Latest privacy threat: Monitor glow

[InfoSec News <isn () c4i org>]

http://news.com.com/2100-1001-912785.html

By Robert Lemos 
Staff Writer, CNET News.com
May 14, 2002, 6:05 AM PT

BERKELEY, Calif.--Law enforcement and intelligence agents may have a
new tool to read the data displayed on a suspect's computer monitor,
even when they can't see the screen.

Marcus Kuhn, an associate professor at Cambridge University in
England, presented research Monday showing how anybody with a brawny
PC, a special light detector and some lab hardware could reconstruct
what a person sees on the screen by catching the reflected glow from
the monitor.

The results surprised many security researchers gathered here at the
Institute of Electrical and Electronics Engineers' (IEEE) Symposium on
Security and Privacy because they had assumed that discerning such
detail was impossible.

"No one even thought about the optical issues" of computer information
"leakage," said Fred Cohen, security practitioner in residence for the
University of New Haven. "This guy didn't just publish, he blew (the
assumptions) apart."

Many intelligence agencies have worried about data leaking from
classified computers through telltale radio waves produced by internal
devices. And a recent research paper outlined the threat of an
adversary reading data from the blinking LED lights on a modem. Kuhn's
research adds the glow of a monitor to the list of dangers.

Eavesdropping on a monitor's glow takes advantage of the way that
cathode-ray tubes, the technology behind the screen, work. In most
computer monitors, a beam of electrons is shot at the inside of the
screen, which is covered in various phosphors, causing each pixel to
glow red, green or blue, thereby producing an image.

The beam scans from side to side, hitting every pixel--more than
786,000 of them at 1024-by-768 resolution--in sequence; the screen is
completely scanned anywhere from 60 to 100 times every second. The
light emitted from each pixel of phosphor will peak as the pixel is
hit with electrons, creating a pulsating signal that bathes a room. By
averaging the signal that reflects from a particular wall over nearly
a second and doing some fancy mathematical footwork, Kuhn is able to
reconstruct the screen image.

Not so fast

Yet Kuhn, who is still completing his doctoral thesis, is quick to
underscore the problems with the system.

"At this point, this is a curiosity," he said. "It's not a
revolution."

First off, Kuhn performed the experiments in a lab at a short
distance--the screen faced a white wall 1 meter away, and the detector
was a half meter behind the monitor. There have been no real-world
tests where, for example, other light sources are present and the
detector is 30 feet across a street.

Other light sources, including the sun, make things much more
difficult if not impossible. Normal incandescent lighting, for
example, has a lot of red and yellow components and tends to wipe out
any reflections of red from the image on a screen.

And several countermeasures are effective, including having a room
with black walls and using a flat-panel liquid-crystal display. LCD
monitors activate a whole horizontal line of pixels at once, making it
immune to this type of attack.

Still, other researchers believe that Kuhn may be on to something.

"Anyone who has gone for a walk around their neighborhood knows that a
lot of people have a flickering blue glow emanating from (their)  
living rooms and dens," said Joe Loughry, senior software engineer for
Lockheed Martin.

While Kuhn calculated that the technique could be used at a range of
50 meters at twilight using a small telescope, a satellite with the
appropriate sensors could, theoretically, detect the patterns from
orbit, said several security experts.

That could open a whole new can of worms for privacy. If Kuhn's
technique proves to be practical, the result of the research could be
a new round of battles between law enforcement agencies and privacy
advocates in the courts over whether capturing the faint blue glow
from a home office is a breach of privacy.

Until that's resolved, the safest solution is to compute with the
lights on.



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn'
in the BODY of the mail.