http://news.com.com/2100-1001-912785.html By Robert Lemos Staff Writer, CNET News.com May 14, 2002, 6:05 AM PT BERKELEY, Calif.--Law enforcement and intelligence agents may have a new tool to read the data displayed on a suspect's computer monitor, even when they can't see the screen. Marcus Kuhn, an associate professor at Cambridge University in England, presented research Monday showing how anybody with a brawny PC, a special light detector and some lab hardware could reconstruct what a person sees on the screen by catching the reflected glow from the monitor. The results surprised many security researchers gathered here at the Institute of Electrical and Electronics Engineers' (IEEE) Symposium on Security and Privacy because they had assumed that discerning such detail was impossible. "No one even thought about the optical issues" of computer information "leakage," said Fred Cohen, security practitioner in residence for the University of New Haven. "This guy didn't just publish, he blew (the assumptions) apart." Many intelligence agencies have worried about data leaking from classified computers through telltale radio waves produced by internal devices. And a recent research paper outlined the threat of an adversary reading data from the blinking LED lights on a modem. Kuhn's research adds the glow of a monitor to the list of dangers. Eavesdropping on a monitor's glow takes advantage of the way that cathode-ray tubes, the technology behind the screen, work. In most computer monitors, a beam of electrons is shot at the inside of the screen, which is covered in various phosphors, causing each pixel to glow red, green or blue, thereby producing an image. The beam scans from side to side, hitting every pixel--more than 786,000 of them at 1024-by-768 resolution--in sequence; the screen is completely scanned anywhere from 60 to 100 times every second. The light emitted from each pixel of phosphor will peak as the pixel is hit with electrons, creating a pulsating signal that bathes a room. By averaging the signal that reflects from a particular wall over nearly a second and doing some fancy mathematical footwork, Kuhn is able to reconstruct the screen image. Not so fast Yet Kuhn, who is still completing his doctoral thesis, is quick to underscore the problems with the system. "At this point, this is a curiosity," he said. "It's not a revolution." First off, Kuhn performed the experiments in a lab at a short distance--the screen faced a white wall 1 meter away, and the detector was a half meter behind the monitor. There have been no real-world tests where, for example, other light sources are present and the detector is 30 feet across a street. Other light sources, including the sun, make things much more difficult if not impossible. Normal incandescent lighting, for example, has a lot of red and yellow components and tends to wipe out any reflections of red from the image on a screen. And several countermeasures are effective, including having a room with black walls and using a flat-panel liquid-crystal display. LCD monitors activate a whole horizontal line of pixels at once, making it immune to this type of attack. Still, other researchers believe that Kuhn may be on to something. "Anyone who has gone for a walk around their neighborhood knows that a lot of people have a flickering blue glow emanating from (their) living rooms and dens," said Joe Loughry, senior software engineer for Lockheed Martin. While Kuhn calculated that the technique could be used at a range of 50 meters at twilight using a small telescope, a satellite with the appropriate sensors could, theoretically, detect the patterns from orbit, said several security experts. That could open a whole new can of worms for privacy. If Kuhn's technique proves to be practical, the result of the research could be a new round of battles between law enforcement agencies and privacy advocates in the courts over whether capturing the faint blue glow from a home office is a breach of privacy. Until that's resolved, the safest solution is to compute with the lights on. - ISN is currently hosted by Attrition.org To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Wed May 15 2002 - 06:14:46 PDT