| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sun, 20 Aug 2006 17:45:18 +1000 From: "Lyal Collins" <lyalc@...ftdsl.com.au> To: <daylasoul@...h.com>, <full-disclosure@...ts.grok.org.uk> Cc: Subject: RE: Tempest today Some comment inline... -----Original Message----- From: full-disclosure-bounces@...ts.grok.org.uk [mailto:full-disclosure-bounces@...ts.grok.org.uk] On Behalf Of daylasoul@...h.com Sent: Sunday, 20 August 2006 4:45 PM To: full-disclosure@...ts.grok.org.uk Subject: Re: [Full-disclosure] Tempest today -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Sat, 19 Aug 2006 18:49:09 -0500 Bipin Gautam <gautam.bipin@...il.com> wrote: >Ok, here is something from the book that I was trying to >assemble/write. > >Some Links: http://www.eskimo.com/~joelm/tempest.html >http://www.erikyyy.de/tempest/ > >Lets begin. > >Faraday cages may be used to provide protection from HERF and EMP >effects. > >Countermeasures: >It is easy to defeat ordinary audio eavesdropping, just by >sound-proofing a room. And simply drawing the curtains or creating a >specially crafted background noise or by using double glass with >air >gap in the middle can soundproof and can defeat newer systems, >which >shine a laser beam onto a glass window and decode any modulation of >the reflected beam caused by sound vibrations in the room. Actually, it depends on the laser's light frequency somewhat. The curtain only helps when the laser is reflecting off objects inside the room, not the window itself. With double layered windows (double glazed), the ability to use triangulation between laser TX and rx means it may be possible to capture vibrations from the inner glass panel. As most curtains don't make much difference to sound, simply drawing them is not going to make a major difference in these situations. Infra-red absorbtive/scattering glass makes the most sense, or external curtain materials, but we are int purpose built locations at this point. > >Faraday's cage: The charge on a charged conductor resided only on its >exterior, and had no influence on anything enclosed within it. To >demonstrate this fact he built a room coated with metal foil, and >allowed high-voltage discharges from an electrostatic generator to >strike the outside of the room. He used an electroscope to show >that >there was no electric charge present on the inside of the room's >walls. A Faraday cage is best understood as an approximation to an >ideal hollow conductor. A round drum, sphere etc can act like a >Faraday's Cage. Basically, the enclosure may be made of an unbroken >conducting sheet, like the metal box surrounding a sensitive radio >receiver, or a wire mesh, like that in the door of a microwave >oven. >Any holes in the box or mesh must be significantly smaller than the >wavelength of the radiation that is being kept out, or the >enclosure >will not effectively approximate an unbroken conducting surface. > >This shielding effect is used to eliminate electric fields within a >volume, for example to protect electronic equipment from lightning >strikes and other electrostatic discharges (ESDs). Faraday cages are >often put to a dual purpose: to block electric fields, as explained >above, and to block electromagnetic radiation. The latter >application >is known as RF shielding. > >Some traditional architectural materials act as Faraday shields in >practice. These include plaster with wire mesh, and rebar concrete. >These will affect the use of cordless phones and wireless networks >inside buildings and houses. While Some buildings have designs that >block radio signals by accident due to thick concrete walls or a steel >skeleton. This blocking is generally very unpredictable between different buildings, and moy not coincide wih the radiation characteristics of the target system. Don't rely on this. >RF and Magnetic shielding: Radio frequency (or RF) shielding is >required when it is necessary to block high frequency - 100 >kilohertz >and above - interference fields. These shields typically use >copper, >aluminum, galvanized steel, or conductive rubber, plastic or >paints. >These materials work at high frequencies by means of their high >conductivity, and little or no magnetic permeability. Magnetic >shields >use their high permeability to attract magnetic fields and divert >the >magnetic energy through them. With proper construction, magnetic >shielding alloys have the ability to function as broadband shields, >shielding both rf and magnetic interference fields. > >Electromagnetic shielding: It is the process of limiting the coupling >of an electromagnetic field between two locations. Typically it is >applied to enclosures, separating electrical content from the >outside >world, and to cables, separating internal wires from the >environment >the cable runs through. The shielding is achieved using a >conductive >material as a barrier. Typical materials include sheet metal, metal >mesh, ionized gas, plasma and aluminum foil. The shielding can >reduce >the coupling of radio waves, visible light, electromagnetic fields >and >electrostatic fields. The amount of reduction depends very much >upon >the material used, the method of connection of the shield (or >screen) >and the frequency of the fields of interest. One example is a >coaxial >cable, which has electromagnetic shielding in the form of a wire >mesh >surrounding an inner core conductor. The shielding impedes the >escape >of any signal from the core conductor, and also signals from being >added to the core conductor. > >Though i have practically seen putting a dipole near the coaxial cable >can sniff its signal within despite the sealing. The rf sealing >strict >depends on the quality which i've seen is rare in MOST commercial >products for general uses. Or just use a fibre optic link - way more consistent protection results than coax/shielded cables. > >Shielded Tent: It Shielded enclosures, tempest equipment, shielded >chambers Another way of making sure you are not being bugged is to use >a shielded tent, which prevents radio waves entering or leaving. >Though Mobile phone calls are impossible from inside the tent, but >no-one will be able to listen to your conversations using bugs or >radio wave listening devices. It will also prevent anyone >intercepting >radio emissions from computers, preventing them from seeing what >you >have on screen. A more sophisticated - and expensive - method is to >build a "clean room", of the type used by the military, to shield >radio waves and electromagnetic signals. > >Wireless Shielding Paint: A company, Force Field Wireless makes three >products that it says can dramatically reduce the leakage of >wireless >signals from a room or building. The paint contains copper filings >and >an aluminum compound. When spread evenly on a wall, the paint >reflects >signals in frequencies from 100 MHz to 5 GHz. Paint four walls, a >floor, and a ceiling, and you effectively have a Faraday cage, >which >is a specially constructed metal room that blocks all radio >signals in >or out. It also makes copper/aluminum powder that homeowners can >add >to their own paint. The company also makes a window film that cuts >down on signal leakage. This product DefendAir would be an >attractive >option to >protect an RFID-enabled warehouse. >http://news.thomasnet.com/fullstory/459490/3280 > >Critic: Though wireless signals are very hard to completely block. They >will simply radiate over and around obstacles. Metallic paint might >reduce the signal strength, but that's easily compensated for by >an antenna. Further-more its drawbacks are like it could reduce >cellular reception. Any such technology won't block all signal - it >won't block signal eminating from windows, doors, and screw holes. >What it will do is lower the range from which you can sniff or >connect, with constant equipment, which is plenty to be useful for >some cases. Like a building situated near the center of a military >base. Up to a quarterkilometer away is secured area. But obviously >it >will help you lower the sniffable range of the radiation to >within that security perimeter and it's possible to arrange any >conductive medium to actually amplify RF signals in a given >direction >You are quite likely to find a spot where the signal is >considerably >stronger. Please help make the list self-policing. Follow the list charter and note that self-promotion is forbidden. -----BEGIN PGP SIGNATURE----- Note: This signature can be verified at https://www.hushtools.com/verify Version: Hush 2.5 wpwEAQECAAYFAkToBNoACgkQ3AEcWsxdEQ7SnQP/YflwvtDbAqqwCUSlV9C4c/j0IWKN H21qXsV7BGz9R7R2Fyv2yfoLuTDOgCkZzf8zboW/NZmOk+E52j46ZJhEBSNNOD/uRmC1 R/oSe6S43IZKPfz7o9aN00WKacZCehN1JvNghHxQxwzqqyJQO0Wgw/oklzEjJMl2iZtX LJ/hESM= =I2dh -----END PGP SIGNATURE----- Concerned about your privacy? Instantly send FREE secure email, no account required http://www.hushmail.com/send?l=480 Get the best prices on SSL certificates from Hushmail https://www.hushssl.com?l=485 _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists