Dunno about this specific app or attack, but I have long been
intrigued that while US/Western TEMPEST electronic security focuses on
mitigating the passive electromagnetic (EM) emanations from computer and
communications equipments -- and shielding other devices that may capture,
transmit, or otherwise echo the pattern of those emanations --what I know of
Soviet/Russian/Eastern Bloc technical intelligence indicates they
successfully used more active *EM* attacks on Western equipment and NATO
sites.
The Russians, in particular, are reputed to rely heavily upon a
technical attack which uses focused radio or radar waves fired at a target
site... and then somehow recovered in such a way that the local EM (within
the target site) attenuates the initial signal.
Digital processing reportedly allowed KGB technicans to retrieve
(and presumably sort) both CRT and low-bandwidth (e.g. keyboard) emanations
and interpret them successfully.
I don't think this technology is likely to have fallen into the
hands of Hong Kong hackers, but these days, who knows?
I would normally bow to Dave's savvy and experience and he suggests
that the cellular link is probably just a hidden channel for transmission to
the outside... but I'm not so certain this time. Clearly a cell phone could
not be adapted as an infinity bug, where an outsider could call in and
remotely activate the phone. Why not for EM eavesdropping?
If you didn't have to worry about recieving incoming calls -- if the
bug went live on a time, for instance -- you'd have a (tune-able) radio
receiver in the cell phone, a modulator in the modem, and a robust (analog)
transmission channel which might briefly escape detection. With a little
hardware hacking, I think the cellular form-factor could carry a viable threat.
Since I presume the whole purpose of the Blondes' campaign is simply
to tweak those in authority, as opposed to real espionage, leaving
jury-rigged cellphones in government offices (coupled with interviews in
sympathetic media in which they claim exotic technical achievements) is
probably enough to spook the Chinese government and bleed some bureaucrats.
If that was their goal, I'll bet they were successful;-)
_Vin
-------------------------------------
John Young <[EMAIL PROTECTED]> asked:
>> Last summer World Net Daily published an article on
>> a hacker group called "Hong Kong Blondes" in which
>> the hackers claimed that compromising electromagnetic
>> emanations from computer equipment could be acquired
>> up by cellular modems.
>>
>> Can cellular modems be used for this purpose? If so,
>> what is involved in setting them up for it?
>>
>> Here's the article excerpt:
>>
>> As time progressed, members of the Hong
>> Kong Blondes leadership told WorldNetDaily
>> they began actually to install codes within the
>> PLA computer mainframes. By using cellular
>> modems, they were able to monitor the
>> electromagnetic signals emitted by PLA
>> computers by remote means. The Blondes even
>> planted transmitters within the offices of the
>> Chinese government,
At 02:56 PM 3/27/00 -0500, Dave Emery wrote:
>
> Whils I have no direct knowlage of what was done, my reading of
>this text is that a cellphone and modem was covertly placed inside the
>offices of the Chinese government and dialed up by someone on the
>outside to retrieve data. In this application the cellphone and
>cellular modem represented a means of transporting information acquired
>inside a computer complex (perhaps by TEMPEST technology) to someone on
>the outside. As such the cellular modems were not being used to
>intercept signals from the computers involved, but rather serving just
>as a means of transporting the fruits of such an interception to a place
>where it could be conveniantly processed, read and stored.
>
> Aside from using a cellular modem to decode the transmission of
>another cellular modem, I know of no way to use them as TEMPEST
>intercept devices and rather doubt they would be useful for that
>purpose.
>
>--
> Dave Emery N1PRE, [EMAIL PROTECTED] DIE Consulting, Weston, Mass.
>PGP fingerprint = 2047/4D7B08D1 DE 6E E1 CC 1F 1D 96 E2 5D 27 BD B0 24 88
C3 18
>
>
