Most people in the security world have heard of TEMPEST systems, whether in reference to attacks that aim to eavesdrop on computer technology by sniffing the electromagnetic signals that leak from all computers or the defensive standard for foiling such attacks. But it’s not everyday that you can see a demo of the attack.
As he mentions on his blog, security researcher Markus Kuhn demonstrated the technology, creating a replica of the image shown on a monitor by reading the signals from a computer more than 75 feet away. Marcus gave a paper on this topic at the IEEE Security and Privacy Conference in Berkeley nearly 4 years ago, and it’s nice to see a working demo of the device, if virtually.
The origin of the term TEMPEST has suffered from severe telephone tag, with many variations out there. Here’s my try: “Tempest” started out life as an acronym in the 1960s for related signal intelligence activities, but quickly got co-opted as the basis for an acronym. The problem is that a variety of word jumbles have been cited as the basis for the acronym TEMPEST, the two most popular being: Telecommunications Electronics Material Protected from Emanating Spurious Transmissions and Transient Electromagnetic Pulse Emanation Standard.
Even the National Security Agency is vague about what forms the basis of the term. “TEMPEST is a short name referring to the investigation, study, and control of compromising emanations from telecommunications and automated information systems equipment,” the agency says on its site.
Military contractors have to pass a set of recommended standards developed by the NSA in order to comply with TEMPEST standards regarding electromagnetic signal leakage when selling equipment into sensitive applications.
A nod to SunBelt’s Blog for this.
0 responses so far ↓
There are no comments yet...Kick things off by filling out the form below.
You must log in to post a comment.