (Aug 21)
- RE: Tempest today Bryan_McAninch (Aug 18)
  - Re: Tempest today Tonu Samuel (Aug 21)
- Re: Tempest today daylasoul (Aug 20)
  - RE: Tempest today Lyal Collins (Aug 20)
    - Re: Tempest today Marcin Owsiany (Aug 20)
    - Re: Re: Tempest today Bipin Gautam (Aug 20)
  - Re: Tempest today Randal T. Rioux (Aug 20)
- RE: Tempest today Bryan_McAninch (Aug 21)
  - Re: Tempest today J. Oquendo (Aug 21)
  - Re: Tempest today John Hawkes-Reed (Aug 24)
- RE: Tempest today Bryan_McAninch (Aug 21)

(Thread continues...)