Forgot your password?
typodupeerror
United States Privacy

NYT: NSA Put 100,000 Radio Pathway "Backdoors" In PCs 324

Posted by Unknown Lamer
from the do-you-trust-your-data-center? dept.
retroworks writes "The New York Times has an interesting story on how NSA put transmitters into the USB input devices of PCs, allowing computers unplugged from the Internet to still be monitored, via radio, from up to 8 miles away. The article mainly reports NSA's use of the technology to monitor Chinese military, and minor headline reads 'No Domestic Use Seen.' The source of the data was evidently the leak from Edward J. Snowden."
This discussion has been archived. No new comments can be posted.

NYT: NSA Put 100,000 Radio Pathway "Backdoors" In PCs

Comments Filter:
  • Where are they? (Score:5, Interesting)

    by RMH101 (636144) on Wednesday January 15, 2014 @09:51AM (#45964289)
    Genuine question - where are these devices? Has any physical evidence of them been detected? Has anyone found one? I'm not sceptical that they did it, I think it's entirely possible. I'm just curious if there's any physical evidence that's been found yet...?
    • by L3sT4T (856344)
      And to this I'd like to add: Pics or it didn't happen /endsarcasm
    • by aeranvar (2589619)
      This is speculation, but I bet this is some variant on the Cottonmouth model bug [arstechnica.com] we saw a couple of weeks ago. How many people - even organizations like the Chinese military - are going to disassemble their USB cables and ports? If you're going to go to that far, you might as well build the device yourself out of off the shelf parts.
    • Re:Where are they? (Score:5, Informative)

      by sking (42926) on Wednesday January 15, 2014 @10:03AM (#45964427) Homepage Journal

      According to TFA, a tiny transceiver can be built into the plastic plug base of a USB cord. Of course, one has not been spotted in the wild, but it sounds theoretically possible.

    • Re:Where are they? (Score:5, Insightful)

      by ledow (319597) on Wednesday January 15, 2014 @10:03AM (#45964433) Homepage

      I agree - however, there is the question of "who did they use them on?" and also that they were basically DESIGNED not to be detected.

      Most people who they targeted probably were arrested or they never even thought they were a target. In that case they can recover their hardware.

      The number of devices compromised is likely to be very small as a percentage of the devices out there. Almost certainly neither you or I have one of these devices in our kit. If we did have, how often have you popped open every keyboard/mouse/usb stick you own to make sure there's not something else in there that wasn't supposed to be?

      And if they are in collusion with even a single manufacturer to produce a compromised device, then you may never know about the devices hidden functions until you do a chip-analysis of everything inside the device (probably involving decapping and analysing the whole thing which can take years and decades of expertise).

      As such, it's unlikely you will ever see one, even with everyone on the Internet looking. That's also what I would expect if they were doing their job properly (or else these things would be discovered quickly and be useless to them).

      Much more importantly - if this is true, and we even if we start to use only trusted hardware, this is just more reason to have more "open" machines.

      Who knows what's inside a chip on your particular computer, even if it looks very similar to a mass-market item, if they could have got their hands on it and/or been the ones supplying it to you?

      • by RMH101 (636144)
        That's kind of my thinking - that they would have to replace a discrete part within the laptop - possibly a motherboard, more likely a daughterboard or mini PCI device like a wifi card. If you replace the motherboard you'd have to deal with BIOS serial numbers etc which would be a PITA. The only way I can see this working is if it were done at a component level. Presumably the device would need to be connected to a data bus, e.g. USB/SATA? Or memory?
      • If they were really careful, it was packaged with an acid capsule, corrodes beyond analysis when opened, and can be remotely triggered to open the capsule with a hot-wire - obscuring the nefarious bits while preserving the expected functions. Might look like water damage or poor cleaning at the factory if it were ever opened.

    • . . . not in mine! My laptop is wrapped in tinfoil, so they can't radio transmit a device into it!

      • by JoeMerchant (803320) on Wednesday January 15, 2014 @11:33AM (#45965423) Homepage

        It (the tinfoil) is supposed to go around your head too... the bit that most people fail to do is close the faraday cage - it needs to be a complete enclosure to work.

      • by bug1 (96678)

        You better be careful that tinfoil isnt shaped like an antenna.

        To fix that you just need to make sure the tinfoil is eathed properly, but then you also need to make sure they arent doign anything tricky wit hthe earth leakage current.

        Also, the NSA might be monitoring EM radiation from your external power supply.

        I suggest you make tinfoil glasses and earplugs, ignorance is bliss.

    • by TWX (665546)
      We were discussing this last night on boingboing, and I shared an equal skepticism.

      The basic conclusions were:
      • A collaborator would be needed to install the device.
      • An antenna could masquerade in the form of a USB cable.
      • Municipal distances would be a problem, but eight miles is achievable with consumer-grade ham radio hardware.
      • There are means to avoid such devices working, if an IT department is security-conscious and takes steps to disable USB ports and plug-n-play services.

      I'm still skeptical, mai

      • Re:Where are they? (Score:5, Interesting)

        by SuricouRaven (1897204) on Wednesday January 15, 2014 @10:17AM (#45964585)

        " mainly because a simple frequency scanner would allow one to detect the presence of transmissions by the device"

        Burst transmission. Buffer data for days, then send it all in a burst of under a minute. Nothing to detect unless the counterintelligence people are monitoring continually or get very lucky. It's old tech, dating back to the pre-IC days. Bugs back then did it by recording onto a magnetic tape. When the tape reached the end it turned on the transmitter and re-wound at high speed. The listeners then just had to play it back slowed-down and backwards to recover the original audio.

      • We were discussing this last night on boingboing, and I shared an equal skepticism. The basic conclusions were:

        • A collaborator would be needed to install the device.
        • An antenna could masquerade in the form of a USB cable.
        • Municipal distances would be a problem, but eight miles is achievable with consumer-grade ham radio hardware.
        • There are means to avoid such devices working, if an IT department is security-conscious and takes steps to disable USB ports and plug-n-play services.

        I'm still skeptical, mainly because a simple frequency scanner would allow one to detect the presence of transmissions by the device, and because concealing an antenna, even in the form of a USB cable, would be difficult. If the cable is cut-off, then it would be massively obvious with a simple look underneath, and it would be difficult to manufacture a functioning USB cable that contained a radio and antenna. There was talk of manufacturer collaboration, especially against organizations that develop security (tampering with new-manufacture to replace components on the motherboards essentially) but that seems like it would be extraordinarily difficult to achieve without employees of the manufacturers questioning why they're going through so much effort to do this. We'll just have to see what comes of it. I'm genuinely curious if we'll ever see any actual evidence or not.

        1. 1. Build a minature radio transmitter powered by 5V
        2. 2. Insert transmitter into USB keyboard or mouse
        3. 3. Find some incredibly complicated and unlikely means of attaching keyboard or mouse to computer
        4. 4. Discover boing boing isn't populated by brain surgeons, electronic engineers and rocket scientist?

        Not in the catalogue, but extremely do-able, develop a small device that'll run off a USB power supply and will create a secret channel using DC over the AC supply, embed device in mouse or keyboard... That's al

      • by AHuxley (892839)
        Re A collaborator would be needed to install the device.
        That could just be a shipment of normal looking computer parts, spares, upgrades that spent a few extra hours at a 'regional' hub during postage.
        Re There are means to avoid such devices working, if an IT department is security-conscious and takes steps to disable USB ports and plug-n-play services.
        You can close up the port so no usb device can be plugged in but the port will still 'send' via radio.
        Re simple frequency scanner.. mb the NSA ensures t
      • by bug1 (96678)

        A lot of mobiles come with Radio receivers, so in theory the NSA could use the backdoors they have in phones that are known to be nearby (from GPS) to syncronise receiving with the burst transmission.

        Use the phones bandwidth to send the data home.

    • Re:Where are they? (Score:5, Informative)

      by AHuxley (892839) on Wednesday January 15, 2014 @10:29AM (#45964729) Homepage Journal
      The device as a layer of physical hardware in a USB device has been posted as a pic as part of the COTTONMOUTH I and II effort.
      http://www.dailytech.com/Tax+and+Spy+How+the+NSA+Can+Hack+Any+American+Stores+Data+15+Years/article34010.htm [dailytech.com] (scroll down for the slide)
      What it sends out to?
      The usual new spy "rocks" or some other "network"
      http://rt.com/usa/spy-rocks-lockheed-usa-771/ [rt.com]
      http://www.theguardian.com/world/2012/jan/19/fake-rock-plot-spy-russians [theguardian.com]
      • by RMH101 (636144)
        Great post. Thanks. Somehow seeing the internal advertising for these devices and unit costs etc makes it even scarier. The radar-illuminated VGA reading device is astonishing.
      • It looks like we're past whistleblowing and on to the compromise of intelligence methods.

    • by rvw (755107)

      Genuine question - where are these devices? Has any physical evidence of them been detected? Has anyone found one? I'm not sceptical that they did it, I think it's entirely possible. I'm just curious if there's any physical evidence that's been found yet...?

      Intel Core vPro [intel.com] with anti theft capability? I read a while ago that these processors have a complete OS on board, with working GPRS, but I can't find that article anymore.

    • Re:Where are they? (Score:5, Informative)

      by mdragan (1166333) on Wednesday January 15, 2014 @10:44AM (#45964913)
      This devices are listed in the leaked "NSA Toolbox Catalog" document, that was reported in this Spiegel article:
      http://www.spiegel.de/international/world/catalog-reveals-nsa-has-back-doors-for-numerous-devices-a-940994.html [spiegel.de]

      Some pictures:
      Cottonmouth-I, USB spying device
      http://www.spiegel.de/static/happ/netzwelt/2014/na/v1/pub/img/USB/S3223_COTTONMOUTH-I.jpg [spiegel.de]
      Cottonmouth-II, USB spying device
      http://www.spiegel.de/static/happ/netzwelt/2014/na/v1/pub/img/USB/S3223_COTTONMOUTH-II.jpg [spiegel.de]
      Cottonmouth-III, USB spying device
      http://www.spiegel.de/static/happ/netzwelt/2014/na/v1/pub/img/USB/S3223_COTTONMOUTH-III.jpg [spiegel.de]
      Firewalk, ethernet spying device
      http://www.spiegel.de/static/happ/netzwelt/2014/na/v1/pub/img/USB/S3223_FIREWALK.jpg [spiegel.de]
      Ragemaster, monitor cable spying device
      http://www.spiegel.de/static/happ/netzwelt/2014/na/v1/pub/img/Bildschirm/S3224_RAGEMASTER.jpg [spiegel.de]

      There's many more in that cataloge, including software and hardware tools and devices.
    • by gmuslera (3436)

      Maybe some of them were bought online and then intercepted by NSA to install that hardware [theverge.com]. There is plenty of evidence that they are doing that kind of things, including a catalog [spiegel.de], but not a lot of reports [reuters.com] that show how they are actually doing it.

      Now, that the actual number of devices with those radios is around 100000 could be an outdated number (50k in 2008 and 85k in 2012 according to Snowden documents, and maybe 100k by now according to other sources), and anyway, seems that be considered by them an o

    • You're right to be skeptical; the headline is nonsense.

      Article indicates that the NSA has used "some quantity" of these radio devices, and has in addition planted 100,000 software bugs on computers across the world. Run it through the slashdot submission process, and that becomes "NSA plants 100,000 radio spy kits in your kitchen computer"

      Im at the point where I assume any article about the NSA was written by someone who doesnt understand or care about the actual issues, and is just looking to fan the flam

    • by poetmatt (793785)

      I would fail to find that relevant at all. 100% sidetrack.

      You have both the fairly significant difficulty of having to find them in the first place, and the fact that most people are simply not going to go through that effort as well. The problem is you can't simply quantify or guarantee that you *do* have them, but you also cannot guarantee that you do not. The fact that the NSA has explicit documentation showing that they use these tactics however, guarantees that security is compromised by the NSA - and

  • I'd like to know how they did that. Especially with a transmitter *inside* the computer...
    • by TWX (665546) on Wednesday January 15, 2014 @10:10AM (#45964503)
      Well, if a computer is poorly shielded that might not be all that hard. Handheld 5W ham radios can go much more than that distance on 2m, and lower frequencies can go much further. When the weather allows it, a 5W 2m transmission can go dozens or even a hundred miles, and in especially unusual weather conditions a friend of mine in California managed to talk with someone in Hawaii, once.

      So, while inside a case it might not go 20 miles to cover a whole city, I could see being able to reach 8 miles, depending on how intelligently the system was designed in order to reduce the chances of being discovered. The other downside is that strong radio transmissions can interfere with things including speakers, which might make them obvious if not handled correctly.
      • Lower frequencies require large antennas, and even on 2m, the device is sort of obvious. Ditto for 5W of extra power draw. If your supposedly EM-compatible PC or a similar device is emitting multiple watts in the VHF spectrum and you don't notice that, you fully deserve what you got.

        Honestly, I think the most efficient way of having the machine communicate with the attacker (especially if the attacker is NSA) is through some sort of TCP/IP based side channel. Low bandwidth, perhaps, but much less obvious.

        • by TWX (665546)
          I think the point of using radio is for air-gapped PCs that are air-gapped for security. This would preclude using regular computer networking methods.
        • 8 miles over the air would set off any self-respecting bug sweeper in the building.

          I wonder if this was more of an operational spec, 8 miles total, but with relays between computer and data extraction point...

      • by fostware (551290)

        The other downside is that strong radio transmissions can interfere with things including speakers, which might make them obvious if not handled correctly.

        And people complain about the CirrusLogic and RealTek on-board audio buzzing because of bad grounding... Maybe the buzz isn't grounding at all...

    • by alen (225700) on Wednesday January 15, 2014 @10:13AM (#45964533)

      the signal will go that distance, the trick is having a receiver sensitive enough to pick it up

      • If the transmitter is on the ISS, the signal will go much more than that distance, and receiver sensitivity is not the big trick - discrimination from other signals and noise is.

    • I'm surprised there's even a limit. Think about it for a while... the USB device only has to receive. Their transmitter can be as powerful as they want, so that's not a problem. To send data back, either the USB can store what it needs and be picked up later... or, it can infect the computer and use it to transmit. If it has ANY wifi capability, they can use that to transmit, and even if it doesn't I'd imagine there's all sorts of nifty tricks they could do like varying current draw in pulses to send a sign

  • wait a second.... (Score:5, Insightful)

    by datapharmer (1099455) on Wednesday January 15, 2014 @09:54AM (#45964331) Homepage
    Ok, so I get the whole whistle blower thing but isn't this what the NSA is supposed to be doing? Spying on Americans is ok to get fussy about but why was this leaked and why doesn't the NYT realize that this actually does set back U.S. intelligence? Are they also going to release a story detailing what the Chinese are doing to spy on US from leaked Chinese intelligence?
    • by langelgjm (860756) on Wednesday January 15, 2014 @10:07AM (#45964481) Journal

      The NSA claims that it doesn't steal trade secrets from foreign companies in order to give US businesses a competitive edge. I suspect they are lying, given that it seems like they lie about everything, and that we already have reason to suspect they are lying about this in particular. [bbc.co.uk]

      However, the implication is that it would be wrong or immoral for them to do so (unlike the French or Chinese who have no such qualms). E.g., in the article, we read:

      At that session, Mr. Obama tried to differentiate between conducting surveillance for national security — which the United States argues is legitimate — and conducting it to steal intellectual property.

      It goes on to quote Peter Singer saying that for the Chinese, economic advantage is part of national security.

      Maybe the Chinese are right. And here's the thing - the U.S. already behaves as if securing economic advantages for our domestic industry is a critical interest. In trade negotiations, we ram our IP laws down the throats of every other country while dangling our domestic market in front of them, all the while never actually liberalizing agriculture at home. I don't understand why it's acceptable for us to promote our domestic businesses through trade diplomacy, but somehow it becomes unacceptable to do so through spying.

      In my mind, we are trying to accomplish the same thing as the Chinese, just via a different means (or probably, via both means). Yet we criticize them as if we are somehow morally superior in the way we do it.

      • by FriendlyLurker (50431) on Wednesday January 15, 2014 @10:45AM (#45964925)

        FTFA: Leaked documents show: "the program, code-named Quantum, has also been successful in inserting software into... trade institutions inside the European Union"

        NSA propaganda reply: "Vanee Vines, an agency spokeswoman, said in a statement. 'We do not use foreign intelligence capabilities to steal the trade secrets of foreign companies on behalf of — or give intelligence we collect to — U.S. companies to enhance their international competitiveness or increase their bottom line.' "

        The NSA really go out of their way to deny Industrial espionage, yet they have been caught targeting trade institutions in the EU. Yeah, I also suspect the NSA is lying as usual. From past marketing releases they really try to downplay Industrial Espionage as their motivation, which probably means it is their #1 bread and butter function.

    • by neoform (551705)

      Does it not seem strange to you that you're ok with spying on others, but you're not ok with spying on you?

      So spying on China is ok, what about other countries? Can we spy on Canadians? They're not American, so I guess that's a yes?

      • Re: (Score:2, Flamebait)

        by Above (100351)
        More importantly, if it's ok for the US to spy on China, then it's A-Ok for China to spy on the US. Right? Good thing none of our electrics are made in a country that might want to spy on us and controls industry so they can hide spy tech inside of it easily. Wait, uh, oops.
      • Well that is their mandate, whether or not I am ok with spying on others is irrelevant. Theoretically if a majority of Americans determine that this isn't ok we can disband the NSA altogether, but the problem with Spying on Americans is that spying on Americans in direct contradiction to their mandate and therefore there is no working check or balance on their power thus circumventing the Republican Democracy (under the argument that "we the people" empowered elected representatives to establish the NSA but
    • by c0lo (1497653)

      Ok, so I get the whole whistle blower thing but isn't this what the NSA is supposed to be doing? Spying on Americans is ok to get fussy about but why was this leaked and why doesn't the NYT realize that this actually does set back U.S. intelligence? Are they also going to release a story detailing what the Chinese are doing to spy on US from leaked Chinese intelligence?

      The problem with security by obscurity: one never knows when the adversary manages to shed a light into the obscure and start exploting the backdoor without your knowledge.

      The implication: how would you like ... (if you feel so strong to cast them into an adversary, be it)... the Chinese Intelligence to discover that backdoor by themselves and start spying on you from 8 miles away? Or spy on some computers in universities running some defense research? (you got the gist... I hope). How do you know it haven'

    • Americans (Score:4, Interesting)

      by Anonymous Coward on Wednesday January 15, 2014 @10:35AM (#45964797)

      Ok, so I get the whole whistle blower thing but isn't this what the NSA is supposed to be doing? Spying on Americans is ok to get fussy about

      As an European, I don't care if US authorities spy on US citizens, that would be their own internal business. But I find it quite offensive that US spies on Europeans, in order to protect US interests. EU should really stand up and announce that such spying is totally unacceptable, any person caught to be part of such will serve serious jail time, diplomatic immunity or not. And any country caught doing so shall loose all diplomatic privileges inside EU, and have their embassies searched for more evidence (with a proper search warrant, of course).

      I wouldn't mind if EU would also ground all flights and money transfers to/from the US for a few days. It would underline how seriously we view the matter, and make it clear for all Americans that we can no longer trust their government.

      • Re:Americans (Score:5, Informative)

        by geoffrobinson (109879) on Wednesday January 15, 2014 @10:56AM (#45965027) Homepage

        News flash: Europeans spy on American companies.

        • Re:Americans (Score:4, Insightful)

          by Njovich (553857) on Wednesday January 15, 2014 @11:18AM (#45965231)

          I'm from the Netherlands. Are you saying my government is spying on IBM and Microsoft? This is like being caught robbing a bank with an assault rifle, and then saying it's alright, because everyone steals something sometimes, 'Danny from down the road stole a piece of chocolate too!' or such. Newsflash for you: Most intelligence agencies spy on things that they believe are actual threats to their security. They don't go mass-intercept Facebook traffic in foreign countries of innocent people.

          Now, I'm sure that intelligence agencies here do things they shouldn't do sometimes. And there are also a handful of other countries doing really shitty stuff from their intelligence agencies. I suggest we try to stop all of the wrongdoings, rather than just point and say 'they do it too!'

        • by ewieling (90662)
          Are you saying it is OK for Americans to spy on European companies because Europeans to spy on American companies? By that logic I am allowed kill someone because other people are doing it.
      • You realize of course what you are proposing is effectively a declaration of war against nearly every major power, essentially stating that diplomatic relations should be severed with the United States, China, Russia and even other EU member states.
    • It says clearly int he article they are using these devices against the European Union, which we have treaties with that ban this sort of thing. Your argument is like the dude at the highschool party telling the cops "Well everyone else was drinking!" Just because we suspect our government was doing illegal/immoral things, and just because other government are doing illegal/immoral things, does not mean we should just roll over and say "Oh well, I guess that's how the world works" Instead we should use this

  • Wouldn't the USB driver have to be compromised as well?
    • No, if the device is a keyboard, it knows what keys you pressed, and can send that directly. Transmitting over 12 km is extremely impressive if true, and could be useful for civil purposes.

      • by ledow (319597) on Wednesday January 15, 2014 @10:07AM (#45964487) Homepage

        I'm dubious about the distance but remember that they are TARGETTING their devices.

        As such, they could be on a roof 12km away with a whole array of receivers pointed to within inches of the radio source, and so 12km isn't as insane as it sounds. But it doesn't mean they have a commercially viable tech that others don't.

        Pringles tins on wireless dongles - the range can be immense, and if you are good at antenna design, it can get insane. If you know to within-an-inch where you're supposed to be pointing at and/or can trigger it to do a one-off high-powered transmit to download information (by a similar one-off high-powered transmit from a distance), then it's not all that impossible.

        But you're not going to see another 802.11 wireless revision out of their work. It's a whole different ball game.

        • by AHuxley (892839)
          It really depends on how the word distance is measured and presented. The distance covered by a few self networking, powered hidden devices near the complex, building of interest could get a weak signal out and then back to a friendly embassy roof over 12km via 'hops'.
          The tech has a range of "12km", the hops, boosting, re encoding, bursts, storage, time shifting via linked devices could be just as creative to ensure any signal is really tricky to find with most known scanners.
  • Even though they've already lied about the range of their activities, their scope and depth, their capabilities, their intent, and their mandate.

    Of course, this is spy stuff, you're supposed to lie about that.

    Which is exactly why no one believes your assurances NSA.

    You have too much power. No transparency, no oversight, no limits. You will destroy our country with Edward Snowdens who are not virtuous, but motivated by corruption and other agendas: political, mostly. You can't say that won't happen, it *always* happens, to every institution of your size and breadth, because you're made of fallible human beings. Proof: Edward Snowden. You think he is the last? You think the next one will be motivated by noble principles?

    That is why you must be decimated and pried into and monitored. Hopefully, legislatively and via execute order. And soon. For the sake of the legitimacy of our government, which your dealings cast into doubt.

  • by the_other_chewey (1119125) on Wednesday January 15, 2014 @10:10AM (#45964505)
    I don't doubt the existence of physical bugs, but the claimed scale
    of 100k devices in the field isn't supported by the article.

    They infected 100k machines with software, most of them remotely.
    (In that case, I consider the claimed number to be rather low even.)

    It's right there in the first two paragraphs of TFA:

    The National Security Agency has implanted software in nearly 100,000 computers around the world that allows the United States to conduct surveillance on those machines and can also create a digital highway for launching cyberattacks.

    While most of the software is inserted by gaining access to computer networks, the N.S.A. has increasingly made use of a secret technology that enables it to enter and alter data in computers even if they are not connected to the Internet

    • by j35ter (895427)
      What, you actually read TFA? You silly one, you....
    • by AHuxley (892839)
      A company or gov buys a part for an air gapped network.
      The NSA sends hardware with a new tiny circuit boards or altered USB hardware via the post.
      Staff install and run the hardware, noting their system works as normal and no new changes to any of their OS.
      From that one infection the 'huge' hidden 'network' might get infected later and report back just like any time delayed malware expect its a hop via an unexpected radio network.
      Impress the US gov staff and oversight committees with impressive "software
    • The easy MO is to to just hand out the USB devices at mil trade shows in China or Iran and other places where enemy officials will be. if 1% get inserted into a gov computer or sensitive target, that would be a great return on investment. It's not like this has to be targeted in any way.

  • So the only way to do this is get some sort of intercept from the manufacturer->seller/reseller->mail/postman. It looks like everybody is in cahoots with them.
  • Back a couple of decades ago, this was supposed to be possible remotely by monitoring RF output from those noisy, leaky VGA ports. Never saw a demonstration from 8 miles away, just across the street or from a van on the street. No special hardware in the computer, just the right gear to listen to the RF leaking all over the place.

    Sorry for no link, Google is full of connecting HDMI to VGA stuff these days.
    • By monitor I mean see what was on screen. I do not recall any demonstration of being to remotely manipulate input, data, etc.
    • by crow (16139)

      Yes. Here's the link.

      http://en.wikipedia.org/wiki/Tempest_(codename) [wikipedia.org]

      In theory, there is still some signal from modern LCD monitors, but it's much harder to pick up than the old CRTs. The same technology could be used to determine what a CPU is doing or any other electronic component, but, again, it's very difficult to get a strong enough signal at a distance to make use of it.

      • The thing I was remembering was the RF coming from the port itself, no matter if anything was plugged in or not. Saw them do the sniffing of laptops with open VGA ports too.
        • The CRT was a lot stronger source than just the VGA port but yes either of them (HDMI for that matter) are vulnerable to vanEck phreaking.

          • Yes, in some of those old reports, if memory serves, the big point was that your laptop is still vulnerable even if it is not connected to a CRT.
    • by blueg3 (192743)

      The link [wikipedia.org] you're looking for.

      Most people know of this from having read Cryptonomicon.

  • Okay, so you implant a small wireless device in the connector of a USB cable. No problem - it doesn't take a genius to realize that is a trivial engineering task in this day and age. So now you have a cable that still must work as a cable connecting the computer to whatever USB device is on the other end (printer?), because obviously if the device doesn't work as normal the cable will be replaced. So the secret interface in the cable can't be an actual USB network device. Nor can it even be a USB drive. In

    • by AHuxley (892839)
      Its the "bus" and way back into the computer hardware. Not all electronics is a one way 'push' of data down to a port, printer. Some of the end user "interfaces" are nice and complex and can really talk back up into the OS, CPU, wireless hardware.
      e.g. 'Hardening hardware and choosing a #goodBIOS" at 30c3
      http://www.youtube.com/watch?v=2VvR-vsdMlQ [youtube.com] at ~ 29 mins in
  • by Anonymous Coward on Wednesday January 15, 2014 @10:20AM (#45964635)

    Does the hardware have good Linux drivers?

  • How long is it going to be before paper and pen communication become most popular again?
  • by the_B0fh (208483) on Wednesday January 15, 2014 @10:32AM (#45964763) Homepage

    The bigger question is - what's a good bug detector nowadays! The sub-$100 are worthless, and the over $1k models - who can really tell what's good and what's not?

  • This cat wasn't going to stay in the bag very long.

    For all of the folks screaming on about this revelation being damaging to national security, I would recommend a 10 minute introductory read on RF. There really is no hiding RF transmissions, particularly when you're trying to transmit through buildings and over long distances. Even with FHSS, random burst, or other masking techniques, RF is easily detected with widely available equipment. Any foreign rival with a modicum of competence has already disc
  • To reach a distance of 8 miles one would have to be transmitting a significant amount of power - probably in the range of several watts. From that, a lot of heat would be generated, and it would be unlikely to go unnoticed.

    Assuming that the usb cables were used as antennae, it is also likely that the radiation pattern is for shit, so I find the claim of an 8 mile range to be highly suspect, absent an extremely high gain receiver antenna and a clear line of sight.

    Nevermind the 500mA USB limit on *most* lapto

    • by AHuxley (892839)
      The first hop might be low powered, e.g. out of the building, later local small devices might boost, store, use common background wireless methods to send the data on.
  • by nimbius (983462) on Wednesday January 15, 2014 @11:09AM (#45965157) Homepage
    to date, while most slashdotters have been accustomed for some time to the governments radio pathways implanted in their teeth, the idea that somehow these same menacing devices may have found their way into the basement and, god forbid, into the VAX or Altair is truly terrifying.
  • How do you make a radio signal hidden of covert? Yes, some spread spectrum techniques make it appear to be just noise, but even so if you sweep in the near field you should be able to detect that something is going on. This might work for soft targets, but for any really secure location it should be detectable pretty easily.

    Forty years ago I worked in a secure facility that was subject to random TEMPEST sweeps at frequent intervals. Even though I was never told what they were doing one look at the equi
  • So, this article is saying that the NSA has hardware that must be physically installed or connected to a computer that allows them to interact with said computer 8 miles away? What's the big deal with that? There is a whole host of things I can do if you let me have physical access to your computer.

    Seriously, I don't see an issue here, nor do I see anything ground breaking. Yes, wireless devices are getting smaller and smaller, I've seen extremely small blue tooth adapters, WiFi adapters and even key logg

  • Solution (Score:3, Funny)

    by freax (80371) on Wednesday January 15, 2014 @11:40AM (#45965495) Homepage

    Translucent USB cables and connectors.

  • "In most cases, the radio frequency hardware must be physically inserted by a spy, a manufacturer or an unwitting user."

    NO, in ALL cases this radio must be inserted. Honestly if you are a tech journalist and dont know crap about technology, please quit and go flip burgers. I am so tired of these "journalists" that colleges are pumping out.

What this country needs is a good five cent microcomputer.

Working...