Dave Del Torto (ddt@pgp.com)
Wed, 18 Mar 1998 00:09:12 -0700
I believe/hope this is the reference post on the Soft Tempest project at
Cambridge.
According to Ross A, it would seem that this Burgess fellow at the Post
wrote a convenient story designed to shock. Troubling with bothersome
things like accuracy is not conducive to making deadlines.
The "Tempest fonts" sound pretty interesting. I can also see where
radiating _public_ keys might be useful.
There are some potential ethical questions, but only if the government gets
hold of this stuff. Even then...
dave
................................. cut here .................................
To: ukcrypto@maillist.ox.ac.uk
Subject: The story of Soft Tempest
Date: Sun, 08 Feb 1998 15:09:40 +0000
From: Ross Anderson <Ross.Anderson@cl.cam.ac.uk>
Bruce Sterling, and others, have asked of the Washington Post story
[see below]:
> Is this story correct?
The Washington Post gives a highly distorted account of some very
important scientific work we have done. I suggest that list members read
our paper -- <www.cl.cam.ac.uk/~mgk25/ih98-tempest.pdf> -- for themselves
before getting carried away.
The story is as follows. Bill G gave our department $20m for a new
building, and his people said that what they really wanted from our group
was a better way to control software copying. So it would have been
rather churlish of us not to at least look at their `problem'.
Now the `final solution' being peddled by the smartcard industry (and
others) is to make software copying physically impossible, by tying
program execution to a unique tamper-resistant hardware token. We wouldn't
like to see this happen, and we have already done a lot to undermine
confidence in the claims of tamper-proofness made by smartcard salesmen.
So Markus and I sat down and tried to figure out what we could do for the
Evil Empire. We concluded that
(1) large companies generally pay for their software;
(2) if you try to coerce private individuals, the political backlash
would be too much; so
(3) if the Evil Empire is to increase its revenue by cracking down on
piracy, the people to go after are medium sized companies.
So the design goal we set ourselves was a technology that would enable
software vendors to catch the medium-sized offender -- the dodgy freight
company that runs 70 copies of Office 97 but only paid for one -- while
being ineffective against private individuals.
We succeeded.
In the process we have made some fundamental discoveries about Tempest.
Army signals officers, defence contractors and spooks have been visibly
flabberghasted to hear our ideas or see our demo.
In the old days, Tempest was about expensive hardware -- custom equipment
to monitor the enemy's emissions and very tricky shielding to stop him
doing the same to you. It was all classified and strictly off-limits to
the open research community.
We have ended that era. You can now use software to cause the eavesdropper
in the van outside your house to see a completely different image from
the one that you see on your screen. In its simplest form, our technique
uses specially designed `Tempest fonts' to make the text on your screen
invisible to the spooks. Our paper tells you how to design and code your
own.
There are many opportunities for camouflage, deception and misconduct.
For example, you could write a Tempest virus to snarf your enemy's PGP
private key and radiate it without his knowledge by manipulating the
dither patterns in his screen saver. You could even pick up the signal on
a $100 short wave radio. The implications for people trying to build
secure computer systems are non-trivial.
Anyway, we offered Bill G the prospect that instead of Word radiating the
text you're working on to every spook on the block, it would only radiate
a one-way function of its licence serial number. This would let an
observer tell whether two machines were simultaneously running the same
copy of Word, but nothing more. Surely a win-win situation, for Bill and
for privacy.
But Microsoft turned down our offer. I won't breach confidences, but the
high order bit is that their hearts are set on the kind of technology the
smartcard people are promising -- one that will definitively prevent all
copying, even by private individuals. We don't plan to help them on that,
and I expect that if they field anything that works, the net result will
be to get Microsoft dismembered by the Department of Justice.
Meantime we want our Soft Tempest technology to be incorporated in as many
products as possible -- and not just security products!
So to Rainier Fahs, who asked:
> If these rumors are true, I guess we will face a similar discussion on
> free availability in the area of TEMPEST equipment. Does privacy
> protection also include the free choice of protection mechanism?
I say this: our discovery, that Tempest protection can be done in software
as well as hardware, puts it beyond the reach of effective export control.
So yes, you now have a choice. You didn't before,
Ross Anderson
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
http://www.washingtonpost.com/wp-srv/WPlate/1998-02/07/060l-020798-idx.html
British Technology Might Flush Out Software Pirates
By John Burgess
Washington Post Foreign Service
Saturday, February 7, 1998; Page H01
CAMBRIDGE, England=97 It's a technique that intelligence agencies have
used for years: Park a van filled with monitoring gear near an embassy
and listen for the faint radio signals that computers routinely emit when
they are on. Analyze those signals for clues to the data that are on the
computers.
Now researchers at the University of Cambridge, home of groundbreaking
work in intelligence over the years, are trying to adapt this technology
to the fight against software piracy. With special code written into
software, they say, computers could be made to broadcast beacons that
would carry several hundred yards and identify the software they were
running, complete with serial numbers of each copy.
Vans run by anti-piracy groups could pull up outside a company's office
and count the number of software signals emanating from it. If, say, 50
beacons for a particular title were detected but the company had licensed
only two copies of the software, that could become evidence on which a
court would issue a search warrant.
Ross Anderson, a University of Cambridge lecturer who is overseeing the
project, said the idea originated last year when Microsoft Corp. Chairman
Bill Gates visited the university after his private foundation announced
a $20 million donation to the school. Gates told officials that, among
other things, he would love the university to come up with new anti-piracy
techniques.
So far, Microsoft isn't enthusiastic about the university's approach,
Anderson said. "They have some reservations. Obviously there are Big
Brother aspects," he said. A Microsoft spokeswoman said the company has
no plans to adapt the technology.
Emilia Knight, a vice president at BSA Europe, a trade group that combats
software piracy, said such an anti-piracy system might be technically
feasible. But she noted many practical questions on the legal side, such
as how the system would differentiate between companies pirating software
and those legally using multiple copies of programs.
Knight said that concerns of privacy and consumer rights might make the
system a no-go for industrialized countries. But in places like Eastern
Europe, she suggested, where piracy is rampant and there is no tradition
of such protections, the software signal detectors might be acceptable.
Richard Sobel, a political scientist who teaches at Harvard University
and researches privacy issues, called it "an appalling idea."
"If the technology is there to identify what software people are using,
there's the prospect to figure out what people are doing. ... It sounds
like a horrible violation of privacy," Sobel said.
In Britain, however, it might seem less controversial. Here authorities
have long used similar techniques to ferret out people who fail to pay
the annual license fee of about $150 that the law requires for each TV
set in the country.
Cruising the streets here are vans carrying equipment that can detect
emissions from a TV set's "local oscillator," the part that turns a
station's signal into a picture. If the gear senses a TV set inside a
house from which there is no record of a license payment, this is used as
evidence to levy fines.
The system also can tell what channel people are watching because the
oscillator gives off a slightly different signal for each one.
Anderson's researchers have built a prototype that can detect the type of
software running on a machine from short range -- the hallway outside the
room where the computer is running. Anderson said they are ready to build
prototype hardware with a longer range, at a cost of about $15,000-$30,000
-- if the lab can find a customer. So far, none has stepped forward.
=A9 Copyright 1998 The Washington Post Company
The following archive was created by hippie-mail 7.98617-22 on Fri Aug 21 1998 - 17:16:04 ADT