T.E.M.P.E.S.T ?

  • Profile:

  • At first blush 'TEMPEST' seems like the collective nightmare of every security specialist and privacy activist on the globe. A system to monitor the activity of a computer by the radiation it releases. No way to detect it. No way to stop it. Fortunately this image of TEMPEST as the perfect surveillance technology is far from the mark. While its true that running voltage through a conductor generates an RF field, and that with the correct receiver these RF fields can be intercepted and demodulated in order to eavesdrop on computer data, a hundred dollars of Radio Shack parts will not make a functional emmissions monitor.

    TEMPEST isn't a monitoring system at all. TEMPEST is the US Government's program to reduce the threat posed by emmissions.

  • Detection:

  • Because emmissions surveillance is a passive monitoring technique, detecting it is just about impossible. It is possible however to determine how vulnerable a computer is to emmissions monitoring by measuring the amount of ELF radiation it emits. This can be acomplished via the use of a field-strength meter or magnometer.

  • Countermeasures:

  • Shielding against emmissions monitors is a well established countermeasure. Shielding for equipment and entire rooms and buildings is available for purchase (prices are exhorbitant), or may be improvised.

    Improvised emmissions shielding can follow one of two paths, hardening equipment and hardening the entire area. Hardening the area would involve dampening all electromagnetic radiation in the area regardless of where it came from, while equipment specific hardening absorbs only radiation from specific items. Hardening involves surrounding the entire device or area with material that will reflect or (more likely) absorb electromagnetic radiation. Most expediant hardening techniqes take the form of a metal covering attached to an earth ground.

    The effectiveness of EMI shielding is measured in decibels of attenuation. The higher the dB of attenuation, the more effective the shield. Attenuation is tested by checking the strength of a transmission signal 'in the clear', and then placing the transmitter inside the shield and checking received strength again. The ratio of signal strengths in the clear vs. through the shield provide the level of attenuation in dB.

    * Jamming: Jamming TEMPEST might be a possibility. Generating digital noise from 55-245 MHz should theoretically overwhelm TEMPEST receivers.

    * TEMPEST Viewers: Newer versions of PGP offer an option to view text in a window that claims to make TEMPEST monitoring more difficult by reducing the RF radiated.

  • Other TEMPEST Resources:

  • Despite sporadic updates, Joel M maintains an excellent and absolutely comprehensive site on TEMPEST technology.

    US Army Engineer Corps TEMPEST/EMP Hardening Manuals:

    Chomerics manufactures EMI damping materials.

  • Alternatives to Emmissions Monitoring

  • Emmissions monitoring is expensive and complicated. There are cheaper and simpler ways to siphon data off remote computers. Several remote administration programs exist that will output the contents of a computer monitor to a remote screen. The BO Peep Back Orifice 2000 plugin allows realtime monitoring of target computer screens. Port monitors are available for Windows systems that will monitor and log all serial and parallel port activity.

    EMSEC shielding will have no effect on the above eavesdropping methods. They can be countered using counter trojan techniques.

    Telecommunications Electronics Material Protected From Emanating Spurious Transmissions?

    Transient ElectroMagnetic Pulse Emanation Standard?

    Transient Electromagnetic Pulse Surveillance Technology?

    Transient Emanations Protected From Emanating Spurious Transmissions?

    Transient Electromagnetic Pulse Emanation Standard?

    Telecommunications EMission Security STandards?

    Whether TEMPEST is an accronym or not is a subject of some debate, as no official declaration has even been made about it's meaning