|
Tempest was the name of a classified (secret) U.S. government project to study (probably for the purpose of both exploiting and guarding against) the susceptibility of some computer and telecommunications devices to emit electromagnetic radiation (EMR) in a manner that can be used to reconstruct intelligible data. Tempest's name is believed to have been a code name used during development by the U. S. government in the late 1960s, but at a somewhat later stage, it became an acronym for Telecommunications Electronics Material Protected from Emanating Spurious Transmissions. Today, in military circles, the term has been officially supplanted by Emsec (for Emissions Security); however, the term Tempest is still widely used in the civilian arena. Exactly when it was first noticed that certain devices can emanate decipherable data is unclear. (The practice of monitoring and capturing such data is known as van Eck phreaking after the author of a formal paper on the subject.) Today, cathode ray tube (CRT) and to a lesser extent liquid crystal display (LCD) monitors, microchips, and composite devices such as printers and PCs all emit EMR into space or into some conductive medium (such as power lines, communications wires, or even water piping). The EMR that is emitted contains, to varying degrees, the information that the device is displaying, creating, storing, or transmitting. With the correct equipment and techniques, it is possible to reconstruct all or a substantial portion of that data. Some equipment is far more susceptible than others. For example, some US Robotics data/fax modems generate incredibly strong EMR when active, which can be read even by comparatively crude equipment. Wireless handsets and office speakerphones are other devices that generate extremely strong EMR signals. The range in which an eavesdropper can monitor emanations varies tremendously according to conditions. In most cases, the emanations can be picked up with proper equipment from a distance of around 200-300 meters. However, in some cases where a signal has been captured by a conductive medium (such as a power line), monitoring can occur over a distance of many kilometers. Monitoring devices include various kinds of sensitive receivers, which can monitor a wide range of frequencies, and a combination of hardware and software that is capable of processing the received signals into the original data. The data that is picked up is often corrupted by such things as external EMR interference, signal weakness over distances, and partial transmission. Advanced algorithms can help provide a more complete picture of the original information. Shielding of devices from EMR is achieved by a number of methods. The most sophisticated devices use advanced micro-components that have been designed from scratch to minimize Tempest emanations. Generally, shielding involves encompassing the device in a Faraday cage that does not permit stray emanations, along with special modifications to the power source. This usually involves a heavy metal case around an object. Tempest shielding also involves such issues as the design of a room and placement of equipment within it, to ensure that no information can escape. For individuals who wish to be more secure against Van Eck phreaking but cannot invest in this level of equipment, some software products recommend special displays that limit the effectiveness of monitoring of emanations from a CRT monitor. National Communications Security Committee Directive 4 sets U.S. Tempest (shielding) standards. The requirements are set out in document NACSIM 5100A, which is classified. Tempest certification for private sector usage is extremely expensive and, as a result, it has led to a newer standard, called ZONE, which is more cost effective, though somewhat less secure. Approved Tempest-shielded devices are classed into 3 categories. Type 1 is extremely secure and available only to the U.S. government and approved contractors, who must undergo strict vetting. Type 2 is somewhat less secure, but still requires government approval to use. Type 3 is for general commercial use. In the private arena, there are few individuals who are competent in Tempest technology. With only a handful of exceptions, the only qualifications of significance come from individuals who have served in either the military or intelligence communities and who have attended courses run and approved by the NSA, namely the ones held at Lackland Air Force Base, just outside San Antonio, Texas or at National Cryptologic School at Linthicum, Maryland. As a note of warning, there is nothing illegal in the U.S. in attempting to procure equipment that is Tempest-shielded, though some devices are classified and only obtainable to authorized entities. You are free (subject to patent law and FCC guidelines for spurious admissions) to make any modifications to equipment to shield them from attack. However, securing or attempting to secure surveillance devices is illegal and can subject all individuals involved to severe penalties. Even "scam" technology that is completely ineffective will get individuals into trouble, as the law relates also to intention. Full details are available at US Code / Title 18 - Crimes and Criminal Procedures / Part 1 - Crimes / Chapter 119, 2510 to 2521). The only exceptions to this are related to the military, intelligence agencies, and law enforcement bodies with court orders.