[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <146DCEAE811AC94D96510685EF2F92B401DED5ED@dalexmb3.corp.nai.org>
Date: Fri, 18 Aug 2006 12:09:30 -0500
From: <Bryan_McAninch@...fee.com>
To: <psz@...erved.de>
Cc: full-disclosure@...ts.grok.org.uk
Subject: RE: Tempest today
I believe the attack to which you're referring is known as Van Eck
phreaking; it was discovered in the mid-80's. TEMPEST is a USG standard
for limiting/eliminating EMR emanations and was declassified in the
mid-90's (which you mentioned). Faraday shielding seems to have been
used effectively as an EMR eavesdropping countermeasure, though I'm
uncertain if its pervasively used.
-----Original Message-----
From: full-disclosure-bounces@...ts.grok.org.uk
[mailto:full-disclosure-bounces@...ts.grok.org.uk] On Behalf Of Paul
Sebastian Ziegler
Sent: Friday, August 18, 2006 11:45 AM
To: full-disclosure
Subject: [Full-disclosure] Tempest today
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Hi list,
I've seen some fuss about the technique called "tempest" lately. Some
people claim it would be "the thing" in modern security. This bugs me
somehow because first of all I think it is way to much of an effort
compared to the more casual techniques used today. Also all information
that I can find on the Internet refers to some stuff the NSA released in
the mid-nineties. Now that is not really a good and reliable source of
information in my believe. :)
Can anybody tell me how far evolved this technique is today and who uses
it? Maybe some reference to a whitepaper or something similar. Would be
great.
Thanks
Paul
Brief definition of tempest for those who have never heard of it:
Picking up the radiation produced by a monitor or cables that connect
the graphics-card or graphics-chipset with the monitor in order to spy
the screen of the user. Kind of like getting access to a VNC server on
the box without having input yourself. The interesting part is that it
is technically undetectable.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFE5e6XaHrXRd80sY8RCg/9AKCBAs2SjvitArRFHs+6moRb0UX4GQCfbCo9
wi9z1V+h5m0YJFdz9IZK+EI=
=2pu2
-----END PGP SIGNATURE-----
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists