http://www.zdnet.com/anchordesk/stories/story/0,10738,2833569,00.html Robert Vamosi, Associate Editor, ZDNet Reviews Thursday, December 20, 2001 An established company moves into a downtown high-rise and a few months later discovers that many of its secrets are going public. How is that possible? Its networks are locked down. Its employees use passwords, and are given security clearances. So what's the problem? How about that old warehouse next door? A competitor has rented it and mounted large antennas behind closed window blinds to listen for electronic emissions from its neighbor's electronic equipment. SOUND RIDICULOUS? The U.S. government doesn't think so. Preventing such a scenario is one of the goals behind a project called "Tempest," an acronym for Telecommunications Electronics Material Protected from Emanating Spurious Transmissions. While many think Tempest is an active eavesdropping operation (like the FBI's DCS 1000), it's really a set of government standards designed to dampen electronic emissions escaping government offices. Hardware makers are using these standards to create equipment that doesn't emit strong electronic signals. Think of Tempest as encryption for the electromagnetic spectrum. Just what is the government shielding itself from? Almost every electronic device emits some kind of radio noise. By limiting the emissions, the government diminishes the possibility of someone eavesdropping on its equipment. AND WHAT COULD YOU DO with these emissions? Reconstruct monitor images remotely. About 15 years ago, Dutch researcher Wim van Eck published a paper on ways to convert ordinary cathode ray tube (CRT) monitor scans into text. CRT monitors, like television sets, scan from side to side, building screen images one row of pixels at a time. The intensity of the cathode ray beam used to excite the electrons determines whether the pixel will be red, blue, or green. Combinations of these produce the wider six-million-color palette we're used to seeing. Every unique color produced has an associated frequency which, in theory, can be intercepted and reconstructed remotely. You might be thinking that flat-screen monitors would be the answer, but they too emit radio frequencies. So do modems, and for that matter, just about any electronic device. But just how practical is eavesdropping in this way? Not very. It would take a lot of expensive equipment to isolate the emissions from one monitor in a crowded office, and then reconstruct that screen remotely. The idea that malicious users or foreign governments have expensive equipment like this, and are renting hotel rooms next to government or corporate offices, sounds a tad John le Carré-esque, doesn't it? YET REQUIRING government agencies to use Tempest-approved monitors and equipment is still a good idea. The problem is, it's just one piece of the puzzle. Good security, in order to work, has to be a complete package. Unfortunately, not even the government has its act together. Security expert Chey Cobb, a speaker at this year's Black Hat Win2K Briefings, spoke of a National Security Agency building called the National Reconnaissance Office (NRO) in Virginia that is adjacent to a national-chain hotel. For some reason, this top-secret facility kept its server-room window blinds wide open. If foreign agents staying at the hotel next door didn't happen to bring their sophisticated electronic eavesdropping equipment, they could always use binoculars to read what was written on the whiteboard behind the servers. THE SAME APPLIES to corporations, where so many common-sense rules aren't being followed. For example: Close the blinds in rooms where whiteboards face out and erase them whenever possible. Position monitor screens away from exposed office windows. Shred physical documents, and electronically shred all magnetic media. Above all, make sure to use passwords, and to change them frequently. If a company's secrets are leaking to the outside world, it's probably not because of the computer monitors they're using. - ISN is currently hosted by Attrition.org To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Thu Dec 20 2001 - 15:16:27 PST