Sec, blogmal! - sniffer



Februar '17



Sun, 14 Aug 2005

The sniffer project - How the idea was born

The idea for this project is actually very old. There are two parts to it, that I still remember.

I was at the 15th CCC Congress (1998) and listening to a lecture on tempest (Kompromittierende Emissionen). The speaker demonstrated viewing a monitor picture from across the stage. He explained a few points, including the fact that the monitor didn't have to be turned on. Then he demonstrated a few things you could do against this, including a small black box which inhibited the sniffing.

While I did find that interesting, it lacked both precise documentation to reproduce it, it sounded expensive because you needed a special display, and I felt, there wasn't much hack value in watching displays - And interesting things like passwords weren't echoed anyway :)

Some time later, running around with some friends on the CeBIT (german computer exhibition), we passed by at the Heise booth. They were actively promoting crypto use by that time (They called it Krypto-Kampagne). They were signing PGP Keys, if you didn't yet have one, you could generate one right there, and take it home on a 3.5" floppy disk.

The PC used was called Gläserner PC, which means that its casing was made out of Plexiglas, and (IIRC) it booted DOS from a CD. This was done, to increase confidence that this PC was not modified in any way to collect the private keys.

A friend of mine commented on the fact, that a non-metal enclosing would actually make tempest more easy. I replied that the signals on the Display wouldn't be interesting anyway, and actually sniffing the key bytes on some internal BUS was way too complicated.

Then I realized, if I were tempest-sniffing something, it would have to be the keyboard. It had a nice antenna due to its cable, and the protocol should not be that hard to understand.

Well, so much about the inception of the idea. Next time I'll delve more into the (short) history of the project.

posted at: 19:32 | Category: /sniffer | permanent link to this entry | 0 comments (trackback)

powered by blosxom
in 1.00 s