![[identity profile]](https://www.dreamwidth.org/img/silk/identity/openid.png){kind=small}
![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
Bruce Schneier points to a paper on keyboard sniffing by detecting crosstalk between poorly shielded keyboard cables and power lines. He also observes that the NSA has known about this principle for decades.
What I want to know is, why haven’t we switched to optical interconnect cables yet? Component-stereo CD changers have had digital-optical outputs for over ten years now, and the home audio industry is hardly known for leading the field in interconnect technology. Mice, keyboards — heck, ALL HIDs — monitors, external disks, even powered computer speakers: they could all easily use optical-fiber data connections. Many devices would still need power, of course, but the low levels of power required by devices that don’t already have their own separate power supply could be carried on a braid layer around the fiber. Most speeds of what we’re still calling Ethernet can already run over fiber. There’s no technical reason why we should be using copper cables any more for anything except supplying power — and copper is becoming expensive enough that it was actually cost-effective for thieves to steal 45km of undersea Internet cable from the seabed off Korea in order to sell it as scrap. Even telephony devices run over copper only because telephones have historically been line-powered devices and the installed base is too huge to easily change.
Make sure computer cases are properly shielded and power supplies back-filtered to prevent feeding RFI back into their own power lines, and we could probably virtually eliminate RFI emissions from computers except for the display — and as a bonus, it would reduce their susceptibility to RFI and crosstalk. (Even with magnetically-shielded computer speakers, I’ve had crosstalk issues when a monitor cable passes a few inches too close to a powerful speaker.)
Reason says it ought to be possible to RFI-shield flat-panel displays too. (Perhaps a transparent conductive coating on one of the face layers?)
no subject
Basically, where they can get noticeable differences in voltages from your ground leg, they're going to be able to intercept. Power and Ground voltage filtering would help this greatly. I wonder if a capacitor attached to your ground lead would dampen the square waves that the keyboards send. Where the grounds aren't easy to get to, one could have a problem. But even a house has external faucets and outlets where one could run a tap line to.
I guess filtering the ground (you can't isolate it) at the power connection would help too.
no subject
On a tempest rated computer everything is shielded or filtered. The power had a large filter section for the AC before it's fed to the supply. The vents used honeycomb shields. If data had to be sent from the computer to somewhere else it either got hand carried on a disk or the computer was hooked by shielded cable to an encryption device that would encrypt it and send it safely on it's way.
The cases have extra space for all the filters. Any part of it that opened to the outside had an RF gasket.
The concept of red/black is that red is unencrypted and had to be in a shielded and protected machine/area, black is encrypted and can go wherever you want.
no subject
Duh
The reason we've not tightened up everything is two fold. It's horribly expensive to design a system to pass even the low end of the Tempest emission specification. You must design a computer as a system. Parts would have to be exactly identical with zero substitutions allowed. You can't just slap a new monitor or new harddrive in it. For some equipment there was an approved parts list so substitutions were allowed, they only did that level of testing on critical infrastructure stuff not PCs.
Grid Systems laptop the military used at one time had such in front of the old monochrome electroluminescent display. It used a metal case with a grid of fine copper woven wire to prevent emissions from the display. It cost 12,000$ in the 80s for the version with maximum ram and the better display which only gave you a crisper image not higher resolution.
I had an old IBM Tempest case and have used the Grid, IBM and Zenith Tempest rated PC's. I love the display on the Grid laptop.
http://en.wikipedia.org/wiki/Grid_Compass_1100
http://en.wikipedia.org/wiki/TEMPEST
If you exploiting this back door you doing
http://en.wikipedia.org/wiki/Van_Eck_phreaking
Re: Duh
I don't think anyone's suggesting Tempest is new. The new wrinkle here is the idea of monitoring the power lines elsewhere in the building to directly sniff the keyboard by detecting current spikes induced by the keyboard cable.
Re: Duh
It's not a new wrinkle. Tempest tested for that and the keyboard cable and keyboard itself were shielded. I had the keyboard with that case. It was a 10 pound blunt force weapon with key clicks that would wake the dead.
I Remember the Grid
no subject
Unless someone makes one of those fancy schmancy optical thingummies for a Model M, I'm not giving up my buckly-springs!