Date: Sun, 27 Feb 94 09:08:04 EST Errors-To: Comp-privacy Error Handler From: Computer Privacy Digest Moderator To: Comp-privacy@uwm.edu Subject: Computer Privacy Digest V4#035 Computer Privacy Digest Sun, 27 Feb 94 Volume 4 : Issue: 035 Today's Topics: Moderator: Leonard P. Levine Re: Electronic Banking EFF on FBI Telephony Bill FWD>FYI: Rivest's response Networks & Community: Feb 25, 1994 Van Eck Radiation and Privacy The Computer Privacy Digest is a forum for discussion on the effect of technology on privacy. The digest is moderated and gatewayed into the USENET newsgroup comp.society.privacy (Moderated). Submissions should be sent to comp-privacy@uwm.edu and administrative requests to comp-privacy-request@uwm.edu. Back issues are available via anonymous ftp on ftp.cs.uwm.edu [129.89.9.18]. Login as "ftp" with password "yourid@yoursite". The archives are in the directory "pub/comp-privacy". Archives are also held at ftp.pica.army.mil [129.139.160.133]. ---------------------------------------------------------------------- From: Zaf Date: Thu, 24 Feb 1994 12:03:28 -0500 (EST) Subject: Re: Electronic Banking WHMurray@dockmaster had made some very good points about electronic banking. He wrote: History suggests that the adoption of new banking technology is generational. That is, it requires 10-20 years to be adopted. Many older people never adopt it. New exchange technology never replaces old. My mother's mother never used checks. My mother did not use credit cards, ATMs, or automatic deposit. On the other hand, my 16 year old godson has had an ATM card since he was nine. I beg to differ on the point about his mother;s mother never using checks. Checks fall under the catogary of negotiable instruments under article three of the UCC (Uniform Commercial Code) under commercial paper. As such, checks have been around a very long time. ------------------------------ From: "Prof. L. P. Levine" Date: Fri, 25 Feb 1994 08:50:27 -0600 (CST) Subject: EFF on FBI Telephony Bill Organization: University of Wisconsin-Milwaukee Electronic Frontier Foundation Statement on FBI Draft Digital Telephony Bill EFF has received a draft of the FBI's new, proposed "Digital Telephony" bill. After initial analysis, we strongly condemn bill, which would require all common carriers to construct their networks to deliver to law enforcement agencies, in real time, both the contents of all communications on their networks and the "signalling" or transactional information. In short, the bill lays the groundwork for turning the National Information Infrastructure into a nation-wide surveillance system, to be used by law enforcement with few technical or legal safeguards. This image is not hyperbole, but a real assessment of the power of the technology and inadequacy of current legal and technical privacy protections for users of communications networks. Although the FBI suggests that the bill is primarily designed to maintain status quo wiretap capability in the face of technological changes, in fact, it seeks vast new surveillance and monitoring tools. Among the new powers given to law enforcement are: 1. Real-time access to transactional information creates the ability to monitor individuals in real time. The bill would require common carrier network (telephone companies and anyone who plans to get into the telephone business, such as cable TV companies) to deliver, in real time, so called "call setup information." In the simplest case, call setup information is a list of phone numbers dialed by a given telephone currently under surveillance. As we all come to use electronic communications for more and more purposes, however, this simple call setup information could also reveal what movies we've order, which online information services we've connected to, which political bulletin boards we've dialed, etc. With increasing use of telecommunications, this simple transactional information reveals almost as much about our private lives as would be learned if someone literally followed us around on the street, watching our every move. We are all especially vulnerable to this kind of surveillance, because, unlike wiretapping the *content* of our communications, it is quite easy for law enforcement to get permission to obtain this transactional information. Whereas courts scrutinize wiretap requests very carefully, authorizations for access to call setup information are routinely granted with no substantive review. Some federal agencies, such as the IRS, even have the power to issue administrative subpoenas on their own, without appearing before a court. The real impact of the FBI proposal turns, in part, on the fact that it is easy to obtain court approval for seizing transactional data. The change from existing law contained in the FBI proposal is that carriers would have to deliver this call setup information *in real time*, directly to a remote listening post designated by law enforcement. Today, the government can obtain this information, but generally has to install a device (called a 'pen register') which is monitored manually at the telephone company switching office. 2. Access to communication and signalling information for any mobile communication, regardless of location allows tracking of an individual's movements. The bill requires that carriers be able to deliver either the contents or transactional information associated with any subscriber, even if that person is moving around from place to place with a cellular or PCS phone. It is conceivable that law enforcement could use the signalling information to identify that location of a target, whether that person is the subject of a wiretap order, or merely a subpoena for call setup information. This provision takes a major step beyond current law in that it allows for a tap and/or trace on a *person*, as opposed to mere surveillance of a telephone line. 3. Expanded access to electronic communications services, such as the Internet, online information services, and BBSs. The privacy of electronic communications services such as electronic mail is also put at grave risk. Today, a court order is required under the Electronic Communications Privacy Act to obtain the contents of electronic mail, for example. Those ECPA provisions would still apply for the contents of such messages, but the FBI bill suggests that common carriers might be responsible for delivering the addressing information associated with electronic mail and other electronic communications. For example, if a user connects to the Internet over local telephone lines, law enforcement might be able to demand from the telephone company information about where the user sent messages, and into which remote systems that user connects. All of this information could be obtained by law enforcement without every receiving a wiretap order. 4. The power to shut down non-compliant networks Finally, the bill proposes that the Attorney General have the power to shut down any common carrier service that fails to comply with all of these requirements. Some have already called this the "war powers" provision. Granting the Department of Justice such control over our nation's communications infrastructure is a serious threat to our First Amendment right to send and receive information, free from undue government intrusion. ******************************** The posting represents EFF's initial response to the new FBI proposal. Several documents, including the full text of the proposed bill and a more detailed section-by-section analysis are available by anonymous ftp on EFF's ftp site. This docuemnt is digtel94.announce The documents can be located via ftp, gopher, or www, as follows: ftp://ftp.eff.org/pub/EFF/Policy/Digital_Telephony/digtel94_bill.draft ftp://ftp.eff.org/pub/EFF/Policy/Digital_Telephony/digtel94_analysis.eff ftp://ftp.eff.org/pub/EFF/Policy/Digital_Telephony/digtel94.announce for gopher, same but replace first part with: gopher://gopher.eff.org/00/EFF/... for WWW, same but replace first part with: http:/www.eff.org/ftp/EFF/... ******************************** Press inquiries, contact: Jerry Berman, Executive Director Daniel Weitzner, Senior Staff Counsel +1 202-347-5400 -- Daniel J. Weitzner, Senior Staff Counsel Electronic Frontier Foundation 202-347-5400 (v) 1001 G St, NW Suite 950 East 202-393-5509 (f) Washington, DC 20001 ------------------------------ From: Dave Banisar Date: Fri, 25 Feb 1994 22:43:48 EST Subject: FWD>FYI: Rivest's response Organization: CPSR Washington Office ------- Forwarded Message Date: Fri, 25 Feb 94 16:24:20 EST To: denning@cs.cosc.georgetown.edu Cc: efbrick@cs.sandia.gov, hellman@isl.stanford.edu, Rivest@mc.lcs.mit.edu, silvio@theory.lcs.mit.edu, smb@research.att.com, mab@research.att.com, jim@rsa.com, diffie@eng.sun.com Subject: Newsday Editorial Hi Dorothy -- Thanks for sending me a copy of your editorial. But I find the reasoning you present misleading and unpersuasive. First, you argue that the clipper chip will be a useful law enforcement tool. Given the small number of currently authorized wiretaps per year (under 1000) and the ease of using alternative encryption technology or superencryption, it seems plausible to me that law enforcement could expect at most ten "successful" clipper wiretaps per year. This is a pretty marginal basis for claiming that clipper will "block crime". Second, you seem to believe that anything that will "block crime" must therefore be a "good thing" and should therefore be adopted. This is not true, even if it is not subject to government abuse. For example, a system that could turn any telephone (even when on-hook) into an authorized listening microphone might help law enforcement, but would be unacceptable to almost all Americans. As another example, tatooing a person's social security number on his or her buttocks might help law enforcement, but would also be objectionable. Or, you could require all citizens to wear a bracelet that could be remotely queried (electronically, and only when authorized) to return the location of that citizen. There are all kinds of wonderfully stupid things one could do with modern technology that could "help" law enforcement. But merely being of assistance to law enforcement doesn't make a proposal a good thing; many such ideas are objectionable and unacceptable because of the unreasonably large cost/benefit ratio (real or psychological cost). The clipper proposal, in my opinion, is of exactly this nature. Third, you seem unnecessarily polly-annish about our government and the potential for abuse. The clipper proposal places all trust for its management within the executive branch; a corrupt president could direct that it be used for inappropriate purposes. The unspecified nature of many of the associated procedures leaves much room to speculate that there are "holes" that could be exploited by government officials to abuse the rights of American citizens. Even if the proposal were modified to split the trust among the various branches of government, one might still reasonably worry about possible abuse. Merely because you've met the current set of representatives of various agencies, and feel you can trust them, doesn't mean that such trust can be warranted in their successors. One should build in institutional checks and balances that overcome occasional moral lapses in one or more office holders. Fourth, your discussion of "searching your home and seizing your papers" is misleading. You seem to imply that because law enforcement can be issued a warrant to search your home, that we should adopt clipper. Yet this analogy only makes sense if individuals were required to deposit copies of their front door keys with the government. I can build any kind of house I wish (out of steel, for example), and put any kind of locks on it, and wire up any kind of intrusion detectors on it, etc. The government, armed with a search warrant, is not guaranteed an "easy entry" into my home at all. The appropriate analogical conclusion is that individuals should be able to use any kind of encryption they want, and the government should be allowed (when authorized, of course) to try and break their encryption. Finally, you argue (elsewhere, not in this editorial) that the decision rests in part on "classified" information. Such an argument only makes sense if there is a specific law-enforcement situation that makes such classified information timely and relevant. (E.g., if there was a current investigation as to whether the Department of the Treasury had been infiltrated by organized crime.) The use of "classified information" is otherwise generally inappropriate in discussing communications policy that will last over decades. This hardly covers all of the relevant issues, but it covers the points that came immediately to mind in reading your editorial... Cheers, Ron P.S. Feel free to pass along, quote, or otherwise re-distribute this... - ---------------------------------------------------------------------------- -- Return-Path: <@axp1.acc.georgetown.edu:denning@cs.cosc.georgetown.edu> Date: Wed, 23 Feb 1994 16:16:09 -0500 (EST) From: Dorothy Denning Subject: Newsday Editorial To: efbrick@cs.sandia.gov, hellman@isl.stanford.edu, Rivest@mc.lcs.mit.edu, silvio@theory.lcs.mit.edu, smb@research.att.com, mab@research.att.com Cc: denning@guvax.acc.georgetown.edu Content-Transfer-Encoding: 7BIT ====================================================================== | Newsday, Tuesday, February 22, 1994, Viewpoints | ====================================================================== The Clipper Chip Will Block Crime By Dorothy E. Denning Hidden among the discussions of the information highway is a fierce debate, with huge implications for everyone. It centers on a tiny computer chip called the Clipper, which uses sophisticated coding to scramble electronic communications transmitted through the phone system. The Clinton administration has adopted the chip, which would allow law enforcement agencies with court warrants to read the Clipper codes and eavesdrop on terrorists and criminals. But opponents say that, if this happens, the privacy of law-abiding individuals will be a risk. They want people to be able to use their own scramblers, which the government would not be able to decode. If the opponents get their way, however, all communications on the information highway would be immune from lawful interception. In a world threatened by international organized crime, terrorism, and rogue governments, this would be folly. In testimony before Congress, Donald Delaney, senior investigator with the New York State Police, warned that if we adopted an encoding standard that did not permit lawful intercepts, we would have havoc in the United States. Moreover, the Clipper coding offers safeguards against casual government intrusion. It requires that one of the two components of a key embedded in the chip be kept with the Treasury Department and the other component with the Commerce Department's National Institute of Standards and Technology. Any law enforcement official wanting to wiretap would need to obtain not only a warrant but the separate components from the two agencies. This, plus the superstrong code and key system would make it virtually impossible for anyone, even corrupt government officials, to spy illegally. But would terrorists use Clipper? The Justice Department has ordered $8 million worth of Clipper scramblers in the hope that they will become so widespread and convenient that everyone will use them. Opponents say that terrorists will not be so foolish as to use encryption to which the government holds the key but will scramble their calls with their own code systems. But then who would have thought that the World Trade Center bombers would have been stupid enough to return a truck that they had rented? Court-authorized interception of communications has been essential for preventing and solving many serious and often violent crimes, including terrorism, organized crime, drugs, kidnaping, and political corruption. The FBI alone has had many spectacular successes that depended on wiretaps. In a Chicago case code-named RUKBOM, they prevented the El Rukn street gang, which was acting on behalf of the Libyan government, from shooting down a commercial airliner using a stolen military weapons system. To protect against abuse of electronic surveillance, federal statutes impose stringent requirements on the approval and execution of wiretaps. Wiretaps are used judiciously (only 846 installed wiretaps in 1992) and are targeted at major criminals. Now, the thought of the FBI wiretapping my communications appeals to me about as much as its searching my home and seizing my papers. But the Constitution does not give us absolute privacy from court-ordered searches and seizures, and for good reason. Lawlessness would prevail. Encoding technologies, which offer privacy, are on a collision course with a major crime-fighting tool: wiretapping. Now the Clipper chip shows that strong encoding can be made available in a way that protects private communications but does not harm society if it gets into the wrong hands. Clipper is a good idea, and it needs support from people who recognize the need for both privacy and effective law enforcement on the information highway. ====================================================================== | Copyright Newsday. All rights reserved. This article can be freely | | distributed on the net provided this note is kept intact, but it may | | not be sold or used for profit without permission of Newsday. | ====================================================================== ------------------------------ From: Sam Sternberg Date: Fri, 25 Feb 1994 15:29:32 EST Subject: Networks & Community: Feb 25, 1994 ---------- Forwarded message ---------- Date: Fri, 25 Feb 1994 15:29:32 EST From: Sam Sternberg To: Multiple recipients of list COMMUNET Subject: Networks & Community: Feb 25, 1994 NETWORKS AND COMMUNITY : feb 25, 1994 Networks and Community is devoted to encouraging LOCAL resource creation & GLOBAL resource sharing. The 10th report of 1994 is the 16th weekly survey. ------------------------------------------------- This special issue is devoted to a discussion of several U.S. government proposals to eliminate privacy for the average citizen, including all users of the Internet and the phone system. I will attempt to show that the Internet related proposal is so flawed technically as to endanger the security of the country and that the other proposals contribute to a possible loss of liberty for all citizens. While I am not a resident of the United States, I am an active user of the internet and a promoter of its global utilization. In particular as a advocate of civic networks I feel compelled to point out how U.S. regulations and legislation will impact both the U.S and other nations. LEGISLATION =========== The U.S. government, through the actions of various police and intelligence agencies is undertaking a fundamental revision of the traditional role of the state in the western industrial world. Many of its activities related to privacy are being debated or contested by users of the Internet. Many others are not. Some of its efforts along this line have already been prevented by an aware Congress. Hopefully the current crop will all be given a very thorough examination; and where they lack merit - will be rejected. Of particular note among the already rejected efforts is the legislative proposal introduced in January of 1993 by Robert Solomon (R-NY). His bill, HR380, would have required intelligence committee members and their staff to submit to random polygraph testing to prevent unauthorized disclosure of matters being considered by the committee. The bill was rejected because it inverted the traditional role of Congress and the Federal Agencies. It would have made congress subject to the decisions of individuals who's only claim to representation of public it the fact that they were public employees. This week's arrest of Mr. Ames shows that mere employment - even employment that requires regular submission to polygraph testing - is no guarantee of loyalty to the best interests of the country. Readers may recall that 2 weeks ago I raised exactly this issue of the corruptibility of Intelligence staff in my discussion of the clipper chip proposal. Particularly noteworthy in the Ames case is the small amount of money alleged to have been required to gain Mr. Ames assistance for Russia. He may have been paid a princely $150,000 a year for his efforts. That sum isn't even a drop in the bucket for any country or reasonable sized business. For that pittance he is alleged to have compromised the entire overseas intelligence network of the U.S. He may not have been the first official in his position to have compromised U.S. intelligence. James Jesus Angleton, head of U.S. counterintelligence for nearly 30 years, was removed from office under a similar cloud of suspicion. I will return to the issue of Mr. Angleton's removal at the end of this report. FLAWS IN THE CLIPPER CHIP PROPOSAL The clipper chip proposal suffers from numerous flaws. The most devastating are technical. The most worrisome would result from the consequences of its implementation. TECHNICAL This proposal is based on the use of a "split key encryption system". Such systems are not uncrackable. Instead they are time consuming to crack. But every set of keys is crackable by a well known approach, given enough time. The security the system provides lies in the technical fact that the average time to crack such a set of keys with a particular computer is currently many years. This does not mean that some keys won't be randomly cracked in a few minutes. That can happen. Its just that on average the time required might be many years. Such a system normally permits the user to choose any key and to change keys as often as the user desires. The adminstration's proposal freezes the key once its chosen. The ability to change keys provides the user with an additional guarantee that even if his prior key was broken - his new key will offer some assurance of privacy for a time. The ability to choose any key permits the user to make his key longer as the technical means of key cracking improves. The longer the key the more time it takes to crack. By freezing the key length and value the NSA provided proposal guarantees that any country or company with sufficient money will soon be able to crack any key rapidly. The problem is simple - we are moving into an era of mutli-cpu computers and of course the rate of change in computational power is not slowing either. The administration reports that the current scheme will take an average of 35 years to crack. That's well and good - but they do not report which computer chip that estimate was based on. Assuming the fastest available chip was used; all that is needed to turn the problem into just one days work, is a bank of 35 x 365 computers - or 12,775 computers. But wait. Machines are now on the market that incorporate from 1,000 to 64 thousand cpu chips in a single [ relatively inexpensive ] system. The 64k cpu system could crack the code in about 3 hours on average. In addition current lab systems using optical computing elements look like they will provide a 1,000 fold increase in power within the next 5 years. That would take the current scheme and make it possible for a 64Kcpu system to crack the codes in under 1 second. So any foreign nation or large corporation with some money and some technical skill could just capture as much traffic as feasible and then save it for a few years before being able to examine it at will. This saving of old traffic has already been done and proved useful by the allies. They found material captured during the second world war and then stored; to be of use even decades later. At the same time those nasties could systematicly attack the codes used by their major competitors or rivals. You know, 3 hours and you've got all the IBM traffic another 3 hours and you've cracked the White House flows. This flaw is fundamental to the proposal. But other problems of a technical nature also exist. 1. Where are the keys kept. The keys are to be kept with 2 separate agencies. Those agencies are unfortunately both vitally linked to the intelligence community. NIST has long acted as a front agency for the NSA. Its cover identity allows NSA staff to attend conferences without arousing suspicion from wary academics and business people. The current budget request an near doubling of the level of funding for NIST. TREASURY is the home of the Secret Service and INTERPOL. 2. How are the keys sent and received. They will be networked. So little wires will come out of the back of each black box. Its efficient, but since these devices will be kept in heavily guarded locations who will know just were the other connections on this network are. There could for instance be more than 2 boxes produces. None of us will ever be in a position to know. 3. Who will guarantee that the keys won't be captured in transit. They could be easily duplicated and sent to other machines. REBIRTH OF THE DOMESTIC INTELLIGENCE STATE These flaws are not trivial. But any scheme that attempts to meet both the needs of police and of the citizenry will be flawed. The danger lies in the natural tendency of policing agencies to suspect everyone. It comes with the territory. The problem is not new. In 1989, William W. Keller, on the staff of the congressional Office of Technical Assessment's program on international security - which was examining the problem of international terrorism, published an important study. His book is "The Liberals and J. Edgar Hoover - RISE AND FALL OF A DOMESTIC INTELLIGENCE STATE. He wrote it because he became fascinated by the history of counter terrorism work in the U.S. In it he articulately and carefully shows how a well intentioned FBI program to defend black civil rights in the south turned into the Legendary COINTELLPRO program. Congress dismantled the program once its excesses were exposed. That program did not go forward without high level approval. The highest level Justice official to approve it is now the U.S. Secretary of State. Mr. Keller closes his book with a warning that the domestic intelligence state could return. He points out that new technology will make it even harder to control if its starts up again. I think his warning was prescient and needs attention now. In the past both Congress and the White House have been subject to monitoring and manipulation by elements of the police and intelligence community. THE DANGER FOR CONGRESS During the Hoover years every phone in congress was taped. Hoover liked to greet freshman congresspersons and let it slip that he was privy to a conversation they recently had with someone in the Halls of congress. This trick was made possible by the phone taps. Someone calling an associate and reporting a conversation made this possible. It put the fear of Hoover and the mistrust of other congress people uppermost in the minds of a freshman. The information from taps was also used for planning on bills the community wanted passed over opposition. The Church committee hearings delved into these matters. Much was covered in closed sessions. The final public report sanitized the findings and reported that only 5 people had their phones tapped. Any congressperson with suitable clearances can examine the committee minutes in the classified stacks of the Library of Congress. But most current congressional reps don't have the clearances and were not serving at the time those hearings took place. So history gets lost and forgotten. At the very least Congress should not permit "low level" [ to use Mr. Gore's disingenuous description of those making decisions on the clipper chip proposal ] officials to choose its security system for data services. Each office would be best served by purchasing its own facilities. Preferably a software based system that was more generally usable. THE DANGER FOR THE WHITEHOUSE As the ensign Radford incident shows, - during the Nixon years - anxious members of the military were not beyond taping White House phones when they are uncomfortable with administration positions or actions. President Kennedy would have sensitive discussions while walking in the White House garden. He was convinced that his offices were tapped. THE DANGER FOR THE INTELLIGENCE COMMUNITY As the Ames case and the many that have gone before it show - information made secret for whatever reason, becomes the target of espionage. With the secrets of commerce and civic discourse available to the intelligence community they too will become targets. The next Mr. Ames will endanger far more the espionage establishment if the clipper chip proposal and its companion bills are passed. THE DANGER FOR INDUSTRY AND COMMERCE As I have previously pointed out. The intelligence and police communities are too easily corrupted to be trusted with the capacity to capture and reveal the private actions of American firms. The problem is that their work breeds cynicism. While most staff accept the cynicism and serve honourably; it only takes a few dishonest individuals to subvert the commercial future of the U.S. Those few having grown cynical, become greedy. The rest as they say is "history". THE DANGER FOR CIVIC DISCOURSE The right of citizens to work on legislation or to engage privately in any activity is paramount to a well functioning society. The tendency of police states to evolve - as Mr Keller warns - is a constant danger to the exercise of such rights by the citizenry. Traditional police work cracked the World Trade Center bombing. It will serve equally well in the future. WHAT ACTION CAN BE TAKEN TO PROMOTE NATIONAL SECURITY and PERSONAL OR COMMERCIAL PRIVACY The most appropriate action - after reject this bill and the companion bills on telecom and FBI rights to obtain personal records without a court hearing - is to encourage additional research on cryptographic security systems. The results should be incorporated in technology including software that is readily available. If the U.S. does not keep up with technical advances its capacity to both defend itself and compete commercially will be irreparably damaged. There are many promising areas for research in improved security systems. With a diversity of systems available it really does become possible to attempt to safeguard governmental, commercial and individual privacy. Many systems makes cracking more difficult. Modernizing systems also helps prevent intrusion. As anyone who has ever dealt with a virus on his system knows. The most unexpected things can turn up on your system. Unless you can defeat efforts to harm you or steal your secrets - you are vulnerable. Cryptography defeating systems will evolve just as readily as viruses. Only ongoing research will defeat these dangers. ANOTHER LESSON FROM THE PAST I mentioned the case of Mr Angleton earlier. There may be a lesson to be learned from it. Mr Angleton effectively disrupted the U.S. and allied intelligence communities for decades through his excessive paranoia and his incompetent methods. He was finally stopped when one official, Clare George, [ staff to the CIA ] wrote a report pointing out that it really didn't matter if Mr Angleton was sincere or a Soviet Mole. His behaviour was as disruptive as if he was in fact a mole. Mr George's report was acted on. Mr Angleton was retired, given a good pension, and other indications of the appreciation of a grateful republic. Perhaps the various groups responsible for this round of dangerous nonsense should also be examined. It just might be the case that they too deserve early retirement, a good pension, and the thanks of a grateful republic. ============================================== NETWORKS and COMMUNITY is a public service of FUTURE DATA; but this issue is entirely the responsibility of Sam Sternberg ------------------------------ From: "Prof. L. P. Levine" Date: Sun, 27 Feb 1994 08:37:32 -0600 (CST) Subject: Van Eck Radiation and Privacy Organization: University of Wisconsin-Milwaukee Taken from the Risks-Forum Digest Saturday 26 February 1994 (15:59) Peter G. Neumann, moderator Date: Thu, 24 Feb 94 14:13:19 -0500 From: "Winn Schwartau" Subject: Van Eck Radiation Helps Catch Spies Van Eck in Action Over the last several years, I have discussed in great detail how the electromagnetic emissions from personal computers (and electronic gear in general) can be remotely detected without a hard connection and the information on the computers reconstructed. Electromagnetic eavesdropping is about insidious as you can get: the victim doesn't and can't know that anyone is 'listening' to his computer. To the eavesdropper, this provides an ideal means of surveillance: he can place his eavesdropping equipment a fair distance away to avoid detection and get a clear representation of what is being processed on the computer in question. (Please see previous issues of Security Insider Report for complete technical descriptions of the techniques.) The problem, though, is that too many so called security experts, (some prominent ones who really should know better) pooh-pooh the whole concept, maintaining they've never seen it work. Well, I'm sorry that none of them came to my demonstrations over the years, but Van Eck radiation IS real and does work. In fact, the recent headline grabbing spy case illuminates the point. Exploitation of Van Eck radiation appears to be responsible, at least in part, for the arrest of senior CIA intelligence officer Aldrich Hazen Ames on charges of being a Soviet/Russian mole. According to the Affidavit in support of Arrest Warrant, the FBI used "electronic surveillance of Ames' personal computer and software within his residence," in their search for evidence against him. On October 9, 1993, the FBI "placed an electronic monitor in his (Ames') computer," suggesting that a Van Eck receiver and transmitter was used to gather information on a real-time basis. Obviously, then, this is an ideal tool for criminal investigation - one that apparently works quite well. (From the Affidavit and from David Johnston, "Tailed Cars and Tapped Telephones: How US Drew Net on Spy Suspects," New York Times, February 24, 1994.) >From what we can gather at this point, the FBI black-bagged Ames' house and installed a number of surveillance devices. We have a high confidence factor that one of them was a small Van Eck detector which captured either CRT signals or keyboard strokes or both. The device would work like this: A small receiver operating in the 22MHz range (pixel frequency) would detect the video signals minus the horizontal and vertical sync signals. Since the device would be inside the computer itself, the signal strength would be more than adequate to provide a quality source. The little device would then retransmit the collected data in real-time to a remote surveillance vehicle or site where the video/keyboard data was stored on a video or digital storage medium. At a forensic laboratory, technicians would recreate the original screens and data that Mr. Ames entered into his computer. The technicians would add a vertical sync signal of about 59.94 Hz, and a horizontal sync signal of about 27KHz. This would stabilize the roll of the picture. In addition, the captured data would be subject to "cleansing" - meaning that the spurious noise in the signal would be stripped using Fast Fourier Transform techniques in either hardware or software. It is likely, though, that the FBI's device contained within it an FFT chip designed by the NSA a couple of years ago to make the laboratory process even easier. I spoke to the FBI and US Attorney's Office about the technology used for this, and none of them would confirm or deny the technology used "on an active case." Of course it is possible that the FBI did not place a monitoring device within the computer itself, but merely focused an external antenna at Mr. Ames' residence to "listen" to his computer from afar, but this presents additional complexities for law enforcement. 1. The farther from the source the detection equipment sits means that the detected information is "noisier" and requires additional forensic analysis to derive usable information. 2. Depending upon the electromagnetic sewage content of the immediate area around Mr. Ames' neighborhood, the FBI surveillance team would be limited as to what distances this technique would still be viable. Distance squared attenuation holds true. 3. The closer the surveillance team sits to the target, the more likely it is that their activities will be discovered. In either case, the technology is real and was apparently used in this investigation. But now, a few questions arise. 1. Does a court surveillance order include the right to remotely eavesdrop upon the unintentional emanations from a suspect's electronic equipment? Did the warrants specify this technique or were they shrouded under a more general surveillance authorization? Interesting question for the defense. 2. Is the information garnered in this manner admissible in court? I have read papers that claim defending against this method is illegal in the United States, but I have been unable to substantiate that supposition. 3. If this case goes to court, it would seem that the investigators would have to admit HOW they intercepted signals, and a smart lawyer (contradictory allegory :-) would attempt to pry out the relevant details. This is important because the techniques are generally classified within the intelligence community even though they are well understood and explained in open source materials. How will the veil of national security be dropped here? To the best of my knowledge, this is the first time that the Government had admitted the use of Van Eck (Tempest Busting etc.) in public. If anyone knows of any others, I would love to know about it. ------------------------------ ------------------------------ End of Computer Privacy Digest V4 #035 ****************************** .