From: Harvey Newstrom (mail@HarveyNewstrom.com)
Date: Mon Apr 29 2002 - 23:48:01 MDT
I have worked wth Tempest technology. It is extremely easy to detect
keystrokes. Imagine a very sensitive radio device listening to the
electromagnetic click of the little tiny switch inside every key. Now
imagine that you measure every aspect you can about the click, its
duration, frequency, waveform, echo, number of subcontact clicks, etc.
Every key will sound different. Recording every keystroke simply gives
you a cipher code, where it is trivial to figure out which key is which
letter. In English text, for example, the letter "e" is the most common
character. Statistically analyzing text will show the most common
keystroke to be an "e". Plus old cryptographer's notes help here. The
letter "I" and "a" are the only common one-character words in English.
Periods occur at the end of sentences.
The same information is available from the fonts appearing on your
screen. Your computer screen gives off a radio signal. While the
picture is not changing, the signal is static. When you type one letter
at a time, the signal changes a little at a time. The amount of each
pixel changes the radio signal. Measuring the minute changes being
typed is the same as measuring the keystrokes. Special fonts have been
developed where all the letters have the same radio frequency values and
cannot be distinguished.
Believe it or not, similar information can be read from the power draw
of your computer. I have not seen this applied to keystrokes, but to
actual cpu instructions. Each cpu instruction takes a slightly
different amount of power depending on how many bits are manipulated in
memory. This minor fluctuation is so small compared to the larger
hardware, that it is actually easier to read. Imagine huge sign waves
of major power fluctuations, with minuscule waveforms along the line.
The giant waves have no affect on the readability of the minor waves.
Computer CPUs are so precise in their minor power fluctuations, compared
to lights, motors and appliances, that they are easily discernible from
the other noises. Having multiple computers don't matter, since the
combined signals are easy to separate due to the CPU's precise timing
patterns.
A related technology is ready disk drives and tapes that have been
overwritten. The bits of ones and zeros are actually small areas of
magnetic fields. When later bits are written, they do not align exactly
on top of the previous bits. Imagine two overlapping circles. The one
on top covers 90% of the area, while the previous bit value is a 10%
crescent off to one side. The second-previous value might be a 1%
sliver, and so forth. I personally have ready data up to 8-9 times of
overwriting.
There are also technologies to read the last image displayed on a screen
before it was turned off. I also have personally dumped a data
dictionary out of a high-speed compression modem that revealed names,
titles and numbers previously transmitted through the modem. There are
electromagnetic signatures everywhere. All it takes is a sensitive
device to record them, and mathematical software to examine them.
-- Harvey Newstrom, CISSP <www.HarveyNewstrom.com> Principal Security Consultant <www.Newstaff.com>
This archive was generated by hypermail 2.1.5 : Sat Nov 02 2002 - 09:13:43 MST