Re: Secure passwords?

"Hairy One Kenobi" <abuse@[127.0.0.1]> wrote in
news:Qxxmf.480$q4.124@xxxxxxxxxxxxxxxxxxxx:

>
> The real reason is even more simple - faster boxes tend to radiate
> more and, since most of that is the computer equivilent of
> "tum-te-tum, hurry up and type something", the interferance will help
> to conceal unshielded keyboard and screen signals (which is all one is
> interested in).


The putative effects of interference are frequently overestimated. It is
electronic child's play to filter interference and even, given the
enormous redundancy in many signals, to extract information many decibels
*below* the noise floor.



>> Some interesting speculations (and with Tempest we are all
>> speculating to some degree).
>
> Not necessarily (although I certainly don't claim to be an expert!).
> Even the most unobservant person will be able to compare and contrast
> a bit of Tempested kit that they are using day-in, day-out with the
> equivilent standard kit. Last I looked, the UK classification for
> Tempest was the same level as the canteen menu at the local Job
> Centre.


I disagree. Few have access to Tempest kit to make observations, other
than illustrations in manufacturers' brochures (which disclose little
other than the obvious). A few may work with such devices but almost
always in an environment where physical security confines their
interactions solely to use, not investigation. Virtually no one except
those related to the manufacturer or maintenance crews has a chance to
get "under the hood." Not for nothing are even the standards themselves
classified.




> <snip>
>
>> However, much of this is beside the point. While Tempest (emsec)
>> interceptions could concentrate on CPU processor (and related)
>> frequencies, most descriptions so far (including the original van
>> Eck paper) concentrate on peripherals, such as the CRT display.
>> Frequences here are standardized and independent of the CPU-related
>> frequencies. And we know that CRT emmissions are strong, strong
>> enough to have caused efforts (TUV, etc.) to reduce emissions for
>> health, rather than emsec reasons.
>
> CRT and keyboard both - the whole point is that you're trying to sniff
> data traffic, and any network information is going to be via fibre,
> which is itself protected to a greater or lesser degree.


Tapping fibre channels is very difficult but definitely possible (there
are even murky reports of TLAs regularly doing this for deeply submerged
transoceanic cables). However, in most business environments and
virtually all home environments the "last few feet" to the computer
itself are almost always copper cable, not fibre. There is no need for
high-tech fibre-tapping techniques; the copper cables sing like canaries!

And, yes, peripherals like keyboards and screens are very vulnerable.
And, reputedly, so are induced sugnals on things like power and telephone
lines. There are many potential avenues for Tempest (emsec) attacks.

However, the main protection against Tempest (especially for ordinary
users up to medium-security situations) is not that Tempest is not
feasible, but that it is not necessary. In almost every case there are
easier, cheaper, and less tedious ways of compromising security - the old
standby, the hardware keylogger, is one example.

Regards,











.