6

I recently watched a 1980s computer television programme about the problems of spying. Basically, they showed how anyone could buy relatively cheap and common hardware and then be able to sit outside a house, or drive around in a car, and receive the signals going from the computers to the monitors, or even generated by the electronics inside the computer, which leak out everywhere like radio signals, and get a somewhat foggy but fully readable visual representation of the text and/or images displayed currently on the screen.

They even drove by the bank district and were able to read all sorts of private information.

This was in the 1980s.

I never heard of this until a few years ago. It seems to still be the case except for ultra-expensive, special "TEMPEST" computers which no normal person can afford or even buy even if they can and want to shell out all that money!

One of the guys said:

Anyone who cares about their security has their computer inside a fully shielded building anyway.

Yeeeeeeeah... right. If I can't afford TEMPEST hardware, I most definitely cannot afford a "fully shielded building".

Later in the show, they finally showed some kind of mitigation technique. It was a cheap device which you flicked on and which would then generate garbage noise on the same frequencies, so that anyone listening nearby with their antenna pointed to my computer/apartment/house would just get garbage data. He also mentioned that it was specifically not illegal (as radio transmitters can be). But then nothing more was mentioned about it.

I wonder:

  1. Did that jammer thing actually work?
  2. Was it cheap/affordable?
  3. Why have I never heard of this critical security problem? I would never have dared to do countless things "in private" if I knew about this!
  4. Do all modern computers have such a jammer device built-in?
  5. Do modern computers in some other way prevent this from happening, or am I still wide open for anyone to just remotely read my screen from outside?!
  6. Where do I buy such a device today and is it necessary?
Deondrick
  • 61
  • 1
  • Hi Deondrick and welcome to Information Security SE! Can you provide some references to what you are referring to, or at the very least, the name of the TV program that you watched? – rink.attendant.6 May 05 '20 at 00:01
  • I believe he is referring to Van Eck Phreaking. I'd be interested in how this attack is mitigated too. – trallgorm May 05 '20 at 00:40
  • Signal jamming are *illegal* in many places. If you want to study it, I'd recommend you ask a lawyer about your local laws regarding signal jamming as get in contact with people licensed/certified/permitted to use signal jamming. You can also build your own at home (there are tutorials online) but using it in public can get you in trouble with the authorities. Be careful where you step. – ChocolateOverflow May 05 '20 at 04:28
  • "Show" - fiction or documentary? – schroeder May 05 '20 at 08:53

2 Answers2

1

Hollywood did, and does, a lot of things divorced from reality.

There was a lot of mostly smoke involving Tempest and Van Eck stuff back in the day. However, it was primarily dependent upon the use of an old CRT in text mode only. Even then, it only worked under nearly pristine laboratory conditions and at short range.

If you find yourself working on an old green screen in text only and see a truck with an eight foot antenna parked outside your window, just turn on your handy Tesla Coil and go about your business.

schroeder
  • 123,438
  • 55
  • 284
  • 319
user10216038
  • 7,552
  • 2
  • 16
  • 19
  • It's not just about some old CRT monitors. E.g. DVI & HDMI leaks signals that can be listened. It has some limitations, but is demonstrated: [TEMPESTSDR article on rtl-sdr.com](https://www.rtl-sdr.com/tempestsdr-a-sdr-tool-for-eavesdropping-on-computer-screens-via-unintentionally-radiated-rf/), [TEMPEST HDMI demo video by Oona Räisänen](https://youtu.be/BpNP9b3aIfY). – Esa Jokinen May 05 '20 at 05:00
  • @Esa Jokinen - Thank you for the references. They clearly demonstrate how nonsensical the concern is in the real world. Even artificially creating **G I A N T** text to orchestrate a signal to the big antenna in the next room, the results are poor. You could also make the monitor pulse out Morse code, but self sabotage is not the issue. – user10216038 May 05 '20 at 15:00
  • Yes. You can probably see what the person is doing on the computer but couldn't read the contents. In that sense one should be more worried about telescopes, as the monitor is emitting light. :) – Esa Jokinen May 05 '20 at 15:05
0

A jammer with your requirements would be impractical if you can't afford a shielded building. You don't need a fully shielded building though, you can just give your computer a tinfoil hat.

Your best bet is to use software that doesn't draw power or use some hardware in a way correlated to any secrets. For example, many modern block ciphers are designed to be innately resistant to cache timing attacks.

As others have mentioned all this is unnecessary because, even if they can, no one will actually perform those types of attacks. There is a reason why tinfoil hats are a symbol of insanity.

Nic
  • 236
  • 2
  • 8