Cyphernomicon Top
Cyphernomicon 11.6

Surveillance, Privacy, And Intelligence Agencies:
Surveillance Methods and Technology


   11.6.1. (some of this gets speculative and so may not be to
            everyone's liking)
   11.6.2. "What is TEMPEST and what's the importance of it?"
           - TEMPEST apprarently stands for nothing, and hence is not an
              acronym, just a name. The all caps is the standard
              spelling.
           - RF emission, a set of specs for complying
           - Van Eyck (or Van Eck?) radiation
           + Mostly CRTs are the concern, but also LCD panels and the
              internal circuitry of the PCs, workstations, or terminals.
             - "Many LCD screens can be read at a distance. The signal
                is not as strong as that from the worst vdus, but it is
                still considerable. I have demonstrated attacks on Zenith
                laptops at 10 metres or so with an ESL 400 monitoring
                receiver and a 4m dipole antenna; with a more modern
                receiver, a directional antenna and a quiet RF
                environment there is no reason why 100 metres should be
                impossible." [Ross Anderson, Tempest Attacks on Notebook
                Computers ???, comp.security.misc, 1994-08-31]
   11.6.3. What are some of the New Technologies for Espionage and
            Surveillance
           + Bugs
             + NSA and CIA have developed new levels of miniaturized
                bugs
               - e.g., passive systems that only dribble out intercepted
                  material when interrogated (e.g., when no  bug sweeps
                  are underway)
               - many of these new bugging technologies were used in the
                  John Gotti case in New York...the end of the Cold War
                  meant that many of these technologies became available
                  for use by the non-defense side
               - the use of such bugging technology is a frightening
                  development: conversations can be heard inside sealed
                  houses from across streets, and all that will be
                  required is an obligatory warrant
             + DRAM storage of compressed speech...6-bit companded,
                frequency-limited, so that 1 sec  of speech takes
                50Kbits, or 10K when compressed, for a total of 36 Mbits
                per hour-this will fit on a single chip
               - readout can be done from a "mothership" module (a
                  larger bug that sits in some more secure location)
               - or via tight-beam lasers
             + Bugs are Mobile
               - can crawl up walls, using the MIT-built technology for
                  microrobots
               - some can even fly for short distances (a few klicks)
           + Wiretaps
             - so many approaches here
             - phone switches are almost totally digital (a la ESS IV)
             - again, software hacks to allow wiretaps
           + Vans equipped to eavesdrop on PCs and networks
             + TEMPEST systems
               + technology is somewhat restricted, companies doing this
                  work are under limitations not to ship to some
                  customers
                 - no laws against shielding, of course
             - these vans are justified for the "war on drugs" and
                weapons proliferation controle efforts (N.E.S.T., anti-
                Iraq, etc.)
           + Long-distance listening
             - parabolic reflectors, noise cancellation (from any off-
                axis sources), high gain amplification, phoneme analysis
             - neural nets that learn the speech patterns and so can
                improve clarity
           + lip-reading
             - with electronically stabilized CCD imagers, 3000mm lenses
             - neural net-based lip-reading programs, with learning
                systems capable of improving performance
           - for those in sensitive positions, the availability of new
              bugging methods will accelerate the conversion to secure
              systems based on encrypted telecommunications and the
              avoidance of voice-based systems
   11.6.4. Digital Telephony II is a major step toward easier
            surveillance
   11.6.5. Citizen tracking
           + the governments of the world would obviously like to trace
              the movements, or at least the major movements, of their
              subjects
             - makes black markets a bit more difficult
             - surfaces terrorists, illegal immigrants, etc. (not
                perfectly)
             + allows tracking of "sex offenders"
               - who often have to register with the local police,
                  announce to their neighbors their previous crimes, and
                  generally wear a scarlet letter at all times--I'm not
                  defending rapists and child molesters, just noting the
                  dangerous precedent this is setting
             - because its the nature of bureaucracies to want to know
                where "their" subjects are (dossier society = accounting
                society...records are paramount)
           + Bill Stewart has pointed out that the national health care
              systems, and the issuance of social security numbers to
              children, represent a way to track the movements of
              children, through hospital visits, schools, etc. Maybe even
              random check points at places where children gather (malls,
              schools, playgrounds, opium dens, etc.)
             - children in such places are presumed to have lesser
                rights, hence...
             - this could all be used to track down kidnapped children,
                non-custodial parents, etc.
             - this could be a wedge in the door: as the children age,
                the system is already in place to continue the tracking
                (about the right timetable, too...start the systme this
                decade and by 2010 or 2020, nearly everybody will be in
                it)
             - (A true paranoid would link these ideas to the child
                photos many schools are requring, many local police
                departments are officially assisting with, etc. A dossier
                society needs mug shots on all the perps.)
           - These are all reasons why governments will continue to push
              for identity systems and will seek to derail efforts at
              providing anonymity
           + Surveillance and Personnel Identification
             + cameras that can recognize faces are placed in many
                public places, e.g., airports, ports of entry, government
                buildings
               - and even in some private places, e.g., casinos, stores
                  that have had problems with certain customers, banks
                  that face robberies, etc.
             + "suspicious movements detectors"
               + cameras that track movements, loitering, eye contact
                  with other patrons
                 + neural nets used to classify behvaiors
                   - legal standing not needed, as these systems are
                      used only to trigger further surveillance, not to
                      prove guilt in a court of law
                 - example: banks have cameras, by 1998, that can
                    identify potential bank robbers
                 - camera images are sent to a central monitoring
                    facility, so the usual ploy of stopping the silent
                    alarm won't work
               - airports and train stations (fears of terrorists),
                  other public places
   11.6.6. Cellular phones are trackable by region...people are getting
            phone calls as they cross into new zones, "welcoming" them
           - but it implies that their position is already being tracked
   11.6.7. coming surveillance, Van Eck, piracy, vans
           - An interesting sign of things to come is provided in this
              tale from a list member:  "In Britain we have 'TV detector
              Vans'. These are to detect licence evaders (you need to pay
              an annual licence for the BBC channels). They are provided
              by the Department of Trade and Industry. They use something
              like a small minibus and use Van Eck principles. They have
              two steerable detectors on the van roof so they can
              triangulate. But TV shops have to notify the Government of
              buyers - so that is the basic way in which licence evaders
              are detected. ... I read of a case on a bulletin board
              where someone did not have a TV but used a PC. He got a
              knock on the door. They said he appeared to have a TV but
              they could not make out what channel he was watching!
              [Martin Spellman, <mspellman@cix.compulink.co.uk>, 1994-
              0703]
           - This kind of surveillance is likely to become more and more
              common, and raises serious questions about what _other_
              information they'll look for. Perhaps the software piracy
              enforcers (Software Publishers Association) will look for
              illegal copies of Microsoft Word or SimCity!   (This area
              needs more discussion, obviously.)
   11.6.8. wiretaps
           - supposed to notify targets within 90 days, unless extended
              by a judge
           - Foreign Intelligence Surveillance Act cases are exempt from
              this (it is likely that Cypherpunks wiretapped, if they
              have been, for crypto activities fall under this
              case...foreigners, borders being crossed, national security
              implications, etc. are all plausible reasons, under the
              Act)
 

Next Page: 11.7 Surveillance Targets
Previous Page: 11.5 Surveillance in Other Countries

By Tim May, see README

HTML by Jonathan Rochkind