Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
Encryption Security Your Rights Online

Declassified Tempest Material Comes Online 127

D-Fly writes "John Young, who runs the Cryptome repository of cypherpunk documents, has obtained a small batch of declassified documents from the NSA on TEMPEST monitoring-getting computer data through electromagnetic emissions. Young got the stuff declassified through the Freedom of Information Act, and has appealed their denial of the rest of his request. A lot of what he has received so far is appendixes and tables of contents, and addresses testing equipment to prevent TEMPEST emissions. For a comprehensive archive of what is know about Tempest monitoring, check out a clearing house of information.. "
This discussion has been archived. No new comments can be posted.

Declassified Tempest Material Comes Online

Comments Filter:
  • How well does temptest equipment work when there's say, 3 moniters, 4 computers, 1 tv, and a mass of other cordless devices filling up the air/area with RF noise? Can they focus on just one source, or is all EM soup? Anyone know?
  • You KNOW that it is through covert manipulation of commodity markets that is causing LCD screens to be so fscking expensive. Why else? If LCD screens were cheap, "they" couldn't spy on you using Tempest (and would have to fall back on Echelon; poor babies).

    I wish I had a nickel for every time someone said "Information wants to be free".
  • it just seems to me that an LCD would put out a LOT less EM noise than a CRT. Just the basics of how it works. If there are limitations to Tempest, then using an LCD might just raise the threshold to the point where it's more inconvenient to monitor (takes a lot more amplification, and filtering, or requires a shorter distance between the transmitter and receiver). If it's the difference between parking a van on the street in front of my house, and having to pull it right up to my front door, I think that's a significant help.

    I wish I had a nickel for every time someone said "Information wants to be free".
  • just like in "Enemy of the State?"

    I wish I had a nickel for every time someone said "Information wants to be free".
  • Actually, a very easy way to track the dissemination of a given document is to insert small typos, formatting changes, minor changes in wording, etc.

    Some of it might get obliterated by later reformatting, but chances are at least one of the "tags" will survive. In a long document, it's unlikely that a random transcription error will occur twice in exactly the same place, so it's a pretty reliable method.

    Another variation on this theme is filling out slightly different spellings of one's name on various forms, and then tracking the dissemination of your info through the junkmail you recieve.

  • huh? Tempest refers to getting sensitive data, not protecting it. In most cases, the getting would probably be illegal as all hell, and at the very least exceptionally immoral. And how is it bad to protect yourself from being spied on?

    Anyway, I don't see the problem here.
  • One aspect of AI is to mimic humans. This involves mispellings and random gramitical mistakes. Most sucessful AI's that were able to decieve human judges in AI competitions did this.

  • For example, if you are running your monitor at 72 hz, and your TV at 60hz, the signals should be separable.

    In addition, if they know what channel you're running your TV on, it's even easier to filter the TV signal out.

    (Based on basic principles of EMF.)
  • They're not trying to decode it into text--they're trying to view it the exact same way you are viewing it--as a video signal.
  • You going to shield the glass of the CRT?

    What about the cable between your video card and monitor.

    No computer is completely surrounded. There are big gaping holes--i.e. the floppy bays. If you wanted, you could completely surround it to.

    Also, in a similar vein, people could shield their ethernet cables...
  • Your faraday cage needs to have a spacing on the grid similar to the wavelength of the offending RF signals, at least in that order of magnitude.
  • Did you happen to see this on one of the linked pages?

    To place an order, or to acquire information on our Remote PC monitoring software for authorized government agencies

    I thought this was rather hypocritical after detailing how worrisome it is that anyone (including Big Brother) with a little knowledge of electronics, can monitor you non-invasively, and with impunity.

  • When you starting implying that "The Government" (Justice Dept.) knowing murdered innocent people, you blow a great deal credibility. Widespread conspiracies are myth.

    Why don't you ask Vicky Weaver about it. Oh, you can't, she was killed by FBI sniper Len Horiuchi. She was holding her ten-month old baby, obviously a deadly threat to the federal agents.

  • If I remember correctly, the holes in the shielding material must be smaller than a quarter wavelength of the highest frequency to be blocked.
  • These conspiracy nuts / militia people are far more scary than the "evil government" that they claim to want to protect us from. I think it is just this Y2K thing that is causing their numbers to grow... After that is passed hopefully they will put away their John Birch Society membership cards and get on with their lives... or perhaps check into the local mental institution.
  • Hello "negative_karma" (if that is your real name).

    Do you use this /. login for trolls and karma lowering comments? I've thought about creating a Bat Guano account for just this purpose.

    I only ask because of your .sig and slyly irreverant user name.
  • You too can become a Federal Target. If you feel that you have been left out.. Waco passed you by, or even possibly you weren't questioned after the OKC bombing.. here's how you can become a small federal target.

    After hours of research with fellow Slashdotters who have been the target of "box builders", we can offer you the following points.

    1. Get interrested in Tesla, Unified Field Theories, Einstein.. and most importantly High Energy Wave Physics.

    2. Go to your local university library and sit by yourself. Read journals and old books about Gravity, Waves, and Grand Unified Field Theories. Don't EVERY check out anything. Don't get a library card. Go to a different university than you went to.

    3. Repeat 2 alot. Don't talk about what you think about. You must be serious.

    4. When things start getting weird, have confidence that they WON'T kill you. They just want to discourage you. They're very good at their job.

    This message was financed and paid for by Current and Former Targets of the Federal Government. (CaFTotFG).
  • a friend of mine have a tempest sparc T-1+. 25mhz (iirc). till he took the mobo and the power supply out of the case and put them on a towel (he couldn't fit two 50pin ribbon scsi drives in the two SCA bays). since then you can't pick up any radio or tv stations in that room.
  • Microsoft was funding a project to use this to put product serial numbers on the screen so they could drive truck through an office park and pick out software pirates. Honest.

    Now why does this NOT surprise me. :)
  • Well, it clearly illustrates the government, despite the fact that the technology was well in place well before 1992, has never heard of spell checkers. Which doesn't surprise me. :)

  • Easy: Put a team of hackers to the source code, fix it, and blackmail Billy Gates into submission. Else they release a BUG FREE MS PRODUCT!

    As we all know, that's one of the signs of impending apocolypse.
  • Aside from stemming electronic eavesdropping, these prototypes could open the way to new types of security attacks on computers, Anderson and Kuhn suggest. A virus could be designed to find and then broadcast information stored on a machine without a user's knowledge. The game of spy versus spy goes on.

    This is the final paragraph from the Scientific American article referenced above.

    Seems like Microsoft's lack of care about their customers' security goes very deep. They're even funding novel ways for crackers to break into computers.
  • That's an excellent point -- something I wouldn't have thought of had you not pointed it out. One might even be inclined to provide a validation scheme (like Visa numbers) to large documents and such.
  • On the one hand, I don't really see why the NSA is bothering to keep this stuff classified, I mean, since they can sheild stuff (it's required for high end Orange book cert, I think starting at B something...), it's not like releasing this stuff is going to cause the govt. any problems. Any really sensitive data is already going to be under some sort of Orange book reqs and therefore TEMPEST sheilded. Why bother classifying? All I can think of is security through obscurity, don't go telling those geeks how to do this, they might try to do it! (nevermind that a determined person with some physics texts, hardware specs, and FCC regs on interference could figure a lot of this out)

    On the other hand, why should we care? I mean, how many people really would bother putting together tempest monitoring gear? It's pretty obvious what one needs to do to sheild vs. tempest monitoring - Faraday cage your computer workspace and filter any power/network/phone cables that enter the cage. The rest of the info is details that really are only needed WRT monitoring.

    Am I misreading the issue? Is there something more on either side of this? I think much more interesting for a FOIA search is the CIA connection to drug smuggling (since the CIA IG told Congress that it _did_ in fact happen, I for one want to know just how involved the CIA was, for how long, and why....) But that's another topic...

  • Let 'em look by next year it wont do any good, at least by then I plan on having one of those 17inch lcd flat panel displays. If only the govement would realize this. Id bet if they just droped the project, then they coudl afford to subidize and lcd screen.
  • No, it reads the emissions themselves. The electron beam that draws the pixels on your screen is focussed by extremely strong magnetic or electric fields (depending on the monitor). There is a large voltage drop (~800 Volts) from the back of the tube to the front. As the intensity of the beam changes, so do the magnetic and electric fields generated by the beam. These fluctuations are what the receiver/decoder uses to rebuild the image on another screen.
  • This is not so. Emissions from LCD screens can be easier to decode than those from monitors. Active matrix LCD screens create very strong and clear emissions. As long as a display uses some form of pixel sweep where each pixel is activated at a unique time, then the emissions are simple to decode.

    Unless of course the monitor doesn't run on electricity. Anyone got a water monitor? ;)
  • That is not so. Read the links from the above article; TEMPEST refers to BOTH. Classified government and Military equipment can be "TEMPEST certified", meaning that the emissions are adequately contained according to a set standard. A "TEMPEST attack" refers to the detection and decoding of these emissions.
  • I think you just about nailed the donkey's ass to the goal post there. I don't know about you, but the prospect of encasing my entire room in a solid metal cage (wire frame will not kill all emissions, only full metal), with special filtering equipment on the power line does seem to be more than just a "simple solution" as you put it. :)
  • Apparently quite well, depending on your display. As I mentioned above, as long as your display sweeps out its image pixel by pixel, decoding the emissions (from energized LCD elements, electron beams, plasma display elements, etc...) is quite trivial. According to http://www.cl.cam.ac.uk/~mgk25/ih98-tempest.pdf some LCD screens produce a clearer image on the decoder than the CRTs they tested. Guess water monitors are the only safe alternative ;)
  • http://www.eskimo.com/~joelm/tempest.html#What%20i s

    Go to this page, and look around. Specifically, this page:


    has direct reference to the use of electronics to decode the signal created by the electron beam. The concept was first executed by wim Van Eck. The signal is so strong in fact, that images have been successfully recovered from over half a kilometer away, through concrete.
  • Well at least Hemos knows how to use the term
    TEMPEST. TEMPEST is equivilant to "compromising
    emminations". Ads that talk about TEMPEST Monitors
    make no sence, other then maybe, Monitors that
    emit alot of sh**. The same goes for "TEMPEST
    Compliant". On the other hand "I built a TEMPEST
    Free comm center", is a sentence that does make
  • To be effective, a TEMPEST free room should be
    shielded with both a ferric and non-ferrit cage.
    (Ferrits should not be kept in cages). This is
    to stop all EM propigation. Also you will need
    power and phone line filtering, blacked out widows
    (Ferrits like some light), and sound proofing.

    There are several other things to concider, but I
    can't get into that right now, because my sons
    ferrit is tring to crawl up my pant leg!
  • Actually, they could still spy on you:

    Tempest (Van Eck (sp?)) monitoring works via the reconstruction of signals emanated from a communications device (most commonly a computer). It does this by the fact that the monitor of a computer, as the electron gun scans the screen, the signals being sent to control the electron gun are also radiated into the atmosphere, like a small radio station. Most of the stuff is just voltage levels for brightess of the pixels and such, you may even get lucky and get some of the sync pulses. In reality, most of the syncing (horz and vert) is gone, so you have to supply that another way (usually via a linked set of frequency generators). You can pick up the signals emanated by most monitors with an antenna (a Yagi? I can't remember - my antenna knowledge sucks) "pointed" at the source, fed into an amplifier.

    This signal is then overlaid with syncing frequencies (from the sig generators, or if the computer is set to 640 x 480 x 60hz, it might even be possible to use a VCR or something to supply the sync pulses - maybe another VGA card, perhaps a Tempest monitoring machine could be built with another PC?). The signal is then sent on to a normal monitor for display (this is a real basic setup - I am sure it is much more complicated and expensive in real equipment).

    Generally, the output is real grainy, but legible - the fonts that were created to defeat Tempest were designed to utilise the artifacting inherent in such a signal rebuilding system to garble the output. Now, your statement:

    Most of the output for Tempest monitoring does come from the monitor - but a lot also comes from the cable that hooks up to the monitor as well - even if it is shielded. Signals are also emanated by your VGA card, even the computer itself. It is possible to Tempest monitor all of this stuff (basically, all Tempest monitoring is the reconstruction of signals emanated by communications equipment - it is special in the regard that computers or other type equipment weren't designed as general purpose transmitting systems, and hence the signals are more difficult to reconstruct, but in the end, Tempest boils down to radio receiving - in theory, you could Tempest monitor your microwave).

    So how do you protect yourself from Tempest monitoring? Good question. Because we haven't got any idea what "the other side" is capable of, we can only guess on what to do. Of pictures I have seen of real Tempest equipment, most were encased in a lot of steel, with steel braid encasing the cables entering/exiting the computer (making the removal of plugs/boards/etc a total nightmare). Unknown what was inside the machines, but I wouldn't put it past them to encase cards in special steel inner-casings. The room the computers are in might be encased in a faraday cage (or maybe the rebar of the concrete is formed for this). There may even be some ECM equipment on the offensive side as well, supplying bogus signals.

    This is what I know of the stuff - I hope this helps.
  • Read my comment [slashdot.org] regarding LCD's...
  • Read this comment [slashdot.org] about Tempest monitoring and LCD's by another /.er...
  • ... is how such snooping could pick up stuff from onscreen when said words were via graphics mode, such as Windows using TTF (remembering that words displayed as graphics can't be seen by screen readers for the blind).

  • i don't like YRO because of the name.

    "Your Rights Online"

    it just sounds like the title to some touchy-feely news segment that one would see on the local 10 o'clock news (right after the weather report, of course).


  • Many moons ago I worked at Xerox and knew some of the engineers who worked with Xerox's then new daisy wheel printers. They were trying to get one of the printers Tempest certified. They did all the standard stuff, shielding etc., submitted the printer and it failed. The only feedback was one bit, passed/failed. Make changes. Submit. Fail. Repeat several times.

    Finally, I think around the seventh submission, one of the guys at the certification facility had some mercy. He only said one word, "sound".

    Consider the difference between a "." and a "W". The printer better not hit the "." as hard as the "W" otherwise it'll just punch holes in the paper. So the printers were designed with multiple impact levels and used different ones for different letters.

    They reprogrammed the printer to use the same intemediate impact level for all characters (never mind what that did to print quality) and sure enough the printer was Tempest certified.

    We guessed that the differences in sound of the different impact levels were enough that some useful information could be extracted by listening to the printer print. So Tempest isn't just about electronic emissions, it also includes other emissions like sound.
  • ...then electronic emissions are the least of your problems. If you're encrypting (as you should be) and the Feds are interested enough to be snooping around, and you haven't left the country, then you're in Deep Sh*t.

    It's all well and good to be concerned about the Bad Guys getting your Sensitive Data, but let's be real: your kneecaps are a lot more vulnerable than your computer. Once everybody protects everything with solid have-something/know-something encryption, then maybe we worry about TEMPEST. Until then, encrypt, and keep a duffel bag ready to head for the border.

    (Or ignore me; maybe I'm just one of those loonies who's been watching too many episodes of "The X Files.")
  • " A society that will trade a little liberty for a little order will lose both, and deserve neither"--Thomas Jefferson

    Think about it...
  • by snack ( 71224 )
    It seems from further investigation (reading posts), That this monitoring requires the users to be using a CRT Monitor (or tv). How well would this monitoring technique work on the newer LCD Displays? Or Laptops?

  • I believe if you are using cat5 cables, they are already shielded. The wire for cable tv is as well.
  • Why does it matter? We could still blow them off the earth if we really wanted to.
  • by cheese63 ( 74259 )
    they'll be too distracted by the porn on my monitor to check out the serial number
  • What you described is a principle commonly used in ham radio shacks to isolate radio equipment from harmful interference. My uncle was setting up a radio room in his basement and surrounded the whole thing with a wire screen to keep out unwanted RFI. It's called an RF cage, and apparently it doesn't have to be a solid piece of metal, as there was about two inches of space inbetween each wire. Maybe the spacing just has to be smaller than the length of the wave, but that's just a wild guess. Maybe someone with more physics knowledge than me could answer that.
  • There was an interesting sidebar to an article in Scientific American about a year ago describing a technique to hide data on a screen so that the user could not detect it's presence, yet the data could be picked up by Van Eck freaking.
    The original scientific article [cam.ac.uk] can be found at Markus Kuhn's homepage [cam.ac.uk]. (Lots of interesting reading there.) The same article alscribes how to apply the same technique to construct a set of fonts that are quite resistant to normal Van Eck attacks.
    Microsoft was funding a project to use this to put product serial numbers on the screen so they could drive a truck through an office park and pick out software pirates. Honest.
    This assumes Microsoft having a clever idea. Now I don't have the source handy (I think it was a post on de.comp.security) but I seem to remember that one of the authors (M. Kuhn or R. Anderson) said that when MS gave them a big grant, they looked for some way to demonstrate that their security research had 'real life' applications as well. At least, the UK patent covering this idea (UK patent application no 9722799.5, October 29, 1997: Software Piracy Detector Sensing Electro- magnetic Computer Emanations) has their names on it.
  • Call me a newbie or hopelessly naive, but could someone explain to me why you couldn't just stop these signals by computing inside a faraday cage? As I understood it, an enclosing wire frame will prevent radio emmissions from entering or leaving?

    Is there something fundamentally different about TEMPEST-type emmissions? Or is there something fundamentally flawed with my notion of a Faraday cage? Or is this a perfectly valid solution, just that most people don't want to, or don't have access to a big metal cage in which to do their computing?
  • Well, the feds recently admitted to dumping toxic material over some cities in Minnesota to see what happened. Or something like that. If one of the myths turns out to be true, that opens the door for all the others.

  • alternative theory: the different impact levels were produced by (1) multiple signal strengths or (2) multiple signal durations, either of which would cause different RF emissions for the different characters, and "sound" was just his way of tipping them off to the key problem.

    if sound was really part of it, you'd have to equalize the amount of time the wheel spun for each character (otherwise the time between strikes would give you information about the characters used) and the strike area of each character (otherwise the sound level would give you information). hmm - now that i think about it, the timing attack would work for RF, too...

  • I can't remember where, but I seem to remember someone having old TEMPEST-compliant boxes for sale. I'm almost willing to buy one, if not for the utility than for the durability: the pics I saw showed the case to be like a tank. Does anyone have a link or an offer they could make?

  • I find that I can see my monitor more clearly when it's not completly surrounded in metal.
  • I seem to recall learning in physics last year that completely surrounding an object with some form of conductor will shield it from electromagnetic fields, as well as prevent internal fields from getting out. So if you just plaster your room with tin foil, you should be safe. Just remember to let in some air once in awhile.

    Also note that a typical computer is almost completely surrounded by a conductor: the case. Of course, if you are like me, and you have a K7 and a TNT2 in your case, and you find you have to leave the cover off and have an external fan blowing on the damn thing to keep the heat down, then you have a problem. In my situation... well, I couldn't care less if the government looked at what I'm doing. I'm an open source programmer! :)
  • FYI: Some guy at MIT did some work on this on his own a couple of years ago. I bet you can get more info at the MIT site
  • In practice overseas embassies etc have Faraday rooms -- the entire windowless room is shielded with copper.
  • one question, you think we pay their bills?

    i figure their bills get paid by classified funding. isn't microsoft on trial right now (and trying to get out of it)?

  • Well, this proves that, as of 1992, the entire government has not been usurped by artificial or alien intelligence.

    There's no intelligence to usurp, this is the govnerment of which you're speaking. "dara" represents a unit of "Slashdot Stupidity in the guise of humor" measure, which in this case scored 5 daras per teradips.
  • I pity the fool who doesn't think L0pht could hack their way out of a wet paper bag. L0pht is the most talented group in the world, better at coding than Linus and just as good at security as the NSA.

    Now here's a comment which really does deserve to be moderated up with "Funny." Can you just see this pencil neck AC with a "Mr. T" yellow mohawk and big plastic tortoise shell glasses?

    "I pitty the fool" MY ASS!
  • Tempest is just a stadard that is used by the NSA amd DOD to ensure that nobody monitors their electronic activity from outside a facitity.

    Contrary to popular belief, it it **NOT** a device to spy on you. I offer the following:

    A) It is illegal for the US Intelligence community to spy on any US citizen or corporation unless authorized by the Attorney General (although I bet she's big on that, given her track record)

    B) Do you think that the NSA really cares about your love letters to you five girlfriends around the world?

    C) It takes a very concerted effort to get emission collectors close enough to a site to be effective. These collectors don't fit in a briefcase, they are just too complicated and have too many parts. Also, if you are going to keep up surveilance, you have to change out shifts and vehicles, and people have to eat. That kind of activity generates notice.

  • by Anonymous Coward
    I was looking awhile ago for something and I came across MECO.ORG. Seems they have some surplus TEMPEST PC/Monitors for sale.
  • Anderson and Kuhn's original paper [cam.ac.uk] is well worth reading for a very informative look at what Soft Tempest technologies can do for both attack and defence. I strongly recommend against speculating about any part of this technology until you've read this clear and extraordinary paper.
  • Years ago I had a TEMPEST certified PC in my office for a software development project.

    The PC was in a heavy duty metal case with no openings. Their was an RF filter (metal mesh) over the opening for the power supply fan. All of the cables were thick, high quality, shielded cables. The monitor was in a special shielded enclosure. The keyboard looked normal but it was noticably heavier than a normal keyboard.

    All mechanical joints in the case had RF gasketing material where the parts fit together. Every part in the system or attached to the system had to be TEMPEST certified. You couldn't install a normal I/O board, cable or peripheral without voiding the certification.

    I've forgotten the price but it was two or three times the price of a non-TEMPEST equivalent.

  • The Nazis were no good at keeping secrets. By the time Joe Nazi knew it, the Jews knew as well. As did most other countries. That was no secret.
  • It is technically possible, but I've yet to see any credible proof that this method works. There are a lot of outside factors that first must be isolated, not to mention tuning in on the right frequency range. I believe it'd take some pretty advanced equipment to make any sense of the radition given from the CRT itself at a reasonable distance. If you know of credible source, or a site that really describes that method in detail, please do tell.

    Where as my described method is pretty much industry standard, and is much easier to reconstruct. I've seen it in action.
  • I'm no expert, but from what little I have read it doesn't read the CRT emissions itself, it reads from other things. Such as the PC card or monitors' frame buffer or whatever. But there are restrictions on distance as its a rather feeble signal. I have little doubt that having multi buffers written to simultaneously, or just random noise on that frequency, would confuse things greatly.

  • I know nothing I'll say will change your mind, but i'm going to say it anyways. While I can understand why people might be concerned about Echelon, TEMPEST is not in the same league. If the government wants to kill or spy on you, there isn't much you can do about it. There will always be other methods which you're simply not aware of. FOIA in case of TEMPEST is neither necessary, nor very beneficial (as a countermeasure against the gov't).

    When you starting implying that "The Government" (Justice Dept.) knowing murdered innocent people, you blow a great deal credibility. Widespread conspiracies are myth.
  • Try the keywords "Wim Van Eck Electronic Eavesdropping" in your favorite search engine (like www.google.com). That should give you the links you want.

  • Surrounding something with a conductor (ie copper wiring cage) to mask out EM transmissions is called a Faraday Cage.

    (quick definition here [lynx.uio.no]
    Nifty stuff here [davidson.edu] too.
    Anything more, just use Google.

  • OK, I'm not sure if I understand you, but are you complaining because you think we don't want the government to protect its own data? If so, you got it wrong.

    I don't like the classification of TEMPEST data and specifications because it makes it difficult for ME to protect MY data. It's the same thing as crypto.
  • I wonder how resistent those babies would be to a HERF gun... In my noisy environment, maybe I could use one too... ;)
  • Why just versus the [domestic] Gov't? They're not the only folks with the technical know-how.

    Think folks like disgruntled techies trying to grab payroll data. Or somebody stealing a competitor's secrets. Or so forth. There are, potentially, circumstances under which somebody would be willing and able to attempt TEMPEST ELINT surveillance, but not send folks to do a B&E or a little physical coercion...
  • I found a couple places through Altavista:

    Advanced Technology Systems Corporation [atsc-usa.com] -- has TEMPEST-compliant and "ruggedized" (their word not mine) devices.
    Candes Systems, Inc. [aol.com] -- Offers TEMPEST-compliant desktops and laptops.
    The EMF Safety Catalog [berk.com] -- Mostly stuff about reducing EMF radiation, but also has some TEMPEST-compliant devices

  • The 'r' in "dara" is obviously some sort of secret code. Perhaps it stands for DARPA, which would definitely have a vested interest in this sort of thing. And if you take the 'r' in DARPA and replace it with a 't', it becomes DATPA, which is meaningless. This proves my theory.

    Another alternative is that the CIA is under control of a renegade communist band that fled Russia after the collapse of the U.S.S.R. Notice the "da" in the beginning of both DARPA, data, and dara. And the 't' being changed to an 'r' has to be a secret message; perhaps they want to "transfer" top-secret government information about TEMPEST so they can spy on Microsoft, steal the source code for Windows, and take over the world!

    Wait. How can the source code to Windows possibly help them? :-)
  • Let's see, crypto is good (for individuals) because it protects sensitive data.

    TEMPEST and its ilk are bad, because they protect governmental/military sensitive data.

    It's a poor sort of logic that has to be internally consistent.

  • When you starting implying that "The Government" (Justice Dept.) knowing murdered innocent people, you blow a great deal credibility. Widespread conspiracies are myth.

    Yeah, right. You probably don't believe Kennedy was killed by aliens, the philidelphia experiment irradiated apple pie loving American soldiers against their will, Jimmy Hoffa peaks up umpires crotches, or the that the CIA is in league with NOW to get Gloria Steinam elected "Mrs. America" AND president in 2004, in a nihilistic attempt to discredit American politicians in the voter's eyes.

    You are sadly mistaken, and clearly naive.
  • by FallLine ( 12211 ) on Tuesday October 26, 1999 @05:37AM (#1588222)
    You're confusing broadspread high level malice with low level screwups. When you bunker up in some compound, and start shooting at people you can't expect to be perfectly safe. Even if you personally aren't pulling the trigger. Things get hairy. Everyone's life is on the line.

    Civil trials are NOT proof of innocence or guilt. It is a proponderance of the evidence, not beyond a shadow of a dobut. Futhermore, its being reviewed by a layman jury who knows nothing of what it is like to be under fire. The question is, what where they looking at?

    Any lawyer worth his weight is capable of painting the Feds as being evil, and can then take admissions of shooting to the bank. But just because a single sniper shot an "innocent" (person not happening to be carrying a gun), doesn't even mean he violated protocol. A jury simply isn't qualified to review such cases. Even if he did violate protocol, it doesn't mean he did so maliciously or even particularly recklessly. Nor does it indicicate higher level involvement. Why do you assume his superiors would want an "innocent" person killed? It is just hogwash...

  • by A Big Gnu Thrush ( 12795 ) on Tuesday October 26, 1999 @08:30AM (#1588223)
    Because I care:

    GUID [news.com]

    Win98 profiling [techweb.com]

    Professor Spokesman [chronicle.com]

    Astroturf [latimes.com]

    Ads as news [thestandard.net]

    Video [wired.com]
  • by nester ( 14407 ) on Monday October 25, 1999 @06:31PM (#1588224)
    i can see the console on my pmac 7100/80 on channel 4. it only works if the rabbit ear antenna is at the correct angle, otherwise it just looks like high freq interference. just find an old 7100/80, hook up a monitor running at 60hz 640x480, boot up mklinux [mklinux.org], run bitchx or just hit 'a' at the booter to get the bootstrap console. now tune to channel 4 (it might help if you use an old tv) and move the antenna around. you probably won't be able to make out the characters, but you'll at least be able to tell it's the console. btw, i know it's not the monitor or the vga cable leaking the signal cuz i've turned the monitor off and unplugged the video cable and the signal was just as strong. i guess apple didn't ground/shield the case well enough.
  • Getting all my secrets department"? Uh-huh. More paranoid ravings from the YRO folks. The more YRO read, the less it sounds like a legitimate concern and the more it sounds like the delusions of people who been watching too many "X-Files" episodes. Here's a hint: TV isn't real.

    Paranoid rantings? Ok, for the vast majority of the population, who doesn't care what happens to the world as long as they can have a house in the burbs, SUV, 2.5 kids, and no one messes with their bowling night, yes. The NSA has already said in documents released through FOIA, that if you fit into this profile, they're not going to mess with you.

    However, the rest of us, who have actually been paying attention to the events of the world, have reason to be nervous. Those of us who have noticed that our rights have been slipping away one by one, those of us who have noticed that the government is wresting control from the people, and those of us who may have been very vocal about their dissatisfaction with having their Constitutional liberties and god-given rights being taken away have a real serious reason to worry. And those of us who have seen the Justice Department kill innocent victims and children at Waco and Ruby Ridge have real reason to be upset.

    Granted, the NSA, FBI, CIA, or whatever else government agency is not going to spy on everyone. But if the NSA find reason enough to tap you, there is plenty of evidence to suggest that you will be tapped. What violates national security might interest you. For all I know they could go definately go after ESR next, with all that huge arsenal he has. (HHOS)

    Yes there is reason to worry, there is reason to look at the government with a cautious eye. Its people who are completely ignorant who will be the first against the wall when the revolution starts.
  • by DragonHawk ( 21256 ) on Tuesday October 26, 1999 @08:07AM (#1588226) Homepage Journal
    However, the rest of us, who have actually been paying attention to the events of the world, have reason to be nervous.

    Maybe you do, and maybe you don't. I am not trying to prove that one way or the other. Personally, some of the things the government does do worry me, and I am concerned about them.

    But EMSEC isn't one of them. EMSEC is about as much a violation of your rights as strong crypto is. Note: Not restrictions on strong crypto, but the possestion of it. If EMSEC is a threat to my privacy, then so is strong crypto. See my point?

    And those of us who have seen the Justice Department kill innocent victims and children at Waco and Ruby Ridge have real reason to be upset.

    Right. The entire DOJ decided, "Hey, let's go kill some innocent people. And children! Make sure you go after the children first! They make the best targets!"

    Have you ever been in a firefight? Things are not quite so cut-and-dry as you seem to think. When you start getting shot at, you shoot back at any available target. Otherwise, you'll have a bullet in the brain quicker then you can say "Constituional liberties".

    The fact of the matter is, the people at Waco were holed up in a compound, in violation of multiple laws, and shooting at people. The police fired back. What do you expect?

    I think it is a shame that some of the people in that compound who were just caught up in the whole thing got hurt, but shit happens. You seem to think the police went out of their way to hurt these people. Did it ever occur to you that it was an accident?

    To put it bluntly: Get a grip.
  • by pennyn ( 93733 ) on Monday October 25, 1999 @05:14PM (#1588227) Homepage
    Purely depends on the quality of the monitoring equipment - picking up individual monitors in one room can be done: let me refer to a demonstration done by Frank Jones (CEO of TheCodex [thecodex.com])

    "We had no problem viewing computer screens on adjacent floors in the building (we were sometimes hindered by noise) and were able to differentiate (to my surprise) between different computers in a large office. We aimed our device out the window across the street at an adjacent office building and were able to view CRT screens without too much difficulty."

    The full article is here [thecodex.com] (scroll down to "WHAT WE WERE ABLE TO CAPTURE...")
  • by Ryandav ( 5475 ) on Monday October 25, 1999 @04:33PM (#1588228) Homepage Journal
    I would like to point out something I thought was more relevant about the link and story, which I'd seen a this morning.

    These documents were acquired by people submitting paperwork for the Freedom Of Information Act and acting on their beliefs. We can all sit around and argue about Echelon, or worry about some other terrible conspiracy, but I think that until people really start to hold their government responsible for it's actions, things will continue as before and worse.

    Ask 'em for the documents. Make em worry about what to classify. Cause the office that checks for classification issues to overload; after all, classification decisions are pretty high level, and the model doesn't scale well. As the office becomes more clogged with requests for information, either they will mess up and release material they wouldn't have otherwise, or they will get so clogged they can't process all of the information coming in and going out.

    Take responsiblity for the destiny afforded you by your government. Alone you are nothing, but in groups you are its greatest enemy.
  • There was an interesting sidebar to an article in Scientific American about a year ago describing a technique to hide data on a screen so that the user could not detect it's presence, yet the data could be picked up by Van Eck freaking.

    Microsoft was funding a project to use this to put product serial numbers on the screen so they could drive a truck through an office park and pick out software pirates. Honest.

  • by DragonHawk ( 21256 ) on Monday October 25, 1999 @04:15PM (#1588230) Homepage Journal
    EMSEC (Emissions Security, the name for the security practices the TEMPEST program evolved into) is common practice in the world of Information Assurance today. It mainly consists of buying shielded everythings from certified vendors. IBM is one of them. With simple protections, EMSEC is no problem. Such practices are universal in the military world (even if compliance is not). In the civilian world, as usual, it almost always is not worth the effort.

    "Getting all my secrets department"? Uh-huh. More paranoid ravings from the YRO folks. The more YRO I read, the less it sounds like a legitimate concern and the more it sounds like the delusions of people who have been watching too many "X-Files" episodes. Here's a hint: TV isn't real.
  • by debrain ( 29228 ) on Monday October 25, 1999 @04:13PM (#1588231) Journal
    Suprisingly enough to me, it would appear as though this was made by humans. For example, the following definition:

    3.1.4 (U) Bit Rate. -- A general term used to express the dara transfer rate of binary digital signals.

    clearly indicates the spelling error "dara" instead of "data". Well, this proves that, as of 1992, the entire government has not been usurped by artificial or alien intelligence.

    However, since 1992, I can make no assurances. Or that dara represents some coset of the coin data, with more specific meaning (or more general meaning), of some purpose I cannot yet surmise.

  • Here's the article you were talking about:

    From www.sciam.com/1998/1298issue/1298techbus4.html

    Most computer users would be startled to realize that somebody parked outside their home with the right kind of (very expensive) receiving equipment can read the data that appear on their computer screens. The receiver uses the monitor's radio emanations to reconstruct the screen's contents.

    And like a predictable villian from a tired James Bond movie:

    The story began, Anderson says, when Microsoft made its $20-million investment in Cambridge's computer science lab and said the company was particularly interested in ways to control software piracy.

    Of course Microsoft wouldn't abuse this technology, right? They may sneak the GUID serial number into user's documents, track users' PCs who install Windows 98, pay your college professors to push their products, organize an astroturf campaign to fake support for their DOJ lawsuit, disguise advertisements as news stories, and fake evidence during their DOJ trial, but they're honest, dammit!

    Sorry if there are any typos in this, but it's hard to type when you have your head buried in the sand.

    GUID: //www.news.com/News/Item/0,4,33413,00.html

    Win98 profiling: //www.techweb.com/wire/story/TWB19990312S0008

    Professor Spokesman: /chronicle.com/data/articles.dir/art-44.dir/issue- 33.dir/33a03001.htm

    Astroturf: http://www.latimes.com/HOME/NEWS/BUSINESS/UPDATES/ lat_microsoft0410.htm

    Ads as news: //www.thestandard.net/articles/display/0,1449,6087 ,00.html?home.bf

    Video: //www.wired.com/news/news/politics/story/17938.htm l

"Go to Heaven for the climate, Hell for the company." -- Mark Twain