TEMPEST IN A TEAPOT
A note discussing the prevention of electromagnetic eavesdropping of
personal computers.
Grady Ward (grady@netcom.com)
public key verification by PK server, finger, or by request
Version 1.0 22 March 93
_________________________________________________________________
_________________________________________________________________
TEMPEST is the code name for technology related to limiting unwanted
electromagnetic emissions from data processing and related equipment.
Its goal is to limit an opponent's capability to collect information
about the internal data flow of computer equipment. Most information
concerning TEMPEST specifications is classified by the United States
Government and is not available for use by its citizens.
The reason why TEMPEST technology is particularly important for
computers and other data processing equipment is the kinds of signals
components in a computer use to talk to each other ("square waves")
and their clock speeds (measured in megahertz) produce a particularly
rich set of unintentional signals in a wide portion of the
electromagnetic spectrum. Because the spurious emissions occupy so
wide a portion of that spectrum, technologies used to block one
portion of the spectrum (as pulling the shades closed on a window to
stop the visible light portion) are not necessarily effective in
another portion.
Unintentional emissions from a computer system can be captured and
processed to reveal information about the target systems from simple
levels of activity to even remotely copying keystrokes or capturing
monitor information. It is speculated that poorly protected systems
can be effectively monitored up to the order of one kilometer from the
target equipment.
This note will examine some practical aspects of reducing the
susceptibility of your personal computer equipment to remote
monitoring using easily-installed, widely available after-market
components.
_________________________________________________________________
I
One way of looking at TEMPEST from the lay person's point-of-view is
that it is virtually identical to the problem of preventing
electromagnetic interference ("EMI") by your computer system to
others' radios, televisions, or other consumer electronics. That is,
preventing the emission of wide-band radio "hash" from your computers,
cabling, and peripherals both prevents interference to you and your
neighbors television set and limits the useful signal available to a
person surreptitiously monitoring.
Viewing the problem in this light, there are quite a few useful
documents available form the government and elsewhere attacking this
problem and providing a wealth of practical solutions and resources.
Very useful for the lay person are:
Radio Frequency Interference: How to Find It and Fix It. Ed Hare,
KA1CV and Robert Schetgen, KU7G, editors
The American Radio Relay League, Newington , CT
ISBN 0-87259-375-4 (c) 1991, second printing 1992
Federal Communications Commission Interference Handbook (1991)
FCC Consumers Assistance Branch
Gettysburg, PA 17326
717-337-1212
and
MIL-STD-188-124B in preparation
(includes information on military shielding of tactical communications
systems)
Superintendent of Documents
US Government Printing Office
Washington, DC 20402
202-783-3238
Information on shielding a particular piece of consumer electronic
equipment may be available from the:
Electronic Industries Association (EIA)
2001 Pennsylvania Ave NW
Washington, DC 20006
Preventing unintended electromagnetic emissions is a relative term. It
is not feasible to reduce to zero all unintended emissions. My
personal goal, for example, might be to reduce the amount and quality
of spurious emission until the monitoring van a kilometer away would
have to be in my front yard before it could effectively eavesdrop on
my computer. Apartment dwellers with unknown neighbors only inches
away (through a wall) might want to even more carefully adopt as many
of the following suggestions as possible since signal available for
detection decreases as approximately the inverse square of the
distance from the monitoring equipment to your computer.
_________________________________________________________________
II
Start with computer equipment that meets modern standards for emission.
In the United States, the "quietest" standard for computers and
peripherals is known as the "class B" level. (Class A level is a less
stringent standard for computers to be use in a business
environment.).
You want to verify that all computers and peripherals you use meet the
class B standard which permits only one-tenth the power of spurious
emissions than the class A standard. If you already own computer
equipment with an FCC ID, you can find out which standard applies.
Contact the FCC Consumers Assistance Branch at 1-717-337-1212 for
details in accessing their database.
Once you own good equipment, follow the manufacturer's recommendations
for preserving the shielding integrity of the system. Don't operated
the system with the cover off and keep "slot covers" in the back of
the computer in place.
_________________________________________________________________
III
Use only shielded cable for all system interconnections.
A shielded cable surrounds the core of control wires with a metal
braid or foil to keep signals confined to that core. In the late
seventies it was common to use unshielded cable such as "ribbon" cable
to connect the computer with, say, a diskette drive. Unshielded cable
acts just like an antenna for signals generated by your computer and
peripherals. Most computer manufacturer supply shielded cable for use
with their computers in order to meet FCC standards. Cables bought
from third-parties are an unknown and should be avoided (unless you
are willing to take one apart to see for yourself!)
Try to avoid a "rat's nest" of wire and cabling behind your equipment
and by keeping all cables as short as possible. You want to reduced
the length of unintended antennas and to more easily predict the
likely paths of electric and magnetic coupling from cable to cable so
that it can be more effectively filtered.
_________________________________________________________________
IV
Block radiation from the power cord(s) into the house wiring.
Most computers have an EMI filter built into their body where the AC
line cord enters the power supply. This filter is generally
insufficient to prevent substantial re-radiation of EMI voltages back
into the power wiring of your house and neighborhood. To reduce the
power retransmitted down the AC power cords of your equipment, plug
them in to special EMI filters that are in turn plugged into the wall
socket. I use a model 475-3 overvoltage and EMI filter manufactured by
Industrial Communication Engineers, Ltd.
P.O. Box 18495
Indianapolis, IN 46218-0495
1-800-ICE-COMM
ask for their package of free information sheets
(AC and other filters mentioned in this note are available from a wide
variety of sources including, for example, Radio Shack. I am
enthusiastic about ICE because of the "over-designed" quality of their
equipment. Standard disclaimers apply.)
This particular filter from ICE is specified to reduce retransmission
of EMI by a factor of at least 1000 in its high-frequency design
range. Although ideally every computer component using an AC line cord
ought to be filtered, it is especially important for the monitor and
computer CPU to be filtered in this manner as the most useful
information available to opponents is believed to come from these
sources.
_________________________________________________________________
V
Block retransmitted information from entering your fax/modem or telephone
line.
Telephone line is generally very poorly shielded. EMI from your
computer can be retransmitted directly into the phone line through
your modem or can be unintentionally picked up by the magnetic portion
of the EMI spectrum through magnetic induction from power supplies or
the yoke of your cathode ray tube "CRT" monitor.
To prevent direct retransmission, EMI filters are specifically
designed for modular telephone jacks to mount at the telephone or
modem, and for mounting directly at the service entrance to the house.
Sources of well-designed telephone-line filter products include ICE
(address above) and
K-COM
Box 82
Randolph, OH 44265
216-325-2110
Your phone company or telephone manufacturer may be able to supply you
with free modular filters, although the design frequencies of these
filters may not be high enough to be effective through much of the EMI
spectrum of interest. Keep telephone lines away from power supplies of
computers or peripherals and the rear of CRTs: the magnetic field
often associated with those device can inductively transfer to
unshielded lines just as if the telephone line were directly
electrically connected to them. Since this kind of coupling decreases
rapidly with distance, this kind of magnetic induction can be
virtually eliminated by keeping as much distance (several feet or
more) as possible between the power supply/monitor yoke and cabling.
_________________________________________________________________
VI
Use ferrite toroids and split beads to prevent EMI from escaping on the
surface of your cables.
Ferrites are magnetic materials that, for certain ranges of EMI
frequencies, attenuate the EMI by causing it to spend itself in heat
in the material rather than continuing down the cable. They can be
applied without cutting the cable by snapping together a "split bead"
form over a thick cable such as a power cord or by threading thinner
cable such as telephone several times around the donut-shaped ferrite
form. Every cable leaving your monitor, computer, mouse, keyboard, and
other computer peripherals should have at least one ferrite core
attentuator. Don't forget the telephone lines from your fax, modem,
telephone or the unshielded DC power cord to your modem. Ferrites are
applied as close to the EMI emitting device as possible so as to
afford the least amount of cable that can act as an antenna for the
EMI.
Good sources for ferrite split beads and toroids include
Amidon Associates, Inc.
P.O. Box 956
Torrance, CA 90508
310-763-5770
(ask for their free information sheet)
Palomar Engineers
P.O. Box 462222
Escondido, CA 92046
619-747-3343
(ask for their free RFI information sheet)
and Radio Shack.
_________________________________________________________________
VII
Other practical remedies.
Other remedies that are somewhat more difficult to correctly apply
include providing a good EMI "ground" shield for your computer
equipment and other more intrusive filters such as bypass capacitor
filters.
You probably ought not to think about adding bypass capacitors unless
you are familiar with electronic circuits and digital design. While
quite effective, added improperly to the motherboard or cabling of a
computer they can "smooth out" the square wave digital waveform --
perhaps to the extent that signals are interpreted erroneously causing
mysterious "crashes" of your system. In other cases, bypass capacitors
can cause unwanted parasitic] oscillation on the transistorized output
drivers of certain circuits which could damage or destroy those
circuits in the computer or peripherals. Also, unlike ferrite toroids,
adding capacitors requires actually physically splicing them in or
soldering them into circuits. This opens up the possibility of
electric shock, damage to other electronic components or voiding the
warranty on the computer equipment.
A good EMI ground is difficult to achieve. Unlike an electrical safety
ground, such as the third wire in a three-wire AC power system, the
EMI ground must operate effectively over a much wider part of the EMI
spectrum. This effectiveness is related to a quality known as
electrical impedance. You desire to reduce the impedance to as low a
value as possible over the entire range of EMI frequencies.
Unlike the AC safety ground, important factors in achieving low
impedance include having as short a lead from the equipment to a good
EMI earth ground as possible (must be just a few feet); the gauge of
the connecting lead (the best EMI ground lead is not wire but woven
grounding "strap" or wide copper flashing sheets; and the physical
coupling of the EMI into the actual earth ground. An 8 ft.
copper-plated ground may be fine for AC safety ground, but may present
appreciable impedance resistance to an EMI voltage. Much better would
be to connect a network of six to eight copper pipes arranged in a
six-foot diameter circle driven in a foot or two into the ground,
electrically bonded together with heavy ground strap and connected to
the equipment to be grounded via a short (at most, several feet),
heavy (at least 3/4-1" wide) ground strap.
If you can achieve a good EMI ground, then further shielding
possibilities open up for you such as surrounding your monitor and
computer equipment in a wire-screen Faraday cage. You want to use mesh
rather than solid sheet because you must preserve the free flow of
cooling air to your equipment. Buy aluminum (not nylon) screen netting
at your local hardware store. This netting typically comes in rolls
36" wide by several feet long. Completely surround your equipment you
want to reduce the EMI being careful to make good electrical bonds
between the different panels of netting and your good earth ground. I
use stainless steel nuts, bolts, and lock washers along with special
non-oxidizing electrical paste (available from Electrical contractors
supply houses or from ICE) to secure my ground strapping to my net
"cages". A good Faraday cage will add several orders of magnitude of
EMI attenuation to your system.
_________________________________________________________________
VIII
Checking the effectiveness of your work.
It is easy to get a general feeling about the effectiveness of your
EMI shielding work with an ordinary portable AM radio. Bring it very
close to the body of your computer and its cables in turn. Ideally,
you should not hear an increased level of static. If you do hear
relatively more at one cable than at another, apply more ferrite split
beads or obtain better shielded cable for this component. The practice
of determining what kind of operating system code is executing by
listening to a nearby AM radio is definitely obsolete for an
well-shielded EMI-proof system!
To get an idea of the power and scope of your magnetic field
emissions, an ordinary compass is quite sensitive in detecting fields.
Bring a compass within a few inches of the back of your monitor and
see whether it is deflected. Notice that the amount of deflection
decreases rapidly with distance. You want to keep cables away from
magnetic sources about as far as required not to see an appreciable
deflection on the compass.
_________________________________________________________________
VIIII
Summary
If you start with good, shielded equipment that has passed the FCC
level B emission standard then you are off to a great start. You may
even be able to do even better with stock OEM equipment by specifying
"low-emission" monitors that have recently come on the market in
response to consumer fears of extremely low frequency ("ELF") and
other electromagnetic radiation. Consistently use shielded cables,
apply filtering and ferrite toroids to all cabling entering or leaving
your computer equipment. Finally, consider a good EMI ground and
Faraday cages. Beyond this there are even more effective means of
confining the electrical and magnetic components of your system
through the use of copper foil adhesive tapes, conductive paint
sprays, "mu metal" and other less common components.
Copyright (c) 1993 by Grady Ward. All Rights Reserved.
Permission is granted for free electronic distribution.
TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2025 AOH
