Log in

No account? Create an account
Adventures in Engineering
The wanderings of a modern ronin.

Ben Cantrick
  Date: 2008-10-20 15:47
  Subject:   I, for one, plan to arm myself against our future robot masters.
  Tags:  reddit

1 Comment | Post A Comment | | Link

Ben Cantrick
  Date: 2008-10-20 17:15
  Subject:   Keyboards subject to TEMPEST snooping, duh.
  Tags:  slashdot

Wired keyboards emit electromagnetic waves, because they contain eletronic components. These eletromagnetic radiation could reveal sensitive information such as keystrokes. Although [previous work] already tagged keyboards as risky, we did not find any experiment or evidence proving or refuting the practical feasibility to remotely eavesdrop keystrokes, especially on modern keyboards.

To determine if wired keyboards generate compromising emanations, we measured the electromagnetic radiations emitted when keys are pressed. To analyze compromising radiations, we generally use a receiver tuned on a specific frequency. However, this method may not be optimal: the signal does not contain the maximal entropy since a significant amount of information is lost.

Our approach was to acquire the signal directly from the antenna and to work on the whole captured electromagnetic spectrum. We found 4 different ways (including the Kuhn attack) to fully or partially recover keystrokes from wired keyboards at a distance up to 20 meters, even through walls. We tested 11 different wired keyboard models bought between 2001 and 2008 (PS/2, USB and laptop). They are all vulnerable to at least one of our 4 attacks.



If the information on your computer is so amazingly top-secret that you're worried about this kind of thing, I wouldn't go buying tempest-shielded monitors and keyboards and so on. A much more cost-effective way is to just build a Faraday cage room and keep the computer inside. This gives you both physical security and EM radiation security.
Post A Comment | | Link

Ben Cantrick
  Date: 2008-10-20 23:52
  Subject:   Developing Flash (Actionscript 2) with only open-source tools.
  Tags:  reddit

swfmill and mtasc are free, open-source tools you can use to create SWFs.

- mtasc is the Motion Twin ActionScript 2.0 compiler, which is an extremely fast compiler with some nice features. If you want the benefits of AS3, you could use haXe or the flex sdk from adobe instead (but I heavily recommend you use mtasc and AS2 first, it's easier).

- swfmill is a tool that, among other things, allows you to set up library resources and place clips that you can then access from ActionScript, using a simple XMLish format.


Kongegrate is trying to crowd-source Flash games. Neat idea.
12 Comments | Post A Comment | | Link

May 2015