This page is about surveillance technology.
The general principle is that computer monitors and other devices give off electromagnetic radiation. With the right antenna and receiver, these emanations can be intercepted from a remote location, and then be redisplayed (in the case of a monitor screen) or recorded and replayed (such as with a printer or keyboard)
Complete Unofficial Tempest Page
Published by Dragos Moisa
- Over the past four years a tremendous amount of information has come to light onTEMPEST and related topics. So much that even though the page had no graphics, it was taking acouple of minutes to load on slow, dial-up connections. To celebrate the site's four year birthday, I've split it into four pages so it will load a bit faster. -CNET Newsreports on the Feds using a bugged keyboard to snag a Philadelphia mobster who was using PGP. I've been telling clients for years that thisis a significant risk. In most cases it's much easier to do a "black bag" job on a target and install key monitoring software or hardware (or even hide a wireless CCD camera positioned to transmit what's being typed on the keyboard or appearing on the screen), than deal with strong encryption. Although the risk of discovery is obviously higher than a TEMPEST intercept, the lower cost and fewer required technical skills make this a much more likely attack option.
Introduction to this Site
If you're even vaguely familiar with intelligence, computer security, or privacy issues, you've no doubtheard about TEMPEST. Probably something similar to the above storyline. The general principle is thatcomputer monitors and other devices give off electromagnetic radiation. With the right antenna and receiver, these emanations can be intercepted from a remote location, and then be redisplayed (in the case of a monitor screen) or recorded and replayed (such as with a printer or keyboard).TEMPEST is a code word that relates to specific standards used to reduce electromagnetic emanations.In the civilian world, you'll often hear about TEMPEST devices (a receiver and antenna used to monitor emanations) or TEMPEST attacks (using an emanation monitor to eavesdrop on someone). While not quite to government naming specs, the concept is still the same.TEMPEST has been shrouded in secrecy. A lot of the mystery really isn't warranted though. While significant technical details remain classified, there is a large body of open source information, that when put together forms a pretty good idea of what this dark secret is all about. That's the purpose of this page. The following is a collection of resources for better understanding what TEMPEST is. And no, I seriously don't think national security is being jeopardized because of this information. I feel to a certain extent, the "security through obscurity" that surrounds TEMPEST may actually be increasing the vulnerability of U.S. business interests to economic espionage. Remember, all of this is publicly available. A fair amount has come from unclassified, government sites. References marked with an (O) are reported dead links. These pages may be temporarily or permanently unavailable. Dead links are left for reference sake (you may want to check the main domain name or do further searching). It's interesting to note the number of military sites that now report404 - Not Found or Forbidden Request errors for certain documents.The site content is listed below. There are three pages in addition to this one.Introduction provides detailed background info on TEMPEST.Sources provides links to hardware manufacturers, software vendors, and specific government documents.
Note: As you start viewing TEMPEST info, you likely will run into vague or confusing acronyms. A great Net resource is the Acronym Finder site.
Joel McNamara - joelm @ eskimo dot com (spam filter)
Original page - December 17, 1996 - Last update March, 2004