[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[FYI] (Fwd) French InfoSec Initiative

------- Forwarded message follows -------
Date sent:      	Thu, 16 Mar 2000 15:59:20 -0500
To:             	cryptography@c2.net
From:           	John Young <jya@pipeline.com>
Subject:        	French InfoSec Initiative

Yesterday France initiated a new information security
administration whose aim is to counter the panoply of
digital threats involving economic espionage, cryptology, 
TEMPEST, snooping, PW snarfing, DDoS, Echelon and 
a few that are new to me:


It recounts a bit of research carried by the predessor
agency, SCSSI, on a variety of digital intrusions, some of
which are worth reading to get up to speed on what is
not yet on the market, and may be indications of what
is in use by intel agencies not yet public.

No doubt, there are some here who will find nothing
new, but if that's the case why have we not been briefed
on unpublished threats to vigorous dissidence.

A small example: emissions of IR devices such as those
used to carry signal from keyboard to box, or box to 
peripherals, can be picked up and broadcast by unintential 
antennas like cables and other metal objects in the vicinity, 
and deliver exact copies of what is being typed at a
"spying-configured screen" distances much further away
than the RF signals themselves travel. This includes data
that never appears on the screen of the originating system.

This is a variation on the TEMPEST threat, to be sure,
but I had not seen the the case of amplication of IR signals.
What is the method for TEMPEST-proofing IR devices?

------- End of forwarded message -------