FITUG e.V.

Förderverein Informationstechnik und Gesellschaft

French InfoSec Initiative

------- Forwarded message follows ------- Date sent: Thu, 16 Mar 2000 15:59:20 -0500 To: cryptography@c2.net From: John Young <jya@pipeline.com> Subject: French InfoSec Initiative

Yesterday France initiated a new information security administration whose aim is to counter the panoply of digital threats involving economic espionage, cryptology, TEMPEST, snooping, PW snarfing, DDoS, Echelon and a few that are new to me:

http://cryptome.org/dcssi.htm

It recounts a bit of research carried by the predessor agency, SCSSI, on a variety of digital intrusions, some of which are worth reading to get up to speed on what is not yet on the market, and may be indications of what is in use by intel agencies not yet public.

No doubt, there are some here who will find nothing new, but if that's the case why have we not been briefed on unpublished threats to vigorous dissidence.

A small example: emissions of IR devices such as those used to carry signal from keyboard to box, or box to peripherals, can be picked up and broadcast by unintential antennas like cables and other metal objects in the vicinity, and deliver exact copies of what is being typed at a "spying-configured screen" distances much further away than the RF signals themselves travel. This includes data that never appears on the screen of the originating system.

This is a variation on the TEMPEST threat, to be sure, but I had not seen the the case of amplication of IR signals. What is the method for TEMPEST-proofing IR devices?

------- End of forwarded message -------

Zurück