Re: Secure passwords?

"nemo_outis" <abc@xxxxxxx> wrote in message
news:Xns972B61FA75F27abcxyzcom@xxxxxxxxxxxx
> "Hairy One Kenobi" <abuse@[127.0.0.1]> wrote in
> news:eYvnf.75$G8.0@xxxxxxxxxxxxxxxxxxxx:
>
> >> >> The putative effects of interference are frequently overestimated.
> >> >> It is electronic child's play to filter interference and even,
> >> >> given the enormous redundancy in many signals, to extract
> >> >> information many decibels *below* the noise floor.
> >> >
> >> > "Child's play"? Gotta have a cite for that one.. admittedly, I'm
> >> > assuming that the box is somewhere close to the CRT and keyboard.

<much snippage>

> > And hardly the same level of complexity! Being able to integrate a
> > cuboid doesn't mean that you can provide a pure solution for, say, a
> > four-way partial differential equation
> >
> > Not that I'm saying it *can't* be done, of course - after all, aren't
> > weather forecasts 100% accurate? ;o)

> Instead, my differential equation solving
> usually deals with the nastier Navier-Stokes differential equations
> applicable to fluid dynamics. But, really, all this is beside the point;
> DEs have only a tangential bearing on the issues we're discussing.

If I hadn't covered them 20+ years ago in my first year of college, I'd
probably be very impressed with that statement ;o)

What can be neatly solved is used as examples, what can't (i.e. anything
other than special cases) takes either a helluva lot of computing power,
some dodgy graphs, or a bit of work with a La Place table. My Top Tip for
that one is "try not to be taught by the world expert in Nyquist plots" - La
Place saves hours of work, but (obviously) is only ever applicable on an
individual basis.

Oh, and if you think /that's/ hard, then just wait for the second year and
the stress analysis of statically-indeterminate structures..

> > Have to say that I can't really understand your problem, if you've
> > ever used such kit. Which may or may not be likely, based on simple
> > age - it's far more common these days to shield the building and use
> > off-the-shelf equipment, except for the higher-classification
> > networks. Even then, a small amount of proximity control goes an awful
> > long way.
>
> I've used 'em but only briefly - but I've never been under the hood in
> the sense of taking one apart (the lads there frowned on those taking
> such liberties :-)
>
> However,hubris is the vice the Greek gods punished most severely. It is
> unwise to believe that a nickel's worth of math, electronics, a
> tinkerer's enthusiasm, and a few parts suppliers' catalogues, can create
> good emsec shielding. There's just a little more to it than that.

You'd be surprised.. after all, what's actually inside the box is the same
as the semi-shielded version (I say "semi", because EM shielding has been a
requirement for a not inconsiderable time). All that's changed is the degree
of shielding, and materials technology is roughly constant throughout th
universe.

>And
> testing is f**king expensive - there are relatively few certified labs
> and even some Tempest builders outsource the testing rather than carry
> the expense and bother!

Hmm. Hadn't heard of anyone that /didn't/ outsource - and I can't imagine
that the DoD is /that/ more lax than the UK MoD in demanding independant
figures?

> As just one example, it is expensive and difficult to get the special
> metallic-deposition-layer glass used for emsec shielding where visibility
> is required (e.g., screens). The specialized manufacturers don't want to
> deal in small quantities and it's awkward to ship (including lots of
> paperwork if borders are crossed).
>
> Now, none of this says emsec shielding can't be done - it IS being done
> every day - has been for decades. But by *specialty* firms. If you
> need the technology there's no sense jacking around trying to cobble up
> these things oneself - just pony up the cash and buy one from Siemens or
> Cordsen or Emcom (the ones I've used) or whomever.
>
> But before you whip out your chequebook consider whether the not
> inconsiderable sums of money could be better spent on other aspects of
> your security - in almost all cases, unless you are as rich as Croesus,
> you will find yourself deferring the purchase of those Tempest toys.

I'm not entirely sure who you're arguing with at this point. After all, I've
already pointed out that it's been the general rule to shield buildings and
particlar enclosures, rather than buy specialised expensive kit. Maybe I
should have put a timeframe in there? How about "two decades" (true for the
UK, no idea about the US).

> Moving on to your comment on proximity control, I can only presume you
> have a Real Estate licence and are hoping to cash in. Increasing the
> distance by a factor of 10 only gives a 20 dB drop in signal strength; a
> distance factor of 100 gives 40 dB, 1000 give 60 dB, and 100,000 gives
> 100 dB! Most of us do not own hundreds of square miles of Nevada desert
> in order to get 100 dB signal reduction through "proximity control" - it
> is only a supplementary method that, in practice, might save you one
> zone.

Forgive me for saying, but that sounds like some reading from a set of
tables, rather than doing any calculations. You *do* know that dB is an
exponential unit, rather than linear? That each 3dB indicates a /halving/ in
signal level?

Measure your signal drop-off by taking your distance and applying the
inverse-square rule (as defined by Newton in the seventeenth century), then
take the base-10 logarithm and multiply by -10. Simple.

And, of course, largely irrelevant in the electronic Real World (which tends
to have variable permittivity, most of us not living in a complete vacuum
and all ;o)

Or is someone about to argue that taking a signal below
instrument-detectable levels and then dropping it by another order of
magnitude is somehow useful?

Remember, with a simple 400m distance (not a magic number - just thinking of
a particular building) you're talking a 52dB attenuation (assuming that
pesky vacuum) - i.e. you're signal has dropped to 0.000625% of what you were
previously looking at. If you also assume that no establishment with guards
that aren't utterly brain-dead will let you lurk within 100m of the wire
with a suitcaseful of dodgy electronics, then that drops still further, to 4
tenths of a thousandth of a percent.

H1K

P.S. Almost forgot - if you're not willing to order leaded glass from
someone like Pilkington, then it's perfectly possible to buy self-adhesive
gold film off-the-shelf and make you're own, as in the A6 Queer (apologies
to anyone of that disposition - can't remember the official aircraft
designation!)


.

Relevant Pages

  • Re: How do you get home after the big Zap?
    ... Electronics can be shielded, but in fact little of it is. ... Or zapped by their own EMP, name one that isn't deeply into ... several hundred feet of shielding. ... but the control circuit on the heater/A/C would be gone. ...
    (rec.outdoors.rv-travel)
  • Re: HPM weapons
    ... strips may be something like GaAs or possibly amorphous diamond. ... Each tile apparently has a dc/dc converter and a storage capacitor. ... or fry the electronics of an enemy plane or incoming missile. ... "shielding" is measured in DB of attenuation,it's not a total block of the ...
    (sci.electronics.design)
  • Re: A Bass In Bali -- Quiet Electronics
    ... is "60 cycle" hum, actually much higher but you know the sort. ... This is almost certainly due to a poorly shielded electronics cavity. ... What you need is some copper foil shielding or shielding paint. ... I might try wrapping the bridge pickup in metal, ...
    (alt.guitar.bass)
  • Re: Fender Jazz bass earth
    ... On most basses _YOU_ are a big part of the shielding. ... That ground strap, that you speak of, is just used to connect the strings to the ground side of the ... I've never bought a bass ... Time Electronics. ...
    (alt.guitar.bass)