[IWAR] TEMPEST software

From: Michael Wilson (MWILSON/0005514706at_private)
Date: Sun Feb 08 1998 - 09:07:19 PST

  • Next message: lcs Mixmaster Remailer: "[IWAR] Rap-sodizing about encryption"

    --Boundary (ID i.g+01I-TCF3SH.PZKB:61TN=QDGN3IG)
    Content-Type: text/plain; charset=us-ascii
    --Boundary (ID i.g+01I-TCF3SH.PZKB:61TN=QDGN3IG)
    Content-Type: message/rfc822
    Received: from gatekeeper3.mcimail.com by DGN0IG.mcimail.com (PMDF V5.1-8 #16896) with ESMTP id <01ITCD9W7CSUB4TAJ9at_private> for 0005514706at_private; Sun, 8 Feb 1998 16:15:00 GMT
    Received: from fc.mcimail.com by gatekeeper3.mcimail.com (PMDF V5.0-8 #16708) id <0EO2I770100D8Tat_private> for 0005514706at_private; Sun, 08 Feb 1998 16:09 +0000 (GMT)
    Received: from ( by gatekeeper3.mcimail.com (PMDF V5.0-8 #16708) id <0EO2I75UB007BHat_private> for 0005514706at_private; Sun, 08 Feb 1998 16:09 +0000 (GMT)
    Received: (from majordom@localhost) by sirius.infonex.com (8.8.8/8.7.3) id HAA28480 for cypherpunks-outgoing; Sun, 08 Feb 1998 07:45:58 -0800 (PST)
    Received: (from cpunks@localhost) by sirius.infonex.com (8.8.8/8.7.3) id HAA28451 for cypherpunksat_private; Sun, 08 Feb 1998 07:45:43 -0800 (PST)
    Received: from rigel.cyberpass.net (rootat_private []) by sirius.infonex.com (8.8.8/8.7.3) with ESMTP id HAA28442 for <cpunksat_private>; Sun, 08 Feb 1998 07:45:34 -0800 (PST)
    Received: from toad.com (toad.com []) by rigel.cyberpass.net (8.8.8/8.7.3) with ESMTP id HAA22846 for <cypherpunksat_private>; Sun, 08 Feb 1998 07:40:25 -0800 (PST)
    Received: (from majordom@localhost) by toad.com (8.7.5/8.7.3) id HAA08239 for cypherpunks-unedited-outgoing; Sun, 08 Feb 1998 07:40:51 -0800 (PST)
    Received: from camel14.mindspring.com (camel14.mindspring.com []) by toad.com (8.7.5/8.7.3) with ESMTP id HAA08234 for <cypherpunksat_private>; Sun, 08 Feb 1998 07:40:48 -0800 (PST)
    Received: from default (user-37kb64g.dialup.mindspring.com []) by camel14.mindspring.com (8.8.5/8.8.5) with SMTP id KAA19921 for <cypherpunksat_private>; Sun, 08 Feb 1998 10:40:40 -0500 (EST)
    Date: Sun, 08 Feb 1998 11:15:00 -0500 (EST)
    From: John Young <jyaat_private>
    Subject: Soft Tempest
    Sender: owner-cypherpunks <owner-cypherpunksat_private>
    To: cypherpunks <cypherpunksat_private>
    Priority: normal
    X-Mailer: Windows Eudora Light Version 1.5.4 (32)
    X-Loop: cypherpunksat_private
    X-Sender: jyaat_private
    X-Precedence: first-class
    X-List: cypherpunksat_private
    MIME-Version: 1.0
    Content-Type: text/plain; charset=iso-8859-1
    Content-Transfer-Encoding: 8BIT
    To: ukcryptoat_private=0D
    Subject: It is really me - the story of Soft Tempest=0D
    Date: Sun, 08 Feb 1998 15:09:40 +0000=0D
    Fromm: Ross Anderson <Ross.Andersonat_private>=0D
    Bruce Sterling, and others, have asked of the Washington Post story=0D
    [see below]:=0D
    > Is this story correct?=0D
    The Washington Post gives a highly distorted account of some very=0D
    important scientific work we have done. I suggest that list members=0D
    read our paper - <www.cl.cam.ac.uk/~mgk25/ih98-tempest.pdf> - for=0D
    themselves before getting carried away.=0D
    The story is as follows. Bill G gave our department $20m for a new=0D
    building, and his people said that what they really wanted from our=0D
    group was a better way to control software copying.  So it would have=0D=
    been rather churlish of us not to at least look at their `problem'.=0D
    Now the `final solution' being peddled by the smartcard industry (and=0D=
    others) is to make software copying physically impossible, by tying=0D
    program execution to a unique tamper-resistant hardware token. We=0D
    wouldn't like to see this happen, and we have already done a lot to=0D
    undermine confidence in the claims of tamper-proofness made by=0D
    smartcard salesmen.=0D
    So Markus and I sat down and tried to figure out what we could do for=0D=
    the Evil Empire. We concluded that =0D
    (1)  large companies generally pay for their software; =0D
    (2)  if you try to coerce private individuals, the political backlash =0D=
         would be too much; =0D
    so =0D
    (3)  if the Evil Empire is to increase its revenue by cracking down on=0D=
         piracy, the people to go after are medium sized companies.=0D
    So the design goal we set ourselves was a technology that would enable=0D=
    software vendors to catch the medium-sized offender - the dodgy=0D
    freight company that runs 70 copies of Office 97 but only paid for one=0D=
    - while being ineffective against private individuals.=0D
    We succeeded.=0D
    In the process we have made some fundamental discoveries about=0D
    Tempest. Army signals officers, defence contractors and spooks have=0D
    been visibly flabberghasted to hear our ideas or see our demo.=0D
    In the old days, Tempest was about expensive hardware - custom=0D
    equipment to monitor the enemy's emissions and very tricky shielding=0D
    to stop him doing the same to you. It was all classified and strictly=0D=
    off-limits to the open research community.=0D
    We have ended that era. You can now use software to cause the=0D
    eavesdropper in the van outside your house to see a completely=0D
    different image from the one that you see on your screen. In its=0D
    simplest form, our technique uses specially designed `Tempest fonts'=0D
    to make the text on your screen invisible to the spooks. Our paper=0D
    tells you how to design and code your own.=0D
    There are many opportunities for camouflage, deception and misconduct.=0D=
    FFor example, you could write a Tempest virus to snarf your enemy's PGP=0D=
    private key and radiate it without his knowledge by manipulating the=0D
    dither patterns in his screen saver. You could even pick up the signal=0D=
    on a $100 short wave radio. The implications for people trying to=0D
    build secure computer systems are non-trivial.=0D
    Anyway, we offered Bill G the prospect that instead of Word radiating=0D=
    the text you're working on to every spook on the block, it would only=0D=
    radiate a one-way function of its licence serial number.  This would=0D
    let an observer tell whether two machines were simultaneously running=0D=
    the same copy of Word, but nothing more. Surely a win-win situation,=0D
    for Bill and for privacy.=0D
    But Microsoft turned down our offer. I won't breach confidences, but=0D
    the high order bit is that their hearts are set on the kind of=0D
    technology the smartcard people are promising - one that will=0D
    definitively prevent all copying, even by private individuals. We=0D
    don't plan to help them on that, and I expect that if they field=0D
    anything that works, the net result will be to get Microsoft=0D
    dismembered by the Department of Justice.=0D
    Meantime we want our Soft Tempest technology to be incorporated in =0D
    as many products as possible - and not just security products!=0D
    So to Rainier Fahs, who asked:=0D
    > If these rumors are true, I guess we will face a similar discussion on=
    > free availability in the area of TEMPEST equipment. Does privacy=0D
    > protection also include the free choice of protection mechanism?=0D
    I say this: our discovery, that Tempest protection can be done in=0D
    software as well as hardware, puts it beyond the reach of effective=0D
    export control. So yes, you now have a choice. You didn't before,=0D
    Ross Anderson=0D
    British Technology Might Flush Out Software Pirates=0D
    By John Burgess=0D
    Washington Post Foreign Service=0D
    Saturday, February 7, 1998; Page H01 =0D
    CAMBRIDGE, England=97 It's a technique that intelligence=0D
    agencies have used for years: Park a van filled with=0D
    monitoring gear near an embassy and listen for the faint radio=0D
    signals that computers routinely emit when they are on.=0D
    Analyze those signals for clues to the data that are on the=0D
    Now researchers at the University of Cambridge, home of=0D
    groundbreaking work in intelligence over the years, are trying=0D
    to adapt this technology to the fight against software piracy.=0D
    With special code written into software, they say, computers=0D
    could be made to broadcast beacons that would carry several=0D
    hundred yards and identify the software they were running,=0D
    complete with serial numbers of each copy.=0D
    Vans run by anti-piracy groups could pull up outside a=0D
    company's office and count the number of software signals=0D
    emanating from it. If, say, 50 beacons for a particular title=0D
    were detected but the company had licensed only two copies=0D
    of the software, that could become evidence on which a court=0D
    would issue a search warrant.=0D
    Ross Anderson, a University of Cambridge lecturer who is=0D
    overseeing the project, said the idea originated last year when=0D
    Microsoft Corp. Chairman Bill Gates visited the university=0D
    after his private foundation announced a $20 million donation=0D
    to the school. Gates told officials that, among other things, he=0D
    would love the university to come up with new anti-piracy=0D
    So far, Microsoft isn't enthusiastic about the university's=0D
    approach, Anderson said. "They have some reservations.=0D
    Obviously there are Big Brother aspects," he said. A=0D
    Microsoft spokeswoman said the company has no plans to=0D
    adapt the technology.=0D
    Emilia Knight, a vice president at BSA Europe, a trade group=0D
    that combats software piracy, said such an anti-piracy system=0D
    might be technically feasible. But she noted many practical=0D
    questions on the legal side, such as how the system would=0D
    differentiate between companies pirating software and those=0D
    legally using multiple copies of programs.=0D
    Knight said that concerns of privacy and consumer rights=0D
    might make the system a no-go for industrialized countries.=0D
    But in places like Eastern Europe, she suggested, where piracy=0D
    is rampant and there is no tradition of such protections, the=0D
    software signal detectors might be acceptable.=0D
    Richard Sobel, a political scientist who teaches at Harvard=0D
    University and researches privacy issues, called it "an=0D
    appalling idea."=0D
    "If the technology is there to identify what software people are=0D
    using, there's the prospect to figure out what people are doing.=0D
    =2E . . It sounds like a horrible violation of privacy," Sobel said.=0D
    In Britain, however, it might seem less controversial. Here=0D
    authorities have long used similar techniques to ferret out=0D
    people who fail to pay the annual license fee of about $150=0D
    that the law requires for each TV set in the country.=0D
    Cruising the streets here are vans carrying equipment that can=0D
    detect emissions from a TV set's "local oscillator," the part=0D
    that turns a station's signal into a picture. If the gear senses a=0D
    TV set inside a house from which there is no record of a=0D
    license payment, this is used as evidence to levy fines.=0D
    The system also can tell what channel people are watching=0D
    because the oscillator gives off a slightly different signal for=0D
    each one.=0D
    Anderson's researchers have built a prototype that can detect=0D
    the type of software running on a machine from short range --=0D
    the hallway outside the room where the computer is running.=0D
    Anderson said they are ready to build prototype hardware=0D
    with a longer range, at a cost of about $15,000-$30,000 -- if=0D
    the lab can find a customer. So far, none has stepped forward.=0D
    =A9 Copyright 1998 The Washington Post Company=0D
    Date: Sat, 7 Feb 1998 13:05:45 -0500=0D
    Fromm: Stewart Baker <sbakerat_private>=0D
    To: ukcrypto <ukcryptoat_private>=0D
    Subject: Ross, Is that really you?=0D
         Today's Washington Post claims that a Cambridge research team led b=
    y one =0D
         Ross Anderson is developing technology that would require all perso=
    nal =0D
         computers to broadcast the identity of all programs they are runnin=
    g so =0D
         that anti-piracy investigators can sit outside universities and bus=
    inesses =0D
         and check to see whether the folks inside are running more programs=
     than =0D
         their licenses allow.  =0D
         The article says that even Microsoft thinks this might go too far i=
    n =0D
         invading the privacy of computer users. But advocates for the techn=
    ology =0D
         claim that it will work fine in benighted Eastern European countrie=
    s where =0D
         piracy is rampant and the natives are used to having their privacy =
         This raises at least three questions:=0D
         1.  Is this story correct?=0D
         2.  If so, is the Ross Anderson it describes the same Ross Anderson=
     known =0D
         on this list for his attacks on Big Brother?=0D
         3.  If so, are we to understand that Ross objects not so much to in=
    vading =0D
         privacy as to government competition in that endeavor?=0D
         Stewart Baker=0D
    --Boundary (ID i.g+01I-TCF3SH.PZKB:61TN=QDGN3IG)--

    This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:04:47 PDT