18 Sep
2019
18 Sep
'19
10:14 a.m.
On Sep 18, 2019, at 9:59 AM, Chris Elmquist <chrise
at pobox.com> wrote:
On Wednesday (09/18/2019 at 09:19AM -0700), Guy Sotomayor Jr via cctalk wrote:
https://en.wikipedia.org/wiki/Van_Eck_phreaking
<https://en.wikipedia.org/wiki/Van_Eck_phreaking>
Cool!
Yea, I had to make a trip to a ?secure facility? once and there were entire ?tempest?
rooms with conditioned power and no external communications equipment. The room itself
(think *large*) was a faraday cage with a vault door that was kept closed when ever there
was sensitive stuff going on. Since I didn?t have a security clearance, the door was open
and everywhere I went there were red lights in the rooms/halls that I was in that would be
on to indicate that no sensitive information should be discussed (makes you feel really
wanted). ;-)
TTFN - Guy
On Sep 18, 2019, at 12:42 AM, Liam Proven via
cctalk <cctalk at classiccmp.org> wrote:
On Wed, 18 Sep 2019 at 02:19, Paul Koning via cctalk
<cctalk at classiccmp.org> wrote:
In the deep dark days of yore, I recall an actual demonstration of being able to
read/replicate the contents of the screen (CRT) of a PC by looking at the AC (e.g. mains)
that the PC was plugged into. Admittedly it was relatively low fidelity, but yikes!
> ...
Speaking of timing, that reminds me of two amazing security holes written up in the past
few years. Nothing to do with the Spectre etc. issue.
One is the recovery of speech from an encrypted VoIP channel such as Skype, by looking at
the sizes of the encrypted data blocks. (Look for a paper named "Hookt on
fon-iks" by White et al.) The fix for this is message padding.
The other is the recovery of the RSA private key in a smartphone by listening to the
sound it makes while decrypting. The fix for this is timing tweaks in the decryption
inner loop. (Look for a paper by, among others, Adi Shamir, the S in RSA and one of the
world's top cryptographers.)
It's pretty amazing what ways people find to break into security mechanisms.
... Wow.
*Wow.*
Thanks for those!