Laptops And Flat Panels Now Vulnerable to Van Eck Methods 144
An anonymous reader writes "Using radio to eavesdrop on CRTs has been around since the 80s, but Cambridge University researchers have now shown that laptops and flat-panel displays are vulnerable too. Using basic radio equipment and an FPGA board totaling less than $2,000 it was possible for researchers to read text from a laptop three offices away. 'Kuhn also mentioned that one laptop was vulnerable because it had metal hinges that carried the signal of the display cable. I asked if you could alter a device to make it easier to spy on. "There are a lot of innocuous modifications you can make to maximize the chance of getting a good signal," he told me. For example, adding small pieces of wire or cable to a display could make a big difference.'"
Bad story submission title (Score:5, Informative)
The title given to this story on slashdot is awful, especially for a geek news site. Haven't we already established that obscurity is not security? And about a million times over?
An unpublished vulnerability is no less real than one that has been announced, and is in fact more dangerous because the lack of an announcement leads to a false feeling of security. The real story is that your laptop has in fact been vulnerable to van eck phreaking for years and year, not just "now".
It's a good thing I haven't had faith in slashdot for a long time now, or I'd be really disappointed. As it is, I'm just pointing this out for those who didn't already notice.
van Eck only made it public (Score:5, Informative)
Cryptonomicon? (Score:5, Informative)
Re:HDMI? (Score:2, Informative)
But yeah, encrypted HDMI would make it more difficult.
TEMPEST in a teacup (Score:3, Informative)
Simply put, change the voltage level or current level of a device and you generate a signal that is conducted along wires and other conductive paths and radiated from those conductive paths. Interception of the conducted or radiated changes can be used to re-create
the original information. Wether the information is in serial, paralell or raster format it is a relatively trivial problem given some time and computing resources.
Is it a problem for most of us? Given that someone will try the easiest ways to get the information, using Van Eck or other types of TEMPEST
attacks is much less likely than social engineering or other means to get your information.
Re:HDMI? (Score:3, Informative)
I thought that was already done.
http://en.wikipedia.org/wiki/HDCP [wikipedia.org]
TEMPEST (Score:5, Informative)
Work done three years ago (Score:3, Informative)
http://www.cl.cam.ac.uk/~mgk25/pet2004-fpd.pdf [cam.ac.uk]
as well as countermeasures; randomising the low-order bit of all your pixels anew in every frame would be ideal, but using colours which have the same number of bit transitions in 'black' and 'white' works almost as well. Looks a bit ugly to have your screen entirely in off-greens and off-pinks, but that's the price of security.
HDCP actually helps against this kind of thing, because there are no long lengths of wire carrying unencoded video signal.
Re:less social intelligence than a 13 year old (Score:3, Informative)
Sit inside a Faraday cage
but make sure you always carry a spare key for the door with you
More information (Score:4, Informative)
Another paper that is very relevant to this article is from a Japanese group who did research on the same topic (LCDs, laptops, etc) A Trial of the Interception of Display Image using Emanation of Electromagnetic Wave [www.nict.jp] - again, a PDF. What's interesting to note from this paper is the fact that the researchers found that minor inconsistencies in the production of the equipment caused slightly different synchronous frequencies to be detected. This means in an office it could be possible for an attacker to "choose" which monitor they wish to look at by its frequency signature.
Re:Not too surprising (Score:3, Informative)
Previous methods could intercept the signal. Processing it back into an image was the problem.
CRTs essentially modulate the beam current with the basic video signal. Leakage of that puts into the air precicely what you need to produce a copy of the image part (though the current is cut off for retrace). Also pick up and sort out the spikes from the H and V deflection, or interpolate the image sync from the dark areas in the video, and you can reconstruct the sync signals and have a fully-functional video signal, ready to put into another CRT. (Use a directional antenna so you don't jam your own receiver by looking at the result.)
The signal to the laptop's LCD display also leaks. But the leaked signal isn't such a straightforward copy of an analog video signal, ready to be fed to a monitor. Much more processing.
Which they've now managed to do.
Re:Telling question (Score:1, Informative)
Old, Old News; and the old one's a better source. (Score:1, Informative)
Kuhn, Markus G. "Electromagnetic Eavesdropping Risks of Flat-Panel Displays." Privacy Enhancing Technologies,
4th International Workshop, PET 2004, Toronto, Canada, May 26-28, 2004. Revised Selected Papers. Springer.
Paper link:
http://www.cl.cam.ac.uk/~mgk25/pet2004-fpd.pdf [cam.ac.uk]
And author homepage:
http://www.cl.cam.ac.uk/~mgk25/ [cam.ac.uk]
IIRC, this paper has some really interesting stuff that totally debunks the notion that laptops, or indeed LCDs in general, are more TEMPEST-safe than CRTs. I believe the high speed digital signals (which, in laptops, transit proprietary buses but are no more protected for it, and are in fact less shielded than external cables) actually make the attacks *easier.* There's also interesting stuff about introducing interference into the signals to distort evesdropping, but I think it does not work satisfactorily. Basically, until we all use encrypted DVI (shudder--concieved to limit the ablility of consumers to interact with and utilize their own equipment by the MAFIAA--but still possibly useful for privacy), our video signals are being broadcast constantly. Some irony there...