PDA

View Full Version : Van Eck phreaking



Govtcheez
03-04-2002, 08:49 AM
It's talked about a lot in the book I'm reading (Cryptnomicon, still)... Basically, it sounds like using an ultra sensitive device to read the bits that are displayed the computer screen and determine what the person is doing by decoding those bits. I was wondering: is it actually possible? It sounded a little farfetched, but possible...

shtarker
03-04-2002, 08:51 AM
I don't get it.
Why not just take a look at the screen?

Govtcheez
03-04-2002, 08:56 AM
This way it can be done remotely (guess I didn't realy make it clear)

Ex:
In the book, one of the main characters is put into prison on a bogus charge. Since he has friends with money, they bribe the cops to get hime into a nicer cell and be allowed to use his computer. The desk that's given to him is a file cabinet that's curiously bottom heavy, presumably so that the authorities can spy on what he's working on...

shtarker
03-04-2002, 09:17 AM
Well I'm always getting paranoied about people spying on what I do. Normally thats directed at hackers however . . . .

Deckard
03-04-2002, 09:29 AM
I'm not an expert on the subject, but I can shed a little light on it.

Take a quick look at the back of your monitor. Most have a small label mandated by your government's communications authority (the FCC here in the states). The reason that label is there is your monitor puts out a modest amount of radio interference. The bits being sent to your monitor end up being broadcast over RF.

With the right equipment and some very favorable conditions, the data being emitted from your monitor can be read by a remote computer. A year or two ago, l0pht had an article where the author built such a device for his laptop from parts he obtained at Radio Shack and went around southern California snooping the airwaves from his car. He wrote he had the most luck around local government offices (police departments and county clerks).

I'm sure Google could reveal the gritty details on the concept.

Govtcheez
03-04-2002, 09:32 AM
Wow... That's pretty scary - I'll check google later - I don't think people here at work would look too favorably on me doing searches on "phreaking", esp. witht he types of sites it'd bring up...

> A year or two ago, l0pht had an article

What's that?

Brian
03-04-2002, 11:59 AM
Originally posted by Govtcheez
It's talked about a lot in the book I'm reading (Cryptnomicon, still)... Basically, it sounds like using an ultra sensitive device to read the bits that are displayed the computer screen and determine what the person is doing by decoding those bits. I was wondering: is it actually possible? It sounded a little farfetched, but possible...

Yeah if you go to big computing companies, or the MOD or CIA, most of the places with computers in them have metal grids on the windows (like a microwave has on it's door) to stop the radiation escaping [No, these aren't to stop burglars]. Stops people spying.

Deckard
03-04-2002, 12:06 PM
Originally posted by Govtcheez
> A year or two ago, l0pht had an article

What's that? "L0pht Industries" was a really great security site which has since changed to '@stake security'. The guys at l0pht not only reported exploits, but published the gritty details so anyone could validate the exploit. In fact, they found a lot of exploits on their own.

The guys at l0pht weren't big on scruples; they were only interested in exposing flaws in computer security. They wrote Jack Ripper (brute force password cracker) as well as Back Orifice, and numbers of articles where they tried to build hacks based on things which were 'theoretically possible', such as the Van Eck phreaking. It wasn't enough for the writers to speculate at l0pht; they actually went through the trouble of proving (or disproving) theories.

l0pht.com was, arguably, the most technically informative site on the web for a number of years.

novacain
03-05-2002, 12:43 AM
I couldn't believe their password cracker was/is shareware.

Wireless is the new wave of phreaking. Here uses similar freq to TV remotes ect.

I know one government department who had a hacker enter thru wireless and steal internet access. They only found him a year later, nothing said as it was not something they want to go public (that they have no security / audits and don't bother to install any).