Академический Документы
Профессиональный Документы
Культура Документы
spoilers: every electronic device you own is screaming its name into the infinite void
How to evaluate our own devices for compromising radio emissions using simple and cheap equipment!
Radio emissions?
Electronics naturally generate radio interference. It can leak information about the machines state
Yes.
Everyone who just giggled at the word "dongle" is uninvited from the secret club. Nope, sorry, too late. No take-backs.
Elonics E4000 - this one is really good FC0013B - not as good but I got a crate of ten of them for $100! Including antennas and a CD I wouldn't dare install.
You can get ANYTHING on Ali Express! Even HUMAN HAIR. And radios.
http://www.guardian.co.uk/world/interactive/2013/jun/20/exhibit-b-nsa-procedures-document
You need to know how to test if your mitigations are effective It's the most fun you can have with a $10 radio and not get arrested*
IS IT LEGAL?
Yes, no, maybe so? Laws regarding radio receivers vary vastly and are an utter quagmire.
BUT it turns out that simply receiving is mostly passive-ish. Unlike that messy transmitter business.
Nonetheless, I would never, ever advocate carelessly flouting your local laws. Ever.
IS IT LEGAL? "Scanning receivers and frequency converters designed or marketed for use with scanning receivers... shall be incapable of bla bla bla look don't tune into cell phone stuff okay"
(that's a quote)
http://www.gpo.gov/fdsys/pkg/CFR-2010-title47-vol1/xml/CFR-2010-title47vol1-sec15-121.xml
LET'S GET DANGEROUS I'll show you the following slides live, but I gotta put it in as screenshots in case the pink laptop catches fire again between now and then. Demo demons, you know.
(there is always a false spike at the center of the currently viewed region with these cheap SDRs)
spikes ahoy!!!
moving the antenna, it blows the radio station out of the sky
Accounting for jitter, the spikes are between 32 and 33 khz apart
Those are the probable bounds to look for the leaked signal of the LCD
Screens sometimes even when theyre off Touchscreen capacitive fields Physical button presses The color of status LEDs Microphones Hard drive activity RAM So actually just everything
Splorts caused by loading Chrome with a zillion tabs on my Macbook Air - visible across a wide chunk of bandwidth
Here is a wireless mic leaking all over the place. I would like to note that there was informed consent...
Could an adversary with knowledge of my preferred toys and proper equipment pinpoint me in a crowd? YES.
Even if I turn off wifi and bluetooth.
My personal tests show that it is not 100% effective but it makes a dramatic difference
Snipping off the power cable may improve its faraday cage properties.
My first attempt at faraday cage testing was foiled by six feet of shielded USB cable on the OUTSIDE of the microwave door.
BE PROACTIVE
You can use even the cheapest SDRs to evaluate your risk or to scan your area for electronics others may be using to record you without your consent. In the process you will learn more than you ever wanted to know about the radio signals that surround you every day outside of AM and FM radio stations!
device inside microwave oven with SDR dongle and antenna- USB cable kept to minimum length outside of microwave
BE PROACTIVE
Windows: use SDR# OSX and Linux: use GQRX Or write command-line utilities with the rtlsdr library and the pretty radical Python bindings These links are on the CD
BE PROACTIVE
The US government has its own standards for being resistant to this kind of attack - you can find them linked from the TEMPEST Wikipedia page http://en.wikipedia.org/wiki/TEMPEST Correlated emissions are bad. The government knows this and so should you. Ask your landlady about copper shielding! :)
Now you know why all security researchers are a bit twitchy Well Ill never feel safe again
Hey... I can pick up the police radio from here... it isnt encrypted
@0xabad1dea thats a zero, x, and one I need more followers than my hex nemesis @0xcharlie