Are we safe from EMP scanning? - tempest.txt (0/1)



OBI WAN KENOBI
07-09-2005, 11:53 PM
Hi everyone.

Is it true that pc screen EMP waves can be read by standard equipment
and the observer may resconstruct the screen, exactly?

I stumbled upon this on an web archive. Is this still true for thsese
days? If its os easy for someone so read the screen electromagnetic
radiations, or of any electrical equipment, why isn't this ever
addressed by and 'security experts'? Is it because those in the money
loop want it to remain a secret as long as possible and to as many?

I have attached the file so anyone who wants to sample what the old
timers had to say can do so. Its 53k only but good reading.

OW-K

Matt Gibson
07-09-2005, 11:53 PM
TEMPEST scanning is usually not addressed because of

A) The expense of protecting against it

B) The expense of the equipment needed to scan

Outside of the military, I've yet to see a single TEMPEST shielded PC.

Matt Gibson - GSEC


"OBI WAN KENOBI" <ST@RWARS.ORG> wrote in message
news:jq8ba15n3t0auqhbc1dn02h671i5sjdk14@4ax.com...
>
> Hi everyone.
>
> Is it true that pc screen EMP waves can be read by standard equipment
> and the observer may resconstruct the screen, exactly?
>
> I stumbled upon this on an web archive. Is this still true for thsese
> days? If its os easy for someone so read the screen electromagnetic
> radiations, or of any electrical equipment, why isn't this ever
> addressed by and 'security experts'? Is it because those in the money
> loop want it to remain a secret as long as possible and to as many?
>
> I have attached the file so anyone who wants to sample what the old
> timers had to say can do so. Its 53k only but good reading.
>
> OW-K
>

Steven L Umbach
07-09-2005, 11:53 PM
In addition to what Matt said FYI the military and law enforcement has
equipment that can be used to see what "you" are doing in your home through
the walls/ceilings for those that are concerned that your computer screen
can be read. --- Steve



"Matt Gibson" <mattg@blueedgetech.ca> wrote in message
news:OaybSq3aFHA.1152@tk2msftngp13.phx.gbl...
> TEMPEST scanning is usually not addressed because of
>
> A) The expense of protecting against it
>
> B) The expense of the equipment needed to scan
>
> Outside of the military, I've yet to see a single TEMPEST shielded PC.
>
> Matt Gibson - GSEC
>
>
> "OBI WAN KENOBI" <ST@RWARS.ORG> wrote in message
> news:jq8ba15n3t0auqhbc1dn02h671i5sjdk14@4ax.com...
>>
>> Hi everyone.
>>
>> Is it true that pc screen EMP waves can be read by standard equipment
>> and the observer may resconstruct the screen, exactly?
>>
>> I stumbled upon this on an web archive. Is this still true for thsese
>> days? If its os easy for someone so read the screen electromagnetic
>> radiations, or of any electrical equipment, why isn't this ever
>> addressed by and 'security experts'? Is it because those in the money
>> loop want it to remain a secret as long as possible and to as many?
>>
>> I have attached the file so anyone who wants to sample what the old
>> timers had to say can do so. Its 53k only but good reading.
>>
>> OW-K
>>
>
>

Juergen Nieveler
07-09-2005, 11:53 PM
OBI WAN KENOBI <ST@RWARS.ORG> wrote:

> Is it true that pc screen EMP waves can be read by standard equipment
> and the observer may resconstruct the screen, exactly?

As the others have pointed out, what you refer to is called "TEMPEST".

If your PC would emit EMP, you'd be VERY unpopular with your neigbours
:-)

You can shield your PC against TEMPEST-attacks, but it's rather
difficult - it's probably a lot easier to shield the entire room
instead by plating all walls with grounded metal foil. Obviously,
windows are a bad idea in a TEMPEST-protected room, LAN-connections
should be fibre only, and great care has to be taken so that the power
wiring doesn't act as an antenna that transmits your data outside of
the faraday cage you have built.

Juergen Nieveler
--
The infantry muzzle flashes you ignore are covering an anti-tank team
setting up.

Juergen Nieveler
07-09-2005, 11:53 PM
"Steven L Umbach" <n9rou@nospam-comcast.net> wrote:

> In addition to what Matt said FYI the military and law enforcement has
> equipment that can be used to see what "you" are doing in your home
> through the walls/ceilings for those that are concerned that your
> computer screen can be read. --- Steve

And what equipment would that be? Thermal imaging works only through
poorly isolated wooden walls...

One thing to keep in mind however is the danger posed by windows. Even
if the monitor itself isn't visible from the outside, the reflection on
the wall could be used to reconstruct the picture.

Juergen Nieveler
--
Is infidelity a form of multitasking?

Karl Levinson, mvp
07-09-2005, 11:53 PM
Agreed. TEMPEST is not a secret, its just people outside the military
usually don't do anything more than discuss it. Besides video screens,
ambient radiation, light, LEDs, heat, etc. can be read from modems, CPUs
doing cryptographic calculations, your voice as you talk on the phone, fiber
optic cables, and other items most people think are otherwise secure.

I believe the free version of PGP has had an option enabled by default to
bring up your decrypted emails in a more or less tempest-proof window.
There may be other free software that might permit you to try to defeat
tempest on a computer screen. Duct tape over your modem LED lights can
defeat that.

Remember that security is not about addressing everything to make your
network into an impenetrable fortress... because that isn't possible.
Security is about assessing the risk of each forseeable threat, and
assessing the possible security countermeasures, to see whether the
countermeasures are even worth doing. If the countermeasures cost more than
the risk itself, or the risk is not very likely to occur, then people may
choose to accept the risk, or transfer it via insurance for example, instead
of mitigating it.


"Matt Gibson" <mattg@blueedgetech.ca> wrote in message
news:OaybSq3aFHA.1152@tk2msftngp13.phx.gbl...
> TEMPEST scanning is usually not addressed because of
>
> A) The expense of protecting against it
>
> B) The expense of the equipment needed to scan
>
> Outside of the military, I've yet to see a single TEMPEST shielded PC.
>
> Matt Gibson - GSEC
>
>
> "OBI WAN KENOBI" <ST@RWARS.ORG> wrote in message
> news:jq8ba15n3t0auqhbc1dn02h671i5sjdk14@4ax.com...
> >
> > Hi everyone.
> >
> > Is it true that pc screen EMP waves can be read by standard equipment
> > and the observer may resconstruct the screen, exactly?
> >
> > I stumbled upon this on an web archive. Is this still true for thsese
> > days? If its os easy for someone so read the screen electromagnetic
> > radiations, or of any electrical equipment, why isn't this ever
> > addressed by and 'security experts'? Is it because those in the money
> > loop want it to remain a secret as long as possible and to as many?
> >
> > I have attached the file so anyone who wants to sample what the old
> > timers had to say can do so. Its 53k only but good reading.
> >
> > OW-K
> >
>
>

Karl Levinson, mvp
07-09-2005, 11:53 PM
"Juergen Nieveler" <juergen.nieveler.nospam@arcor.de> wrote in message
news:Xns966ECAAE45E3Ejuergennieveler@nieveler.org...

> As the others have pointed out, what you refer to is called "TEMPEST".
>
> If your PC would emit EMP, you'd be VERY unpopular with your neigbours
> :-)
>
> You can shield your PC against TEMPEST-attacks, but it's rather
> difficult - it's probably a lot easier to shield the entire room
> instead by plating all walls with grounded metal foil.

Plus, in this day and age, people are more interested in gaining wireless
functionality than shielding against tempest. Cell phones, wireless home
phone units, x10 wireless web cams, etc. are reportedly easy to tap. Even
if you use WEP or WPA encryption on your wireless access point, you're
theoretically vulnerable. I understand there is paint you can use to block
your wireless signals from leaving your building, and I suppose that same
solution or a similar one might help with tempest signals, as long as you
wall up all your windows at the same time.

Imhotep
07-09-2005, 11:53 PM
Karl Levinson, mvp wrote:

> Agreed. TEMPEST is not a secret, its just people outside the military
> usually don't do anything more than discuss it. Besides video screens,
> ambient radiation, light, LEDs, heat, etc. can be read from modems, CPUs
> doing cryptographic calculations, your voice as you talk on the phone,
> fiber optic cables, and other items most people think are otherwise
> secure.
>
> I believe the free version of PGP has had an option enabled by default to
> bring up your decrypted emails in a more or less tempest-proof window.
> There may be other free software that might permit you to try to defeat
> tempest on a computer screen. Duct tape over your modem LED lights can
> defeat that.
>
> Remember that security is not about addressing everything to make your
> network into an impenetrable fortress... because that isn't possible.
> Security is about assessing the risk of each forseeable threat, and
> assessing the possible security countermeasures, to see whether the
> countermeasures are even worth doing. If the countermeasures cost more
> than the risk itself, or the risk is not very likely to occur, then people
> may choose to accept the risk, or transfer it via insurance for example,
> instead of mitigating it.
>
>
> "Matt Gibson" <mattg@blueedgetech.ca> wrote in message
> news:OaybSq3aFHA.1152@tk2msftngp13.phx.gbl...
>> TEMPEST scanning is usually not addressed because of
>>
>> A) The expense of protecting against it
>>
>> B) The expense of the equipment needed to scan
>>
>> Outside of the military, I've yet to see a single TEMPEST shielded PC.
>>
>> Matt Gibson - GSEC
>>
>>
>> "OBI WAN KENOBI" <ST@RWARS.ORG> wrote in message
>> news:jq8ba15n3t0auqhbc1dn02h671i5sjdk14@4ax.com...
>> >
>> > Hi everyone.
>> >
>> > Is it true that pc screen EMP waves can be read by standard equipment
>> > and the observer may resconstruct the screen, exactly?
>> >
>> > I stumbled upon this on an web archive. Is this still true for thsese
>> > days? If its os easy for someone so read the screen electromagnetic
>> > radiations, or of any electrical equipment, why isn't this ever
>> > addressed by and 'security experts'? Is it because those in the money
>> > loop want it to remain a secret as long as possible and to as many?
>> >
>> > I have attached the file so anyone who wants to sample what the old
>> > timers had to say can do so. Its 53k only but good reading.
>> >
>> > OW-K
>> >
>>
>>

....good advice.

-Im

OBI WAN KENOBI
07-09-2005, 11:53 PM
Thanks everyone;

You see after I read about it I was not really concerned about my
privacy or whatever, I don't have any hush-hush data but I was kinda
worried what would happen if this was directed at poorly protected
financial institutions etc. I guess EMP can be used to disrupt data on
any magnetic storage device or even some types of RAM type data
storage by just aiming a few seconds of good strength EMP !! Now as

I understand it's no secret America's unversity labs all publicly
posted all information required to make such a device (if goofy
terrorists do decide to build one) and some defense cos sells these to
anyone for a good price. Its not wise to assume the terrorists or
tech-bad-guys can't go very-hi-tech. stopping spread of these info
and equipments are vvi. its also required that people know about
these.

OW-K.
===============================================================
On Thu, 09 Jun 2005 12:53:45 -0700, Imhotep <NoSpam@NoThanks.com>
wrote:

>Karl Levinson, mvp wrote:
>
>> Agreed. TEMPEST is not a secret, its just people outside the military
>> usually don't do anything more than discuss it. Besides video screens,
>> ambient radiation, light, LEDs, heat, etc. can be read from modems, CPUs
>> doing cryptographic calculations, your voice as you talk on the phone,
>> fiber optic cables, and other items most people think are otherwise
>> secure.
>>
>> I believe the free version of PGP has had an option enabled by default to
>> bring up your decrypted emails in a more or less tempest-proof window.
>> There may be other free software that might permit you to try to defeat
>> tempest on a computer screen. Duct tape over your modem LED lights can
>> defeat that.
>>
>> Remember that security is not about addressing everything to make your
>> network into an impenetrable fortress... because that isn't possible.
>> Security is about assessing the risk of each forseeable threat, and
>> assessing the possible security countermeasures, to see whether the
>> countermeasures are even worth doing. If the countermeasures cost more
>> than the risk itself, or the risk is not very likely to occur, then people
>> may choose to accept the risk, or transfer it via insurance for example,
>> instead of mitigating it.
>>
>>
>> "Matt Gibson" <mattg@blueedgetech.ca> wrote in message
>> news:OaybSq3aFHA.1152@tk2msftngp13.phx.gbl...
>>> TEMPEST scanning is usually not addressed because of
>>>
>>> A) The expense of protecting against it
>>>
>>> B) The expense of the equipment needed to scan
>>>
>>> Outside of the military, I've yet to see a single TEMPEST shielded PC.
>>>
>>> Matt Gibson - GSEC
>>>
>>>
>>> "OBI WAN KENOBI" <ST@RWARS.ORG> wrote in message
>>> news:jq8ba15n3t0auqhbc1dn02h671i5sjdk14@4ax.com...
>>> >
>>> > Hi everyone.
>>> >
>>> > Is it true that pc screen EMP waves can be read by standard equipment
>>> > and the observer may resconstruct the screen, exactly?
>>> >
>>> > I stumbled upon this on an web archive. Is this still true for thsese
>>> > days? If its os easy for someone so read the screen electromagnetic
>>> > radiations, or of any electrical equipment, why isn't this ever
>>> > addressed by and 'security experts'? Is it because those in the money
>>> > loop want it to remain a secret as long as possible and to as many?
>>> >
>>> > I have attached the file so anyone who wants to sample what the old
>>> > timers had to say can do so. Its 53k only but good reading.
>>> >
>>> > OW-K
>>> >
>>>
>>>
>
>...good advice.
>
>-Im

Juergen Nieveler
07-09-2005, 11:53 PM
OBI WAN KENOBI <ST@RWARS.ORG> wrote:

> You see after I read about it I was not really concerned about my
> privacy or whatever, I don't have any hush-hush data but I was kinda
> worried what would happen if this was directed at poorly protected
> financial institutions etc.

Too expensive. Just bribe one of the people working there and you get
much more data than with TEMPEST.

> I guess EMP can be used to disrupt data on any magnetic storage device
> or even some types of RAM type data storage by just aiming a few seconds
> of good strength EMP !! Now as

Would EMP actually DO anything to magnetic storage devices? EMP isn't
magnetism in the usual sense, it's more an ultra-high electrical pulse
coupled magnetically into every wire withing range - think of it as a
lightning hitting every computer in the city at the same time, frying
all the electronic parts.

> I understand it's no secret America's unversity labs all publicly
> posted all information required to make such a device (if goofy
> terrorists do decide to build one)

To produce an EMP you need a rather large nuclear bomb and detonate it
rather high in the atmosphere...

Juergen Nieveler
--
We now return to our regularly scheduled flame-throwing.

Jupiter Jones [MVP]
07-09-2005, 11:53 PM
To add one little bit to the other replies.

How to make your computer safe?
Before answering that question, you first must answer this question:
How much money do you have?

--
Jupiter Jones [MVP]
http://www3.telus.net/dandemar
http://www.dts-l.org


"OBI WAN KENOBI" <ST@RWARS.ORG> wrote in message
news:jq8ba15n3t0auqhbc1dn02h671i5sjdk14@4ax.com...
>
> Hi everyone.
>
> Is it true that pc screen EMP waves can be read by standard equipment
> and the observer may resconstruct the screen, exactly?
>
> I stumbled upon this on an web archive. Is this still true for thsese
> days? If its os easy for someone so read the screen electromagnetic
> radiations, or of any electrical equipment, why isn't this ever
> addressed by and 'security experts'? Is it because those in the money
> loop want it to remain a secret as long as possible and to as many?
>
> I have attached the file so anyone who wants to sample what the old
> timers had to say can do so. Its 53k only but good reading.
>
> OW-K

Matt Gibson
07-09-2005, 11:53 PM
> To produce an EMP you need a rather large nuclear bomb and detonate it
> rather high in the atmosphere...

That's just a very effective way.

You can make a smaller EMP pulse (not enough to do much damage) quite
easily.

Matt Gibson - GSEC

Juergen Nieveler
07-09-2005, 11:53 PM
"Matt Gibson" <mattg@blueedgetech.ca> wrote:

> You can make a smaller EMP pulse (not enough to do much damage) quite
> easily.

Yes, but the "not enough" part is the problem. It's not really possible
to store enough energy in a medium that releases it fast enough to
create a single extremely short spike. The only systems that I know off
that produce a high enough power density are based on explosives
driving a magnet through a coil (as designed by Carlo Kopp).

Juergen Nieveler
--
Error 404: Fortune not found

Matt Gibson
07-09-2005, 11:53 PM
> Yes, but the "not enough" part is the problem. It's not really possible
> to store enough energy in a medium that releases it fast enough to
> create a single extremely short spike. The only systems that I know off
> that produce a high enough power density are based on explosives
> driving a magnet through a coil (as designed by Carlo Kopp).

You know, I hadn't heard of that method, but now that you mention it, it
makes sense.

At short ranges, you can use modified microwave magnatrons to produce pretty
high levels of EMP.

Matt GIbson - GSEC


Are we safe from EMP scanning? - tempest.txt (0/1)