Re: [TSCM-L] {4569} STU-III Key Leakage [REPOST]

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]

From: Bruce Nelson <tomm..._at_gmail.com>
Date: Wed, 23 Jun 2010 17:56:00 -0400

Jim, Did I miss the posting for the link to the STU-III leakage presen= tation? I had thought you were going to post that at sometime. Many t= hanks!

Bruce

On Thu, Jan 21, 2010 at 8:32 PM, James M. Atkins= on <jm...@tscm.com> wrote:

I have a STU-III Exploit present= ation, one for STEs where I cover their weaknesses, vulnerability points, a= ttack surfaces, and prior successful attacks and exploits against them.<= br>
The presentation is currently online, and I (or one of my associates) w= ill post the link address in few month or so.

-jma

p.s.: = Attached is the cipher key (the whole key, not just the CIK) leakage of a S= TU-III, at a distance of 10 meters due to a Blackberry being present close = to the STU. The trace on the top is the gating signal (derived from the tes= t equipment), and trace trace on the top is the actual leakage of the key t= hat was picked up over the air riding on a Blackberry carrier signals. This= is why TEMPEST is so important, and why you need to keep a cell phone a si= gnificant distance from encryption equipment. In this case the Blackberry w= as 30 cm away from the STU-III for the test, but realistically you can do t= his with a BB that is 3 meters away. Remember, a spy is only looking for bi= ts and pieces of data from which they can derive an idea of the big picture= . When they get a high amount of data they appreciate it, but they are also= happy with fragments. When you have a Blackberry or other digital cell pho= ne within several meters of a STU or STE you allow the spy to collect the f= ragments they are seeking, and often far more then fragments.

--
You received this me= ssage because you are subscribed to the Granite Island Group "TSCM-L P= rofessionals List" group which is the oldest, and the largest TSCM gro= up on Earth. To post to this group, send E-Mail to TSCM-...@googlegroups.com, to co= ntact the list owner and moderator please send an E-Mail message to jm...@tscm.com.

This group is sponsored by Granite Island Group to improve the professi= on of hunting spies, and to educate the security industry in the craft of t= echnical counter-intelligence. Granite Island Group performs bug sweeps lik= e it's a full contact sport; we take no prisoners, we don't play fa= ir, and we give no quarter. Our professional goal is to simply, and complet= ely stop the spy.

Granite Island Group Offers World Class, Professional, Ethical, and Com= petent Bug Sweeps, and Wiretap Detection using Sophisticated Laboratory Gra= de Test Equipment.

--0016e6d77c6f8075030489b99a3f-- Received on Sat Mar 02 2024 - 00:57:28 CST

This archive was generated by hypermail 2.3.0 : Sat Mar 02 2024 - 01:11:46 CST