TUCoPS :: Hardware Hacks :: teapot.txt

TEMPEST in a Teapot

                              TEMPEST IN A TEAPOT
   A note discussing the prevention of electromagnetic eavesdropping of
   personal computers.
   Grady Ward (grady@netcom.com)
   public key verification by PK server, finger, or by request
   Version 1.0 22 March 93
   TEMPEST is the code name for technology related to limiting unwanted
   electromagnetic emissions from data processing and related equipment.
   Its goal is to limit an opponent's capability to collect information
   about the internal data flow of computer equipment. Most information
   concerning TEMPEST specifications is classified by the United States
   Government and is not available for use by its citizens.
   The reason why TEMPEST technology is particularly important for
   computers and other data processing equipment is the kinds of signals
   components in a computer use to talk to each other ("square waves")
   and their clock speeds (measured in megahertz) produce a particularly
   rich set of unintentional signals in a wide portion of the
   electromagnetic spectrum. Because the spurious emissions occupy so
   wide a portion of that spectrum, technologies used to block one
   portion of the spectrum (as pulling the shades closed on a window to
   stop the visible light portion) are not necessarily effective in
   another portion.
   Unintentional emissions from a computer system can be captured and
   processed to reveal information about the target systems from simple
   levels of activity to even remotely copying keystrokes or capturing
   monitor information. It is speculated that poorly protected systems
   can be effectively monitored up to the order of one kilometer from the
   target equipment.
   This note will examine some practical aspects of reducing the
   susceptibility of your personal computer equipment to remote
   monitoring using easily-installed, widely available after-market

   One way of looking at TEMPEST from the lay person's point-of-view is
   that it is virtually identical to the problem of preventing
   electromagnetic interference ("EMI") by your computer system to
   others' radios, televisions, or other consumer electronics. That is,
   preventing the emission of wide-band radio "hash" from your computers,
   cabling, and peripherals both prevents interference to you and your
   neighbors television set and limits the useful signal available to a
   person surreptitiously monitoring.
   Viewing the problem in this light, there are quite a few useful
   documents available form the government and elsewhere attacking this
   problem and providing a wealth of practical solutions and resources.
   Very useful for the lay person are:
   Radio Frequency Interference: How to Find It and Fix It. Ed Hare,
          KA1CV and Robert Schetgen, KU7G, editors
   The American Radio Relay League, Newington , CT
   ISBN 0-87259-375-4 (c) 1991, second printing 1992
   Federal Communications Commission Interference Handbook (1991)
   FCC Consumers Assistance Branch
   Gettysburg, PA 17326
   MIL-STD-188-124B in preparation
   (includes information on military shielding of tactical communications
   Superintendent of Documents
   US Government Printing Office
   Washington, DC 20402
   Information on shielding a particular piece of consumer electronic
   equipment may be available from the:
   Electronic Industries Association (EIA)
   2001 Pennsylvania Ave NW
   Washington, DC 20006
   Preventing unintended electromagnetic emissions is a relative term. It
   is not feasible to reduce to zero all unintended emissions. My
   personal goal, for example, might be to reduce the amount and quality
   of spurious emission until the monitoring van a kilometer away would
   have to be in my front yard before it could effectively eavesdrop on
   my computer. Apartment dwellers with unknown neighbors only inches
   away (through a wall) might want to even more carefully adopt as many
   of the following suggestions as possible since signal available for
   detection decreases as approximately the inverse square of the
   distance from the monitoring equipment to your computer.

  Start with computer equipment that meets modern standards for emission.
   In the United States, the "quietest" standard for computers and
   peripherals is known as the "class B" level. (Class A level is a less
   stringent standard for computers to be use in a business
   You want to verify that all computers and peripherals you use meet the
   class B standard which permits only one-tenth the power of spurious
   emissions than the class A standard. If you already own computer
   equipment with an FCC ID, you can find out which standard applies.
   Contact the FCC Consumers Assistance Branch at 1-717-337-1212 for
   details in accessing their database.
   Once you own good equipment, follow the manufacturer's recommendations
   for preserving the shielding integrity of the system. Don't operated
   the system with the cover off and keep "slot covers" in the back of
   the computer in place.

  Use only shielded cable for all system interconnections.
   A shielded cable surrounds the core of control wires with a metal
   braid or foil to keep signals confined to that core. In the late
   seventies it was common to use unshielded cable such as "ribbon" cable
   to connect the computer with, say, a diskette drive. Unshielded cable
   acts just like an antenna for signals generated by your computer and
   peripherals. Most computer manufacturer supply shielded cable for use
   with their computers in order to meet FCC standards. Cables bought
   from third-parties are an unknown and should be avoided (unless you
   are willing to take one apart to see for yourself!)
   Try to avoid a "rat's nest" of wire and cabling behind your equipment
   and by keeping all cables as short as possible. You want to reduced
   the length of unintended antennas and to more easily predict the
   likely paths of electric and magnetic coupling from cable to cable so
   that it can be more effectively filtered.

  Block radiation from the power cord(s) into the house wiring.
   Most computers have an EMI filter built into their body where the AC
   line cord enters the power supply. This filter is generally
   insufficient to prevent substantial re-radiation of EMI voltages back
   into the power wiring of your house and neighborhood. To reduce the
   power retransmitted down the AC power cords of your equipment, plug
   them in to special EMI filters that are in turn plugged into the wall
   socket. I use a model 475-3 overvoltage and EMI filter manufactured by
   Industrial Communication Engineers, Ltd.
   P.O. Box 18495
   Indianapolis, IN 46218-0495
   ask for their package of free information sheets
   (AC and other filters mentioned in this note are available from a wide
   variety of sources including, for example, Radio Shack. I am
   enthusiastic about ICE because of the "over-designed" quality of their
   equipment. Standard disclaimers apply.)
   This particular filter from ICE is specified to reduce retransmission
   of EMI by a factor of at least 1000 in its high-frequency design
   range. Although ideally every computer component using an AC line cord
   ought to be filtered, it is especially important for the monitor and
   computer CPU to be filtered in this manner as the most useful
   information available to opponents is believed to come from these

  Block retransmitted information from entering your fax/modem or telephone
   Telephone line is generally very poorly shielded. EMI from your
   computer can be retransmitted directly into the phone line through
   your modem or can be unintentionally picked up by the magnetic portion
   of the EMI spectrum through magnetic induction from power supplies or
   the yoke of your cathode ray tube "CRT" monitor.
   To prevent direct retransmission, EMI filters are specifically
   designed for modular telephone jacks to mount at the telephone or
   modem, and for mounting directly at the service entrance to the house.
   Sources of well-designed telephone-line filter products include ICE
   (address above) and
   Box 82
   Randolph, OH 44265
   Your phone company or telephone manufacturer may be able to supply you
   with free modular filters, although the design frequencies of these
   filters may not be high enough to be effective through much of the EMI
   spectrum of interest. Keep telephone lines away from power supplies of
   computers or peripherals and the rear of CRTs: the magnetic field
   often associated with those device can inductively transfer to
   unshielded lines just as if the telephone line were directly
   electrically connected to them. Since this kind of coupling decreases
   rapidly with distance, this kind of magnetic induction can be
   virtually eliminated by keeping as much distance (several feet or
   more) as possible between the power supply/monitor yoke and cabling.

  Use ferrite toroids and split beads to prevent EMI from escaping on the
  surface of your cables.
   Ferrites are magnetic materials that, for certain ranges of EMI
   frequencies, attenuate the EMI by causing it to spend itself in heat
   in the material rather than continuing down the cable. They can be
   applied without cutting the cable by snapping together a "split bead"
   form over a thick cable such as a power cord or by threading thinner
   cable such as telephone several times around the donut-shaped ferrite
   form. Every cable leaving your monitor, computer, mouse, keyboard, and
   other computer peripherals should have at least one ferrite core
   attentuator. Don't forget the telephone lines from your fax, modem,
   telephone or the unshielded DC power cord to your modem. Ferrites are
   applied as close to the EMI emitting device as possible so as to
   afford the least amount of cable that can act as an antenna for the
   Good sources for ferrite split beads and toroids include
   Amidon Associates, Inc.
   P.O. Box 956
   Torrance, CA 90508
   (ask for their free information sheet)
   Palomar Engineers
   P.O. Box 462222
   Escondido, CA 92046
   (ask for their free RFI information sheet)
   and Radio Shack.

  Other practical remedies.
   Other remedies that are somewhat more difficult to correctly apply
   include providing a good EMI "ground" shield for your computer
   equipment and other more intrusive filters such as bypass capacitor
   You probably ought not to think about adding bypass capacitors unless
   you are familiar with electronic circuits and digital design. While
   quite effective, added improperly to the motherboard or cabling of a
   computer they can "smooth out" the square wave digital waveform --
   perhaps to the extent that signals are interpreted erroneously causing
   mysterious "crashes" of your system. In other cases, bypass capacitors
   can cause unwanted parasitic] oscillation on the transistorized output
   drivers of certain circuits which could damage or destroy those
   circuits in the computer or peripherals. Also, unlike ferrite toroids,
   adding capacitors requires actually physically splicing them in or
   soldering them into circuits. This opens up the possibility of
   electric shock, damage to other electronic components or voiding the
   warranty on the computer equipment.
   A good EMI ground is difficult to achieve. Unlike an electrical safety
   ground, such as the third wire in a three-wire AC power system, the
   EMI ground must operate effectively over a much wider part of the EMI
   spectrum. This effectiveness is related to a quality known as
   electrical impedance. You desire to reduce the impedance to as low a
   value as possible over the entire range of EMI frequencies.
   Unlike the AC safety ground, important factors in achieving low
   impedance include having as short a lead from the equipment to a good
   EMI earth ground as possible (must be just a few feet); the gauge of
   the connecting lead (the best EMI ground lead is not wire but woven
   grounding "strap" or wide copper flashing sheets; and the physical
   coupling of the EMI into the actual earth ground. An 8 ft.
   copper-plated ground may be fine for AC safety ground, but may present
   appreciable impedance resistance to an EMI voltage. Much better would
   be to connect a network of six to eight copper pipes arranged in a
   six-foot diameter circle driven in a foot or two into the ground,
   electrically bonded together with heavy ground strap and connected to
   the equipment to be grounded via a short (at most, several feet),
   heavy (at least 3/4-1" wide) ground strap.
   If you can achieve a good EMI ground, then further shielding
   possibilities open up for you such as surrounding your monitor and
   computer equipment in a wire-screen Faraday cage. You want to use mesh
   rather than solid sheet because you must preserve the free flow of
   cooling air to your equipment. Buy aluminum (not nylon) screen netting
   at your local hardware store. This netting typically comes in rolls
   36" wide by several feet long. Completely surround your equipment you
   want to reduce the EMI being careful to make good electrical bonds
   between the different panels of netting and your good earth ground. I
   use stainless steel nuts, bolts, and lock washers along with special
   non-oxidizing electrical paste (available from Electrical contractors
   supply houses or from ICE) to secure my ground strapping to my net
   "cages". A good Faraday cage will add several orders of magnitude of
   EMI attenuation to your system.

  Checking the effectiveness of your work.
   It is easy to get a general feeling about the effectiveness of your
   EMI shielding work with an ordinary portable AM radio. Bring it very
   close to the body of your computer and its cables in turn. Ideally,
   you should not hear an increased level of static. If you do hear
   relatively more at one cable than at another, apply more ferrite split
   beads or obtain better shielded cable for this component. The practice
   of determining what kind of operating system code is executing by
   listening to a nearby AM radio is definitely obsolete for an
   well-shielded EMI-proof system!
   To get an idea of the power and scope of your magnetic field
   emissions, an ordinary compass is quite sensitive in detecting fields.
   Bring a compass within a few inches of the back of your monitor and
   see whether it is deflected. Notice that the amount of deflection
   decreases rapidly with distance. You want to keep cables away from
   magnetic sources about as far as required not to see an appreciable
   deflection on the compass.

   If you start with good, shielded equipment that has passed the FCC
   level B emission standard then you are off to a great start. You may
   even be able to do even better with stock OEM equipment by specifying
   "low-emission" monitors that have recently come on the market in
   response to consumer fears of extremely low frequency ("ELF") and
   other electromagnetic radiation. Consistently use shielded cables,
   apply filtering and ferrite toroids to all cabling entering or leaving
   your computer equipment. Finally, consider a good EMI ground and
   Faraday cages. Beyond this there are even more effective means of
   confining the electrical and magnetic components of your system
   through the use of copper foil adhesive tapes, conductive paint
   sprays, "mu metal" and other less common components.
   Copyright (c) 1993 by Grady Ward. All Rights Reserved.
   Permission is granted for free electronic distribution.

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH