Monday, November 03, 2008


The walls have (RF) ears

The BBC reports on some research by a Swiss team, wherein they determined what was being typed on computer keyboards by analyzing their radio-frequency emanations:

Computer criminals could soon be eavesdropping on what you type by analysing the electromagnetic signals produced by every key press. By analysing the signals produced by keystrokes, Swiss researchers have reproduced what a target typed. The security researchers have developed four attacks that work on a wide variety of computer keyboards. The results led the researchers to declare keyboards were “not safe to transmit sensitive information”.
And note that we’re talking, here, about wired keyboards (ones that plug in with PS/2 or USB connectors), not Bluetooth keyboards or other wireless devices.

This has been picked up by the technology media, and much is being made of it. Only, the thing is that it’s not new.

While this specific research is new, the general issue of pulling information out of RF emanations from telecommunications and computer equipment goes back at least into the 1960s. In the 1970s, the major concern was computer terminal displays, and it’s likely that the average display would be just as susceptible to RF eavesdropping now as it was then. As PCs came around in the 1980s, we started worrying about emanations from the circuitry in the PC itself — the display adapter, the system board, and other parts.

In the 1970s, the U.S. government developed a specification called TEMPEST to define standards for RF-shielding of computer equipment to be used in classified programs (see the Wikipedia entry, and here’s an interesting and old declassified report from the NSA), and there were TEMPEST versions of popular computer terminals and some PCs (I had a TEMPEST PC/AT in my office in 1986 or so).

So, this work is clever and interesting as far as it goes. But it’s no revelation, and the conclusion that unshielded computer equipment is not suitable for classified use is one that was made at least thirty years ago.


lidija said...

Totally news to me though (the old and the new work).

Barry Leiba said...

Well, and that's why we're here....