Tempest Exposed

Several important and interesting security events took place during 2000. The RSA encryption patent expired, thereby opening the technology to everyone. In addition, the Advanced Encryption Standard (AES) was adopted to replace the Data Encryption Standard (DES) as the government's preferred encryption technology for the near future. In addition, the "ILoveYou" worm spread like wildfire, quite possibly infecting more systems than any worm before it. While the Web blossomed with e-commerce sites, black hats created Distributed Denial of Service (DDoS) tools that rendered those sites inaccessible for long time periods. And last, but not least, we had the pleasure of experiencing the dramatically over-hyped Y2K millennium bug, which turned out to be a relative nonevent for the vast majority.

But probably more interesting than all of those things was the exposure of the government-sanctioned spy technologies Carnivore and Tempest. Carnivore is a tool the FBI uses to capture packets off a network and reassemble those packets to determine the actual content. For example, Carnivore can capture and reassemble complete email messages. The FBI insists that Carnivore is a necessary investigation tool because of the diverse methods criminals use to hide their activity. However, privacy groups complain that Carnivore represents a huge risk to the privacy of innocent citizens whose data might be inadvertently (or intentionally) intercepted. As a result, the government allowed a team from the Illinois Institute of Technology Research Institute (IITRI) to examine Carnivore. However, the IITRI review didn't satisfy experts. They stated that the review was incomplete and that Carnivore creates a security risk on the system and network it runs on because of potential unchecked buffers and the fact that the software runs with system-level authority. If Carnivore were compromised, the system, and possibly the entire network, would be left exposed.

Tempest, on the other hand, is a similar beast with a different nature. It also gleans user data without the user's knowledge, but instead of gleaning data from a network connection, Tempest grabs its data as radio signals as those signals travel through the air. Tempest then reconstructs the signals so the data can be examined. For example, someone can place a Tempest unit outside your office and tune it to pick up the noise emanating from your monitor; your display is then replicated on the Tempest unit's display. In other words, an eavesdropper can view everything you view. Not only does Tempest work with signals from monitors, it can also intercept the radio noise emitted from a modem or most any device that isn't shielded to prevent its signals from straying.

Tempest units are available (although expensive) from a few vendors on the Internet; however, the US government has been quiet about the technology until recently. John Young, operator of the Cryptome Web site, has managed to obtain copies of Tempest-related documents through persistent application of the Freedom of Information Act (FOIA). If you're interested in some of the more extreme methods an intruder might use to obtain your data or how to guard against this type of intrusion, be sure to visit here to find Tempest-related information. Until next time, I wish you all a very happy new year and new millennium! Have a great week.

Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.