The 'Security Digest' Archives (TM)

Archive: About | Browse | Search | Contributions | Feedback
Site: Help | Index | Search | Contact | Notices | Changes

ARCHIVE: Rutgers 'Security List' (incl. - Archives (1990)
DOCUMENT: Rutgers 'Security List' for January 1990 (36 messages, 35837 bytes)
NOTICE: recognises the rights of all third-party works.


Date:      2 Jan 90 19:31:46 GMT
From:      [email protected] (Charlene Charette)
Subject:   bill changers
We got into a discussion at work the other day and I thought that this would be
the place to get an answer.  Just how does a vending machine or bill changer
determine what bill you've inserted?  Some change 1's or 5's.  How does it tell
the difference between bills?

--Charlene Charette

Date:      2 Jan 90 22:05:56 GMT
From:      [email protected] (Thomas Neudecker)
Subject:   Yale Pin Tumbler Padlock
About 25 years agos I came across a Yale Towne Pin Tumbler padlock.  It is a
cast iron lock with a brass bar and cylinder.  The key is a thin aluminum stock
with a 5 character number imprinted.I believe that the lock - lock series -
was once used by the rail roads.  One of my two keys was broken last week by
someone trying to open the lock by twisting the key.  After calling several
locksmiths I found no one interested in finding a blank or milling a copy.

Does any one have any info about this padlock.  Is the key blank restricted?


Tom Neudecker
Carnegie Mellon

Date:      4 Jan 90 01:51:46 GMT
From:      [email protected] (Joe Marshall)
Subject:   forging documents with a laser printer
Forged court documents would be too easy to detect and rather
difficult to pass.  Would you give me your car if I showed you a court
order that said you had to?  The same is true for prescriptions:  No
one needs 5000 Qualudes.  Letters of credit can be easily verified by
telephoning the issuing party.

I would think that the market for forged Motor Vehicle documents would
be very lucrative.  I would imagine that forged negotiables would also
be popular.  Forged identity papers would be useful, too.

I can think of 3 techniques that are commonly used to hinder forgery.
First, the medium for the document can be hard to obtain.  Second, the
use of paper documents can be eliminated.  Third, the penalties for
getting caught using forged documents can be increased.

There are problems with these techniques.  Increasing penalties is
laughable:  "Hey Mike, don't do that!  It's against the law!"
Making the medium hard to obtain means that governments and big
businesses can make verifiable documents, but you can't.  Eliminating
paper altogether generally means putting all the data in a safe place
like a Unix box.

I think an approach that used encryption to make digital signatures
would be terrific.  Then individuals could make verifiable documents
without compromising their privacy.  In order to do this we would need
to provide access to encryption to everyone.


Date:      4 Jan 90 02:32:16 GMT
From:      [email protected] (Kelly Goen)
Subject:   Re: without wires...
>My GRiD is "tempest shielded", which means you can't spy on me this way.

 HA HA HA!!! ever hear of a preamp??? attached to an induction pickup coil...
 or possibly one of those cute DECO or info unlimited xmitters
wired internally to the serial port of your keyboard...TEMPEST also
depends on GOOD physical security of your environment... otherwise
it is indeed quite bypassable!!!
p.s. I looked at the TEMPTEST shielded GRIDS... managed to make a 
NICE measurement on my FSM!!!grin!!

Date:      7 Jan 90 23:02:34 GMT
From:      [email protected] (Kevin Parris)
Subject:   A different kind of privacy

 >employees have any rights when it comes to using the company computer for
 >personal reasons?

Those activities are, for employees of the State of South Carolina, classified
as misappropriation of government resources.  While I have not heard of any
actual cases, if such things are "noticed" by management, they constitute
grounds for disciplinary action, including termination.

Kevin Parris == ...!usceast!uscacm!12.5!Kevin.Parris

Date:      8 Jan 90 16:26:52 GMT
From:      [email protected] (Jeremy J. Epstein)
Subject:   Re: UNIX Security, X/OPEN, Orange Book
> 1)      I've heard about Agreements or standards the X/OPEN-Foundation
>         published on this topic.

Don't know about X/OPEN, but POSIX has a working group (P1003.6) which
is defining security requirements.

There are two rated UNIX systems: Gould (now Encore) has a C2 system
called UTX/32S (achieved rating about 3 years ago) and AT&T System V/MLS
which achieved B1 rating a couple of months ago.

There are two vendors who specialize in making UNIX systems secure:
	SecureWare (Atlanta Georgia)
	Addamax (Champaign Illinois)
Each has worked with several vendors to make B1 versions of their commercial
offerings.  AT&T also licenses their System V/MLS to other vendors for
incorporation into UNIX systems.  Sun has SunOS/MLS which is aimed at
B1.  Trusted Information Systems (TIS) has a B2 version of XENIX.
Finally, AT&T is developing a new UNIX system aimed at B2 or B3
(I don't remember which), but it's a major new effort which will become
System V Release 4 Version 1, sometime in late 1990 or early 1991.

Besides all these, TIS is building a prototype B3 version of Mach, which
is related to (but NOT the same as) UNIX.

Not all of these systems have been submitted for evaluation.  In particular,
Secureware, Addamax, and TIS XENIX have been; AT&T has passed; Sun and TIS
TMach are not even in the pipeline as far as I know.  Some of the integrated
systems (i.e., integrations of SecureWare, Addamax, or AT&T with the
vendor) have been submitted to the NCSC, but I don't know which ones.

Remember, anyone can claim security; unless it's rated by the NCSC
(National Computer Security Center) or some equivalent body in another
country, it's just talk.

Jeremy Epstein
TRW Systems Division
[email protected]
+1 703-876-4202

Date:      9 Jan 90 13:41:00 GMT
From:      [email protected]
Subject:   PS2 Security and Physical Security
>Broken covers should be taken as evidence of compromised data.

Presumably these caveats apply to almost all computer security threats,
including theft of encrypted data (where the intrusion can also introduce
a latent key-grabber in many situations).

This is not to criticize Mr. Murray for reminding us -- just to iterate
that data security almost always depends on physical security.

Larry Kilgallen

Date:      10 Jan 90 01:01:01 GMT
From:      [email protected] (Bob Sutterfield)
Subject:   Re: GNU and security

   I must admit to dismay at having Stallman call someone else
   "careless", when the GNUmacs makefile hides a umask in a tar pipe
   to install everything with 777 protections.

That's a very careful implementation of Stallman's attitude toward
security.  If someone else has a different attitude, they had better
be similarly careful.  If they didn't watch to see that they were
implementing their attitude, then they were careless.

No, I don't agree with Stallman on security. Yes, it surprised me too.

Date:      10 Jan 90 03:53:00 GMT
From:      [email protected] (phil servita)
Subject:   Re:  GNU and security

   I must admit to dismay at having Stallman call someone else
   "careless", when the GNUmacs makefile hides a umask in a tar pipe to
   install everything with 777 protections.

777 is one heck of a lot different than 4777...

Date:      11 Jan 90 00:36:52 GMT
From:      [email protected] (Thomas Lapp)
Subject:   RE: FACSCARD
We use the same type of system for buildings on our site.  In talking
with someone in security, I found out that they are also known as
"chest readers" or "butt readers", since people can put their chest (with
card in shirt pocket) or butt (with card in wallet in back pocket) up
against the reader.  I've often seen employees just put the whole
wallet up to the reader and it works fine. ;-)

                         - tom
internet     : [email protected]  or  thomas%[email protected]
uucp         : {ucbvax,mcvax,psuvax1,uunet}!udel!mvac23!thomas
Europe Bitnet: [email protected]
Location: Newark, DE, USA                          
Quote   : Virtual Address eXtension.  Is that like a 9-digit zip code?

Date:      11 Jan 90 04:15:20 GMT
From:      [email protected] (Homer)
Subject:   Re: Electronic-key Radar Detection Protection

     How often does a hot car stereo get stolen from the guy who bought
it, and how often does the twice stolen stereo get sold to a second guy
only to be stolen again.

     Does hot equipment just keep making the rounds?

Date:      16 Jan 90 00:27:56 GMT
From:      [email protected] (Don Faatz)
Subject:   Re: Privacy
A recent court decision held that conversations on cordless telephones are
not subject to "expected privacy" as are conversations on telephones with
cords. Hence, police can simply LISTEN to cordless telephone conversations
and make arrests based on the conversation. This, in principle, seems fine
since one literally BROADCASTS one's conversation with  a cordless phone - 
but what of the person on the other end of the call - he/she has no apriori
knowledge of the _cordlessness_ of the callers phone. Does this other person
unknowingly surrender his right of privacy ....

<Don Faatz - Systems Engineer, RPI CSLab [email protected] (518)276-2860

Date:      16 Jan 90 02:47:09 GMT
From:      [email protected] (mark)
Subject:   I beleive some do ...
I have heard that .... I thought it was Volvo, but I could be wrong... some
major auto company equips their car stereos with a 'key' that WILL NOT come
out if the stereo is hocked, and it won't work without the 'key'(immediately)

[email protected]

Date:      18 Jan 90 09:28:00 GMT
From:      [email protected] ("Kees de Groot, Computer Systems Security")
Subject:   responses on a question about books on security: thanks to all!
At the end of November in 1989 I sent a message on the above
subject to the security-list. I have appended the responses
to the original message for your interest.
Thank you for your response!

Subj:   Request for info on student-security-course

Course on security
        Security implies a lot of things like defending
        against malfunctional apparatus, viruses, fraudulous
        people etc. For all these threats there are a lot of
        measures like making regularly backups, double or
        triple system-configurations and anti-virus
        software. Also a good deal of thinking has to be
        done to make your organisation internally secure.

        There are a lot of books covering most of these
        subjects. In my opinion security is a very important
        subject to be taught to students.

        1. Are there any books covering security in such a
           way that the book can be used for a course on the

        2. Are there security courses for students and if so
           what subjects are covered?


>From: "Charles P. Pfleeger" <[email protected]>
Subject: Security textbooks
To: [email protected]

There are three books that I would consider using to teach a course in
computer security (which, incidentally, I did for several years while
on the faculty of The University of Tennessee).  The books are Lance
Hoffman's Modern Methods for Computer Security (Prentice-Hall, 1977--
very dated), Dorothy Denning's Cryptanalysis and Data Security
(Addison Wesley, 1982--somewhat dated, rather narrowly focused,
although excellent within that focus), and my Security in Computing
(Prentice Hall, 1989).  Without trying to give an obviously-biased
review, let me just mention that it covers encryption and cryptography
as a fundamental (but certainly not the only) tool in providing
security; studies problems and solutions for providing security in the
design of programs, operating systems, database management systems,
and networks; and covers risk analysis, physical and administrative
protection, legal issues and ethical issues.  If you will contact your
local Prentice-Hall representative, or write to Prentice-Hall in
Englewood Cliffs NJ 07632 USA (there is also a european sales office,
but I do not have the address), I am sure you can get a copy for your

>From: Ommang <harald%[email protected]>

I'm currently taking a class from Dr. Richard A. Kemmerer at UCSB, and
we use this book : Charles P. Pfleeger "Security in Computing", Prentice
Hall 1989. ISBN 0-13-798943-1.

I think the book is pretty good. Kemmerer has also used lots of papers on the
topic in his class.  SOme of the topics covered : Terminology (trojan horse,
trap door, worm, virus, denial of service etc.) Security principles (least
privilege, economy of mechanism, complete mediation, separation of privilege,
etc.)  Security models and principles (Bell-LaPadula, Integrity, Take-Grant,
Lattice and ono-interference).  Security mechanisms (capabilities, access
control lists, authentication mechanisms, secure attention key etc)
Protection techniques (penetration analysis, info flow analysis, covert
channel analysis etc)  Encryption (monoaplphabetic, polyalphabetic, rotors,
DES, Hill, etc).

Hope this is of some help to you !


>From:   [email protected] (MORRIE GASSER, 508-264-5055, DTN 293-5055)

I saw your request for a book that could be used for a computer security
course.  My book has been used in a number of courses...

Title:     Building a Secure Computer System
Author:    Morrie Gasser
Publisher: Van Nostrand Reinhold Co., New York.
ISBN No.:  0-442-23022-2

  U.K.:   Van Nostrand Reinhold at
          International Thomson Publishing Services Ltd,
          North Way, Andover, Hants SP10 5BE.

          # 26.95

  U.S.:   Van Nostrand Reinhold Co.
          P.O. Box 668
          Florence, Kentucky 41042

          Mail order phone:  606-525-6600


>From:   IN%"[email protected]" 12-DEC-1989 13:04:16.63

Dear Kees
We have just completed our thesis work on Computer Security in the
Department of Computer Engineering and Informatics at the University
of Patras,Greece.We admit that we faced a lot of difficulties in
finding adequate bibliography and references on this subject (which
shows how an important subject it is!).We believe that one of the best
books on Computer Security is "Cryptography and Data Security" by
Dorothy Elizabeth Denning,published by Addison-Wesley,ISBN 0-201-10150-5.
We supply a sample of the book's contents:
-ENCRYPTION ALGORITHMS (transposition,substitution,product(DES),exponential,
                knapsack ciphers).
-CRYPTOGRAPHIC TECHNIQUES (block and stream ciphers,endpoints of encryption,
                key management)
-ACCESS CONTROL (access matrix model,authorization lists,capabilities,take-
                grant systems).
-INFORMATION FLOW CONTROLS (lattice model,execution based and compiler based
                mechanisms,program verification).
-INFERENCE CONTROL (statistical database model,inference control mechanism,
                methods of attack (trackers etc),methods of defence
                (statistic restriction,noise addition etc)).
This book was published in 1982.If it looks out of date to you,we recommend
"Proceedings of the IEEE Symposium on Security and Privacy".These are the
procedings of an annual symposium on computer security,containing all the
recent work on the subject.We used the 1988 symposium proceedings,IEEE
Ctalogue Number 88CH2558-5,ISBN 0-8186-0850-1.Also you can find related
papers on the following magazines:
-ACM PRESS SIGSAC REVIEW (published 4 times a year).
-CRYPTOLOGIA (journal on cryptography).
In our opinion,this subject can be taught to students that have elementary
knowledge of operating systems,computer networks,databases and a good
mathematical background (i.e. information theory,number theory,complexity
We wonder if you could keep us informed on the progress of your cources,
since we are faced with similar problems (we are preparing a Computer
Security course to be taught next year in our department).Also if you
have (or received) any further recommendations on the subject,please
forward them to us.
                                                CHARLES CAMEAS
                                                PANOS FITSILIS


Mr. de Groot,
        One excellent text on the subject is SECURITY IN COMPUTING,
C. P. Pfleeger, Prentice-Hall, Englewood Cliffs, New Jersey (1989).
It is my understanding that this material was taught by the author
while he was a professor in the Computer Science Dept. at The University
of Tennessee.  The author is currently working in private industry
as a computer security professional.


                                        Lloyd F. Arrowood
                                        Oak Ridge National Laboratory

Disclaimer:  The views and opinions of the author do not necessarily state
             or reflect those of the United States Government or any agency

Date:      18 Jan 90 11:55:26 GMT
From:      [email protected]
Subject:   Re:  vault doors, was:  locks
but aren't vaults normally lined with fairly difficult stuff
to penetrate?  Like armor plate or something?  Otherwise it
would seem that potential transgressors wouldn't bother
with vault door either...
 Joseph C. Pistritto               'Think of it as Evolution in Action'
   Ciba Geigy AG, R1241.1.01, Postfach CH4002 Basel, Switzerland
   Internet: [email protected]                  Phone: (+41) 61 697 6155
   Bitnet:   bpistr%[email protected]   Fax:   (+41) 61 697 2435
   From US:  [email protected]

Date:      18 Jan 90 13:37:06 GMT
From:      [email protected] (Irving Chidsey)
Subject:   Re:  vault doors, was:  locks

	If I go into the local bank ( during business hours ) I can see
the vault door standing open.  It is a foot thick with massive bolts.  I
can also see the time clock the prevents opening during non business hours.
Through the inner grate with 2-3 cm bars I can see the safe deposit boxes
and their double locks.  On the floor I can see the sacks full of coins and
bills that the armored car just brought.  The Vault and door exude solidity,
safety, and protection.  They let you know that this is the right place to
keep your money and valuables.  They also warn malefactors that the vault
is hard to penetrate.
	The rest of the vault cannot be seen, but surely so solid a door
would be part of an equaly strong, solid vault.  Wouldn't it?
	Vault doors, like safe doors, are at least 50% public relations.

I do not have signature authority.  I am not authorized to sign anything.
I am not authorized to commit the BRL, the DOA, the DOD, or the US Government
to anything, not even by implication.
			Irving L. Chidsey  <[email protected]>

Date:      18 Jan 90 18:11:00 GMT
From:      [email protected] (Michael Stack)
Subject:   Re: RACF database
Most solid state DASD devices have a battery backup (which filters the
normal power supply as long as it is available) which is used to dump
the memory to some kind of backup device should the normal power fail.
We had been preparing to place our JES2 checkpoint on our EMC box when
we discovered an integrity problem - there is a circuit breaker on the
back of the box (the ONLY visible switch) which apparently connects
the memory to the battery;  throw the switch and the memory DIES!
Of course, we all learned long ago that after a power outage we should
reset circuit breakers even though they don't appear to need it!  :-<
After a couple instances of this (fortunately this didn't happen while
we were experimenting with our ACF2 clusters), we are holding off
placing the master catalog and JES2 checkpoint there until we regain
our confidence in the box.

Michael Stack
Northern Illinois University

Date:      18 Jan 90 22:19:20 GMT
From:      [email protected] (Morris)
Subject:   Re: RACF database
In several of the solid-state DASD boxes I've had pitched to me recently the
designer has included a battery and a small PC-style fixed disk.  If the power
mains die the box disconnects from the channel and dumps its entire contents
onto the fixed disk before shutting down.  When the power mains come alive 
again the data can be restored to the semiconductor memory.

Sorry, I don't recall which vendors provide this, but you should consider the
idea if you're about to trust the security database to the tender mercies
of your power company.

Date:      19 Jan 90 02:15:48 GMT
From:      [email protected] (Kelly Goen)
Subject:   Re:  vault doors, was:  locks
>but aren't vaults normally lined with fairly difficult stuff
>to penetrate?  Like armor plate or something?  Otherwise it

I missed the first part of this thread... but THERMIC LANCES will normally
penetrate 3' of reinforced concrete within about 2 minutes... and if that
will not do the job THERE are PORTABLE(yeah RIGHT!!) Plasma cutting torches
avaiable that exceed 16,000 centigrade...(according to the sales literature)
    I would think this to be adequate for the job...

Date:      Fri, 19 Jan 90 19:13:44 -0500
From:      cjs%[email protected] (Christopher J. Seline ([email protected]))
The following is a prepublication draft of an article on TEMPEST.  I am posting
it to this news group in the hope that it will:
	(1) stimulate discussion of this issue;
	(2) expose any technical errors in the document;
	(3) solicit new sources of information;
	(4) uncover anything I have forgotten to cover.

I will be unable to monitor the discussions of the article.  Therefore, PLEASE
post your comments to the news group BUT SEND ME A COPY AT THE ADDRESS LISTED

I have gotten a number of mail messages about the format of this
article.  Some explanation is in order:  The numbered paragraphs
following "____________________" on each page are footnotes.  I suggest
printing out the document rather than reading it on your CRT.

Thanks you in advance.

Christopher Seline
[email protected]
[email protected]

(c) 1990 Christopher J. Seline
<Start Print Job>
<New Page>
                                Eavesdropping On 
                         the Electromagnetic Emanations 
                              of Digital Equipment:
                               The Laws of Canada,
                          England and the United States

                           This  document is  a rough
                           draft.        The    Legal
                           Sections  are   overviews.
                           T h e y    w i l l     b e
                           significantly expanded  in
                           the next version.

               We in this country, in this generation, are -- by
               destiny rather than choice -- the watchmen on the
               walls of world freedom.[1]
                                             -President John F.


          1.  Undelivered  speech  of  President  John  F.  Kennedy, Dallas
          Citizens Council (Nov. 22, 1963) 35-36.

<New Page>
                    In the novel 1984, George Orwell foretold a future
          where individuals had no expectation  of privacy because the
          state monopolized the technology of  spying.  The government
          watched the actions of its subjects from birth to death.  No
          one could protect himself because  surveillance and counter-
          surveillance technology was controlled by the government.
               This note explores  the legal status of  a surveillance
          technology  ruefully  known  as  TEMPEST[2].    Using  TEMPEST
          technology  the  information in  any  digital device  may be
          intercepted  and  reconstructed  into   useful  intelligence
          without the  operative ever having to come  near his target.
          The technology is  especially useful in the  interception of
          information  stored  in  digital computers  or  displayed on
          computer terminals.
               The use of TEMPEST is not illegal under the laws of the
          United  States[3],  or  England.    Canada has  specific  laws
          criminalizing TEMPEST eavesdropping but the  laws do more to
          hinder surveillance countermeasures than to prevent  TEMPEST
          surveillance.  In  the United  States it is  illegal for  an
          individual  to  take   effective  counter-measures   against
          TEMPEST surveillance.  This  leads to the conundrum that  it
          is legal  for individuals and  the government to  invade the
          privacy of others but illegal for  individuals to take steps
          to protect their privacy.
               The author would  like to suggest that the  solution to
          this   conundrum   is  straightforward.      Information  on

          2.  TEMPEST  is an  acronym for  Transient Electromagnetic  Pulse
          Emanation Standard.   This standard sets forth the official views
          of the United  States on the amount  of electromagnetic radiation
          that a device may emit without compromising the information it is
          processing.   TEMPEST  is  a defensive  standard; a  device which
          conforms to this standard is referred to as TEMPEST Certified.
               The United States  government has refused to  declassify the
          acronym  for  devices  used   to  intercept  the  electromagnetic
          information of  non-TEMPEST Certified  devices.   For this  note,
          these  devices  and  the  technology  behind  them  will  also be
          referred  to as  TEMPEST;  in  which  case,  TEMPEST  stands  for
          Transient Electromagnetic Pulse Surveillance Technology.
               The  United  States  government refuses  to  release details
          regarding TEMPEST and continues an organized effort to censor the
          dissemination of  information  about it.    For example  the  NSA
          succeeded in shutting  down a  Wang Laboratories presentation  on
          TEMPEST Certified equipment  by classifying  the contents of  the
          speech and threatening  to prosecute  the speaker with  revealing
          classified information.  [cite coming].  

          3.  This  Note  will not  discuses  how  TEMPEST relates  to  the
          Warrant Requirement under  the United  States Constitution.   Nor
          will it discuss the Constitutional exclusion of foreign nationals
          from the Warrant Requirement. 

<New Page>
          protecting  privacy  under  TEMPEST should  be  made  freely
          available;  TEMPEST  Certified equipment  should  be legally
          available; and organizations possessing  private information
          should  be  required  by  law  to protect  that  information
          through  good  computer security  practices  and the  use of
          TEMPEST Certified equipment.

                            I. INTELLIGENCE GATHERING
               Spying is divided by professionals into two main types:
          human   intelligence   gathering  (HUMINT)   and  electronic
          intelligence gathering (ELINT).  As  the names imply, HUMINT
          relies   on   human   operatives,   and  ELINT   relies   on
          technological operatives.   In the past HUMINT  was the sole
          method  for collecting intelligence.[4]   The HUMINT operative
          would  steal  important  papers, observe  troop  and  weapon
          movements[5],  lure people  into  his confidences  to  extract
          secrets,  and   stand  under   the  eavesdrip[6]   of  houses,
          eavesdropping on the occupants.  
               As  technology  has progressed,  tasks that  once could
          only  be  performed  by  humans  have  been  taken  over  by
          machines.  So  it has  been with spying.   Modern  satellite
          technology allows troop and weapons movements to be observed
          with greater  precision and  from greater  distances than  a
          human  spy  could ever  hope to  accomplish.   The  theft of
          documents  and  eavesdropping on  conversations  may now  be
          performed electronically.  This means greater safety for the
          human operative, whose  only involvement may be  the placing
          of  the  initial  ELINT  devices.    This  has  led  to  the
          ascendancy of ELINT  over HUMINT  because the placement  and

          4.  HUMINT  has  been  used  by  the   United  States  since  the
          Revolution.   "The necessity  of procuring  good intelligence  is
          apparent &  need not be further urged --  All that remains for me
          to add is, that you keep the  whole matter as secret as possible.
          For  upon Secrecy,  Success depends  in Most  Enterprises of  the
          kind, and for  want of it,  they are generally defeated,  however
          well planned &  promising a favorable  issue."  Letter of  George
          Washington (Jul. 26, 1777).

          5.  "... I wish  you to take every possible pains in your powers,
          by  sending  trusty persons  to  Staten  Island in  whom  you can
          confide,  to  obtain  Intelligence  of  the Enemy's  situation  &
          numbers --  what kind of  Troops they are,  and what  Guards they
          have -- their strength & where posted."  Id.

          6.  Eavesdrip is  an Anglo-Saxon  word,  and refers  to the  wide
          overhanging eaves used  to prevent rain  from falling close to  a
          house's foundation.   The eavesdrip  provided "a sheltered  place
          where  one  could hide  to  listen clandestinely  to conversation
          within the house."   W. MORRIS & M. MORRIS,  MORRIS DICTIONARY OF
          WORD AND PHRASE ORIGINS, 198 (1977).

<New Page>
          monitoring of ELINT devices may be performed by a technician
          who has  no training  in the  art of spying.   The  gathered
          intelligence  may be  processed by  an intelligence  expert,
          perhaps  thousands of  miles  away, with  no  need of  field
               ELINT has a number of other advantages over HUMINT.  If
          a  spy is caught his existence could embarrass his employing
          state and he could  be forced into giving up  the identities
          of his compatriots  or other important information.   By its
          very nature, a discovered ELINT device (bug)  cannot give up
          any information; and the ubiquitous  nature of bugs provides
          the  principle  state  with the  ability  to  plausibly deny
          ownership or involvement.
               ELINT   devices   fall  into   two   broad  categories:
          trespassatory  and  non-trespassatory.   Trespassatory  bugs
          require some type of trespass in order for them to function.
          A transmitter  might require  the physical  invasion of  the
          target  premises  for placement,  or  a microphone  might be
          surreptitiously attached  to  the outside  of a  window.   A
          telephone transmitter can  be placed  anywhere on the  phone
          line, including at the  central switch.  The trespass  comes
          either when it is physically attached  to the phone line, or
          if it is  inductive, when placed  in close proximity to  the
          phone line.   Even microwave  bugs require the  placement of
          the resonator cone within the target premises.[7]
               Non-trespassatory  ELINT  devices  work   by  receiving
          electromagnetic radiation (EMR) as  it radiates through  the
          aether, and do not  require the placement of bugs.   Methods
          include intercepting[8] information transmitted  by satellite,
          microwave, and  radio, including mobile  and cellular  phone
          transmissions.   This information was  purposely transmitted
          with the intent that  some intended person or  persons would
          receive it.  
               Non-trespassatory ELINT also includes  the interception
          of information that  was never  intended to be  transmitted.
          All electronic devices emit electromagnetic radiation.  Some
          of  the  radiation,  as  with radio  waves,  is  intended to
          transmit  information.    Much  of  this  radiation  is  not
          intended to transmit information and is merely incidental to


          7.  Pursglove, How  Russian Spy  Radios Work,  RADIO ELECTRONICS,
          89-91 (Jan 1962).

          8.  Interception  is  an  espionage  term of  art  and  should be
          differentiated from  its more common usage.   When information is
          intercepted, the interceptor  as well  as the intended  recipient
          receive the information.  Interception when not used as a term of
          art refers to one person receiving something intended for someone
          else; the intended recipient never receives what he  was intended
          to receive.

<New Page>
          whatever  work  the  target  device  is performing.[9]    This
          information  can be  intercepted  and reconstructed  into  a
          coherent  form.    With  current  TEMPEST technology  it  is
          possible to  reconstruct  the  contents  of  computer  video
          display  terminal  (VDU)  screens  from  up to  a  kilometer
          distant[10];  reconstructing  the  contents  of  a  computer's

          9.  There are  two types  of emissions,  conducted and  radiated.
          Radiated  emissions are formed  when components or  cables act as
          antennas for transmit the EMR; when radiation is conducted  along
          cables or other connections but not radiated it is referred to as
          "conducted".  Sources  include cables,  the ground loop,  printed
          circuit boards, internal  wires, the power  supply to power  line
          coupling, the cable to cable coupling, switching transistors, and
          high-power  amplifiers.    WHITE  &  M. MARDIGUIAN,  EMI  CONTROL
          METHODOLOGY AND PROCEDURES,   10.1 (1985).
               "[C]ables  may act  as an  antenna to  transmit the  signals
          directly  or  even  both  receive the  signals  and  re-emit them
          further away  from the  source equipment.   It  is possible  that
          cables acting as an  antenna in such a manner could  transmit the
          signals  much  more  efficiently than  the  equipment  itself...A
          similar  effect  may occur  with metal  pipes  such as  those for
          domestic water supplies. ...  If an earthing [(grounding)] system
          is  not installed  correctly such  that there  is a  path  in the
          circuit  with a  very high  resistance (for  example  where paint
          prevents  conduction and  is acting  as an  insulator), then  the
          whole earthing  system could well act in  a similar fashion to an
          antenna. ...   [For a  VDU] the strongest  signals, or  harmonics
          thereof, are  usually between  60-250 MHz  approximately.   There
          have  however  been  noticeable  exception  of  extremely  strong
          emissions  in  the  television bands  and  at  higher frequencies
          between 450-800  MHz.  Potts,  Emission Security, 3  COMPUTER LAW
          AND SECURITY REPORT 27 (1988).

          10.  The TEMPEST ELINT operator can distinguish between different
          VDUs  in   the   same  room   because   of  the   different   EMR
          characteristics of both  homo and heterogeneous units.   "[T]here
          is little comparison  between EMR characteristics  from otherwise
          comparable equipment.   Only if the  [VDU] was made with  exactly
          the  same components  is there  any similarity.   If some  of the
          components have come from a different batch, have been updated in
          some   way,  and  especially   if  they  are   from  a  different
          manufacturer, then completely different results are obtained.  In
          this way a  different mark or version of the same [VDU] will emit
          different  signals.   Additionally  because  of the  variation of
          manufacturing standards between counties, two  [VDUs] made by the
          same  company  but  sourced  from  different counties  will  have
          entirely different EMR signal characteristics...From this  it way
          be thought that there is such a jumble of emissions  around, that
          it would not be possible to isolate those from any one particular
          source.  Again, this is not the case.  Most received signals have

<New Page>
          memory or the contents  of its mass storage devices  is more
          complicated and must be performed  from a closer distance.[11]
          The reconstruction  of information  via EMR,  a process  for
          which the  United States  government  refuses to  declassify
          either  the  exact  technique or  even  its  name[12], is  not
          limited to computers  and digital devices but  is applicable
          to  all devices  that generate  electromagnetic radiation.[13]
          TEMPEST is  especially effective  against VDUs  because they
          produce a very high level of EMR.[14]
          a  different  line synchronization,  due  to  design, reflection,
          interference or  variation of component  tolerances.  So  that if
          for  instance  there  are three  different  signals  on the  same
          frequency  ...  by  fine  tuning  of  the  RF  receiver,  antenna
          manipulation  and modification  of  line synchronization,  it  is
          possible to lock onto each of the three signals separately and so
          read  the  screen information.    By  similar techniques,  it  is
          entirely  possible  to discriminate  between individual  items of
          equipment in the same room."  Potts, supra note 9.
               For  a discussion  of  the TEMPEST  ELINT  threat See  e.g.,
          Memory Bank, AMERICAN BANKER 20 (Apr 1 1985); Emissions from Bank
          Computer Systems  Make Eavesdropping Easy,  Expert Says, AMERICAN
          BANKER  1  (Mar  26 1985);  CRT  spying:  a  threat to  corporate
          security, PC WEEK (Mar 10 1987).

          11.  TEMPEST is  concerned  with  the  transient  electromagnetic
          pulses formed  by digital  equipment.   All electronic  equipment
          radiates  EMR  which  may be  reconstructed.    Digital equipment
          processes information as 1's and 0's--on's  or off's.  Because of
          this, digital equipment  gives off pulses  of EMR.  These  pulses
          are easier to  reconstruct at a  distance than the non-pulse  EMR
          given off by  analog equipment.   For a  thorough discussion  the
          radiation  problems  of  broadband digital  information  see e.g.
          military standard MIL-STD-461   REO2; White supra note 9,   10.2.

          12.  See supra note 2.

          13.       Of special interest  to ELINT  collectors are EMR  from
          computers,  communications   centers  and  avionics.     Schultz,
          Defeating Ivan with TEMPEST, DEFENSE ELECTRONICS 64 (June 1983). 

          14.     The  picture on  a  CRT screen  is  built up  of  picture
          elements  (pixels) organized  in lines  across the  screen.   The
          pixels  are made  of material  that fluoresces  when struck  with
          energy.  The energy is produced by a beam of electrons fired from
          an electron gun  in the back of  the picture tube.   The electron
          beam scans the screen of the  CRT in a regular repetitive manner.
          When the voltage of the beam is high then the pixel it is focused
          upon  emits  photons and  appears as  a  dot on  the screen.   By
          selectively firing  the gun as  it scans across  the face of  the
          CRT, the pixels form characters on the CRT screen.

<New Page>
               ELINT is not limited to  governments.  It is  routinely
          used by  individuals for  their  own purposes.   Almost  all
          forms of ELINT are  available to the individual with  either
          the technological  expertise or  the money  to hire  someone
          with  the  expertise.     Governments   have  attempted   to
          criminalize all use  of ELINT by their  subjects--to protect
          the privacy of both the government and the population.

                              II. UNITED STATES LAW
               In the United States, Title III of  the Omnibus Streets
          and Crimes Act of 1968[15] criminalizes trespassatory ELINT as
          the intentional interception  of wire communications.[16]   As
          originally  passed,   Title  III   did  not  prohibit   non-

               The pixels  glow for  only a  very  short time  and must  be
          routinely struck by the electron beam  to stay lit.  To  maintain
          the light output of  all the pixels that are supposed  to be lit,
          the electron beam traverses  the entire CRT screen sixty  times a
          second.   Every time the beam fires it  causes a high voltage EMR
          emission.  This EMR  can be used  to reconstruct the contents  of
          the  target CRT  screen.   TEMPEST  ELINT  equipment designed  to
          reconstruct the information synchronizes its  CRT with the target
          CRT.  First, it uses the EMR to synchronize its electron gun with
          the electron gun in the target CRT.  Then, when the TEMPEST ELINT
          unit detects EMR indicating that the target CRT fired on a pixel,
          the TEMPEST ELINT  unit fires the electron  gun of its CRT.   The
          ELINT CRT is in perfect synchronism with the target CRT; when the
          target lights a pixel, a corresponding pixel on the TEMPEST ELINT
          CRT  is lit.  The exact picture on  the target CRT will appear on
          the TEMPEST ELINT  CRT.  Any changes on the target screen will be
          instantly reflected in the TEMPEST ELINT screen. 
               TEMPEST Certified equipment gives off emissions  levels that
          are too faint to  be readily detected.  Certification  levels are
          set   out  in   National   Communications  Security   Information
          Memorandum  5100A   (NACSIM  5100A).    "[E]mission   levels  are
          expressed in the time  and frequency domain, broadband or  narrow
          band  in terms of the frequency domain, and in terms of conducted
          or radiated emissions."  White, supra, note 9,   10.1.
               For a  thorough  though purposely  misleading discussion  of
          TEMPEST ELINT see  Van Eck, Electromagnetic Radiation  from Video
          Display units: An Eavesdropping Risk?, 4 Computers & Security 269

          15.   Pub. L.  No. 90-351,  82 Stat. 197.   The Act  criminalizes
          trespassatory  ELINT  by  individuals  as  well  as  governmental
          agents.  cf.  Katz v. United States, 389 U.S. 347  (1967) (Fourth
          Amendment prohibits surveillance by government not individuals.) 

          16.  18 U.S.C.   2511(1)(a).

<New Page>
          trespassatory  ELINT,[17] because  courts found  that non-wire
          communication lacked any expectation of p2IIIrivacy.[18]   The
          Electronic Communications  Privacy  Act  of  1986[19]  amended
          Title  III  to  include non-wire  communication.    ECPA was
          specifically  designed  to include  electronic  mail, inter-
          computer  communications,  and  cellular  telephones.     To
          accomplish  this,  the  expectation  of  privacy   test  was
               As  amended, Title  III  still outlaws  the  electronic
          interception of  communications.  The  word "communications"
          indicates  that   someone  is   attempting  to   communicate
          something to someone; it  does not refer to the  inadvertent
          transmission   of   information.       The   reception   and
          reconstruction of emanated transient  electromagnetic pulses
          (ETEP), however, is based on  obtaining information that the
          target does  not  mean to  transmit.   If  the ETEP  is  not
          intended as communication, and  is therefore not transmitted
          in a form approaching current communications protocols, then
          it can not  be considered communications as  contemplated by
          Congress  when  it   amended  Title  III.     Reception,  or
          interception, of emanated  transient electromagnetic  pulses
          is not criminalized by Title III as amended.

                                III. ENGLISH LAW
               In  England  the  Interception  of  Communications  Act
          1985[21] criminalizes the tapping of  communications sent over


          17.  United States v. Hall,  488 F.2d 193 (9th Cir.  1973) (found
          no legislative history  indicating Congress  intended the act  to
          include radio-telephone conversations).  Further,  Title III only
          criminalized  the interception  of  "aural" communications  which
          excluded all forms of computer communications.  

          18.  Willamette  Subscription Television  v.  Cawood, 580  F.Supp
          1164 (D. Or. 1984) (non-wire communications lacks any expectation
          of privacy).

          19.  Pub. L. No. 99-508, 100 Stat. 1848 (codified at 18 U.S.C.   
          2510-710) [hereinafter ECPA].

          20.  18 U.S.C.   2511(1)(a) criminalizes the interception of "any
          wire,  oral  or electronic  communication"  without regard  to an
          expectation of privacy.

          21.  Interception of Communications Act 1985,  Long Title, An Act
          to make new provision for and in connection with the interception
          of  communications  sent   by  post   or  by   means  of   public
          telecommunications  systems  and  to  amend  section  45  of  the
          Telecommunications Act 1984.

<New Page>
          public  telecommunications  lines.[22]   The  interception  of
          communications on  a telecommunication line  can take  place
          with a physical tap on the line, or the passive interception
          of microwave or  satellite links.[23]  These  forms of passive
          interception  differ  from TEMPEST  ELINT  because  they are
          intercepting   intended    communication;   TEMPEST    ELINT
          intercepts unintended  communication.  Eavesdropping  on the
          emanations  of  computers does  not  in any  way  comport to
          tapping a telecommunication line and therefore falls outside
          the scope of the statute.[24]

                                IV. CANADIAN LAW
               Canada has taken direct steps to limit eavesdropping on
          computers.    The Canadian  Criminal  Amendment Act  of 1985


          22.  Interception of Communications Act 1985    1, Prohibition on
               (1) Subject to the  following provisions of this section,  a
               person who  intentionally intercepts a communication  in the
               course of its  transmission by post or by  means of a public
               telecommunications system shall be guilty  of an offence and
                    (a) on summary  conviction, to a fine not exceeding the
                    statutory maximum;
                    (b) on conviction on indictment,  to imprisonment for a
                    term not exceeding two years or to a fine or to both.

          23.  Tapping  (aka  trespassatory eavesdropping)  is  patently in
          violation  of the statute.  "The  offense created by section 1 of
          the Interception of Communications Act 1985 covers those forms of
          eavesdropping on computer communications  which involve "tapping"
          the wires along  which messages  are being passed.   One  problem
          which  may  arise,  however,  is  the  question  of  whether  the
          communication in question  was intercepted in  the course of  its
          transmission by  means of a public telecommunications system.  It
          is technically possible  to intercept a communication  at several
          stages in its transmission,  and it may be a question  of fact to
          decide the stage  at which it enters the "public" realm.  THE LAW

          24.  "There are  also forms of  eavesdropping which the  Act does
          not cover.  For  example. eavesdropping on a V.D.U.  [referred to
          in  this text as a CRT] screen  by monitoring the radiation field
          which surrounds it  in order to  display whatever appears on  the
          legitimate  user's  screen on  the  eavesdropper's screen.   This
          activity would not  seem to  constitute any criminal  offence..."

<New Page>
          criminalized indirect access  to a computer service.[25]   The
          specific reference  to an  "electromagnetic device"  clearly
          shows the intent  of the legislature  to include the use  of
          TEMPEST ELINT equipment within the ambit of the legislation.
               The limitation of obtaining "any computer service" does
          lead to  some confusion.   The Canadian legislature  has not
          made  it  clear  whether  "computer  service"  refers  to  a
          computer  service  bureau  or  merely   the  services  of  a
          computer.    If  the  Canadians  had  meant  access  to  any
          computer,  why  did they  refer  to any  "computer service".
          This   is   especially   confusing   considering   the   al-
          encompassing language  of (b)  'any function  of a  computer
               Even   if   the   Canadian   legislation   criminalizes
          eavesdropping  on  all  computers,  it  does not  solve  the
          problem  of  protecting  the privacy  of  information.   The
          purpose  of  criminal law  is  to control  crime.[26]   Merely
          making  TEMPEST  ELINT  illegal will  not  control  its use.
          First, because  it  is an  inherently  passive crime  it  is
          impossible to detect and hence punish.  Second, making  this
          form of  eavesdropping  illegal without  taking a  proactive
          stance  in  controlling  compromising emanations  gives  the
          public a false sense of security.   Third, criminalizing the
          possession of a TEMPEST ELINT  device prevents public sector
          research into countermeasures.   Finally,  the law will  not
          prevent eavesdropping on private information held in company
          computers unless  disincentives are given for companies that
          do not take sufficient precautions against eavesdropping and
          simple, more common, information crimes.[27]

          25.   301.2(1) of the  Canadian criminal code states  that anyone

          ... without color of right,
          (a) obtains, directly or indirectly, any computer service,
          (b)  by  means  of  an  electromagnetic  ...   or  other  device,
          intercepts  or  causes  to  be  intercepted, either  directly  or
          indirectly, any function of  a computer system ... [is  guilty of
          an indictable offence].

          GUIDELINES MANUAL (1988) (Principles  Governing the Redrafting of
          the Preliminary Guidelines "g." (at an unknown page)) 

          27.  There has been great debate over  what exactly is a computer
          crime.    There  are  several  schools  of  thought.    The  more
          articulate school, and the one to  which the author adheres holds
          that  the category  computer crime  should be  limited to  crimes
          directed against computers; for example, a terrorist destroying a
          computer  with explosives would fall into  this category.  Crimes
          such as  putting  ghost  employees  on  a  payroll  computer  and

<New Page>

                                  V. SOLUTIONS
               TEMPEST ELINT  is passive.   The  computer or  terminal
          emanates  compromising radiation which is intercepted by the
          TEMPEST device  and reconstructed  into useful  information.
          Unlike conventional  ELINT there  is no  need to  physically
          trespass or even come near the target.  Eavesdropping can be
          performed from a nearby office or even a van parked within a
          reasonable distance.   This means  that there is  no classic
          scene of the crime; and little or  no chance of the criminal
          being discovered in the act.[28]  
               If the crime is discovered it will be ancillary to some
          other  investigation.    For example,  if  an  individual is
          investigated for insider  trading a search of  his residence
          may yield a TEMPEST ELINT device.   The device would explain
          how the defendant was obtaining  insider information; but it
          was the insider trading, not the  device, that gave away the
               This  is  especially  true  for illegal  TEMPEST  ELINT
          performed by the state.  Unless the perpetrators are  caught
          in the act  there is  little evidence  of their  spying.   A
          trespassatory bug can be detected and located; further, once
          found it provides tangible evidence that a crime took place.
          A TEMPEST ELINT device by its inherent passive nature leaves
          nothing to detect.   Since the government is less  likely to
          commit an ancillary crime which might be detected there is a
          very small chance  that the spying will  ever be discovered.
          The  only way to  prevent eavesdropping is  to encourage the
          use of  countermeasures: TEMPEST  Certified[29] computers  and
          collecting their pay are merely  age-old accounting frauds; today
          the  fraud involves a computer because  the records are kept on a
          computer.  The  computer is merely ancillary to  the crime.  This
          has been mislabeled  computer crime and should merely be referred
          to as a fraud perpetrated with  the aid of a computer.   Finally,
          there are information  crimes.  These  are crimes related to  the
          purloining or  alteration of information.  These  crimes are more
          common and more profitable due to  the computer's ability to hold
          and access great amounts of information.   TEMPEST ELINT can best
          be categorized as a information crime.

          28.  Compare, for  example, the  Watergate breakin  in which  the
          burglars  were discovered  when they  returned to  move  a poorly
          placed spread spectrum bug.

          29.  TEMPEST Certified refers  to the  equipment having passed  a
          testing and  emanations regime specified  in NACSIM 5100A.   This
          classified document sets forth the emanations levels that the NSA
          believes digital equipment can give  off without compromising the
          information it  is processing.   TEMPEST  Certified equipment  is
          theoretically secure against TEMPEST eavesdropping.  

<New Page>
               In merely making  TEMPEST ELINT  illegal the public  is
          given the  false impression  of security;  they lulled  into
          believing  the  problem  has been  solved.    Making certain
          actions illegal does not prevent them  from occurring.  This
          is  especially  true  for  a  TEMPEST  ELINT  because it  is
          undetectable.  Punishment is an empty  threat if there is no
          chance of being  detected; without detection there can be no
          apprehension and conviction.   The only way  to prevent some
          entity  from eavesdropping  on  one's  computer or  computer
          terminal is  for the equipment not to  give off compromising
          emanation; it must be TEMPEST Certified.
               The United  States can solve  this problem by  taking a
          proactive  stance on compromising  emanations.  The National
          Institute of Standards and Technology  (NIST[30]) is in charge
          of  setting  forth standards  of  computer security  for the
          private  sector.   NIST  is  also charged  with  doing basic
          research to advance the art of computer security.  Currently
          NIST does not discuss TEMPEST with  the private sector.  For
          privacy's sake,  this policy must be changed  to a proactive
          one.  The NIST should publicize  the TEMPEST ELINT threat to
          computer  security and  should set  up a  rating system  for
          level  of  emanations  produced   by  computer  equipment.[31]
          Further,  legislation  should  be  enacted  to  require  the
          labeling  of  all computer  equipment    with  its level  of
          emanations and whether it is TEMPEST Certified.  Only if the
          public  knows of the  problem can it begin  to take steps to
          solve it.
               Title III makes  possession of a surveillance  device a
          crime,  unless  it   is  produced  under  contract   to  the
          government.  This means that  research into surveillance and
          counter-surveillance   equipment   is  monopolized   by  the
          government and a  few companies working under  contract with
               NACSIM 5100A is  classified, as are all  details of TEMPEST.
          To  obtain  access to  it, contractor  must  prove that  there is
          demand within  the government for the specific  type of equipment
          that intend to  certify.  Since  the standard is classified,  the
          contractors can not sell the equipment to non-secure governmental
          agencies or the public.  This prevents reverse engineering of the
          standard  for its physical  embodiment, the  Certified equipment.
          By  preventing  the   private  sector  from  owning   this  anti-
          eavesdropping equipment,  the NSA has  effectively prevented  the
          them from protecting the information in their computers. 

          30.  Previously the Bureau of Standards.   The NIST is a division
          of the Commerce Department.

          31.  In this case computer equipment would include all peripheral
          computer equipment.  There is no use is using a TEMPEST Certified
          computer if the printer or the modem are not Certified.

<New Page>
          the government.   If TEMPEST eavesdropping  is criminalized,
          then possession of TEMPEST ELINT equipment will be criminal.
          Unfortunately,this  does  not  solve the  problem.    Simple
          TEMPEST ELINT  equipment is easy  to make.   For just  a few
          dollars  many  older  television  sets  can be  modified  to
          receive and  reconstruct  EMR.    For less  than  a  hundred
          dollars a more  sophisticated TEMPEST ELINT receiver  can be
               The  problem  with  criminalizing  the  possession   of
          TEMPEST ELINT equipment is  not just that the law  will have
          little effect on the use of such equipment, but that it will
          have a  negative effect  on counter-measures  research.   To
          successfully   design   counter-measures  to   a  particular
          surveillance  technique  it  is  vital  to have  a  complete
          empirical  understanding   of  how  that   technique  works.
          Without  the right  to  legally manufacture  a  surveillance
          device there is no possible way for a researcher to have the
          knowledge to  produce an effective  counter-measures device.
          It  is  axiomatic:  without  a  surveillance device,  it  is
          impossible to test a counter-measures device.  
               A number of  companies produce  devices to measure  the
          emanations from electrical equipment.  Some of these devices
          are  specifically   designed  for   bench  marking   TEMPEST
          Certified equipment.  This does not  solve the problem.  The
          question  arises:  how   much  radiation  at   a  particular
          frequency  is compromising?  The  current answer is to refer

          32.  The  NSA  has tried  to  limit the  availability  of TEMPEST
          information to prevent the spread of the devices.
               For a discussion of the  First Amendment and prior restraint
          See, e.g. The United  States of America v. Progressive,  Inc. 467
          F.Supp 990 (1979, WD Wis.)(magazine intended to publish plans for
          nuclear  weapon; prior  restraint injunction  issued),  reh. den.
          United States v. Progressive  Inc. 486 F.Supp 5 (1979,  WD Wis.),
          motion  den  Morland  v. Sprecher  443  US  709 (1979)(mandamus),
          motion denied  United States  v. Progressive,  Inc. 5  Media L  R
          (1979, 7th Cir.), dismd. without op. U.S. v. Progressive, Inc 610
          F.2d 819 (1979, 7th Cir.); New York Times, Co. v.  United States,
          403  U.S.  713 (1971)(per  curium)(Pentagon Papers  case: setting
          forth prior  restraint standard  which government  was unable  to
          Balance  Between Scientific  Freedom  and  NAtional Security,  23
          JURIMETRICS  J. 1  (1982)(current  laws and  regulations limiting
          scientific and  technical expression exceed the  legitimate needs
          of national security); Hon. M.  Feldman, Why the First  Amendment
          is not Incompatible  with National Security, HERITAGE  FOUNDATION
          REPORTS (Jan.  14, 1987).  Compare Bork,  Neutral Principles  and
          Some First Amendment Problems,  47 IND. L. J. 1  (First Amendment
          applies only to  political speech); G.  Lewy, Can Democracy  Keep
          Secrets, 26  POLICY REVIEW 17  (1983)(endorsing draconian secrecy
          laws mirroring the English system).

<New Page>
          to NACSIM  5100A.   This document  specifies the  emanations
          levels suitable  for Certification.   The  document is  only
          available  to United  States  contractors having  sufficient
          security  clearance  and  an  ongoing  contract  to  produce
          TEMPEST Certified computers  for the  government.   Further,
          the correct levels are specified by the NSA and there  is no
          assurance that, while these levels are sufficient to prevent
          eavesdropping by unfriendly operatives,  equipment certified
          under NACSIM  5100A will have  levels low enough  to prevent
          eavesdropping by the NSA itself.
               The  accessibility  of  supposedly  correct  emanations
          levels  does  not solve  the  problem of  preventing TEMPEST
          eavesdropping.     Access   to  NACSIM   5100A   limits  the
          manufacturer to selling the equipment  only to United States
          governmental  agencies  with  the  need  to  process  secret
          information.[33]  Without  the right to possess  TEMPEST ELINT
          equipment  manufacturers  who  wish to  sell  to  the public
          sector cannot determine what a  safe level of emanations is.
          Further  those  manufacturers with  access  to  NACSIM 5100A
          should  want  to  verify that  the  levels  set  out in  the
          document are, in  fact, low enough to  prevent interception.
          Without an actual  eavesdropping device with which  to test,
          no   manufacturer  will   be   able  to   produce  genuinely
          uncompromising equipment.

               Even if the  laws allow ownership of  TEMPEST Certified
          equipment by the public, and even  if the public is informed
          of  TEMPEST's   threat  to  privacy,   individuals'  private
          information will not necessarily  by protected.  Individuals
          may  choose to  protect their  own information on  their own
          computers.  Companies  may choose  whether to protect  their
          own  private  information.    But  companies that  hold  the
          private information of  individuals must  be forced to  take
          steps to protect that information.
               In  England  the  Data  Protection  Act 1984[34]  imposes
          sanctions   against   anyone   who   stores   the   personal
          information[35] on  a computer  and fails  to take  reasonable

          33.  For  example, the  NSA has  just recently  allowed the  Drug
          Enforcement Agency (DEA) to  purchase TEMPEST Certified  computer
          equipment.    The DEA  wanted  secure computer  equipment because
          wealthy  drug   lords  had   were  using   TEMPEST  eavesdropping

          34.  An  Act  to  regulate  the  use of  automatically  processed
          information relating to individuals and the provision of services
          in respect of such information.
               -Data Protection Act 1984, Long Title.

          35.  "Personal data"  means data consisting  of information which
          relates to a  living individual who  can be identified from  that

<New Page>
          measures to prevent disclosure of that information.  The act
          mandates  that  personal  data  may  not  be  stored  in any
          computer  unless  the  computer bureau  or  data  user[36] has
          registered under the  act.[37]    This provides for a  central
          registry  and  the tracking  of  which companies  or persons
          maintain databases of personal information.   Data users and
          bureaux must  demonstrate a  need and  purpose behind  their
          possession of personal data.
               The act  provides tort  remedies to  any person  who is
          damaged by disclosure  of the  personal data.[38]   Reasonable
          care to  prevent the  disclosure  is a  defense.[39]   English
          information (or from that and other information in the possession
          of the data user), including any  expression of opinion about the
          individual but not any  indication of the intentions of  the data
          user in respect of that individual.
               -Data Protection Act 1984   1(3)

          36.  "Data user" means  a person  who holds data,  and a  persons
          "Holds" data if --
               (a) the data form part of a collection of  data processed or
               intended to be  processed by or on behalf  of that person as
               mentioned in  subsection (2) above; [subsection  (2) defines
               "data"] and
               (b) that person (either  alone or jointly or in  common with
               other persons)  controls the  contents and  use of  the data
               comprised in the collection; and
               (c) the data are in the form in which  they have been or are
               intended to be processed as mentioned in paragraph (a) above
               or (though not  for the time being  in that form) in  a form
               into which they have been converted after being so processed
               and  with  a  view  to  being  further  so  processed  on  a
               subsequent occasion.
               - Data Protection Act   1(5).

          37.  Data Protection Act 1984,   4,5.

          38.  An individual who is the subject of personal data held  by a
          data user... and who  suffers damage by reason of  (1)(c) ... the
          disclosure of the  data, or  access having been  obtained to  the
          data without  such authority as  aforesaid shall  be entitled  to
          compensation from  the data  user... for any  distress which  the
          individual has  suffered  by  reason of  the  ...  disclosure  or
               - Data Protection Act 1984   23.

          39.  ... it shall  be a defense to  prove that ... the  data user
          ...  had  taken  such  care  as  in  all  the  circumstances  was
          reasonably required  to prevent  the... disclosure  or access  in
               Data Protection Act 1984   23(3)

<New Page>
          courts  have not yet  ruled what level  of computer security
          measures  constitute  reasonable  care.     Considering  the
          magnitude of invasion possible with  TEMPEST ELINT it should
          be  clear  by now  that  failure  to use  TEMPEST  Certified
          equipment is prima facie unreasonable care.
               The Remedies section of the  act provides incentive for
          these  entities to provide  successful protection  of person
          data from disclosure  or illicit access.  Failure to protect
          the data will  result in monetary loss.  This  may be looked
          at from the economic efficiency  viewpoint as allocating the
          cost  of  disclosure the  persons  most able  to  bear those
          costs, and also most able to prevent disclosure.  Data users
          that  store   personal  data  would  use  TEMPEST  Certified
          equipment as part of their computer security plan, thwarting
          would-be eavesdroppers.  
               The Data Protection  Act 1984  allocates risk to  those
          who can  bear it best and provides  an incentive for them to
          keep other  individuals' data private.   This act  should be
          adopted by the United States as part of a full-spectrum plan
          to combat TEMPEST eavesdropping.  Data users are in the best
          position  to  prevent  disclosure  through  proper  computer
          security.    Only by  making  them  liable for  failures  in
          security can we begin to rein in TEMPEST ELINT.

                 Do not  criminalize TEMPEST ELINT.   Most crimes that
          TEMPEST ELINT would aid, such a insider trading, are already
          illegal; the current laws are adequate.
                 The  National Institute of  Standards and  Technology
          should immediately begin  a program  to educate the  private
          sector about TEMPEST.  Only if  individuals are aware of the
          threat  can  they  take  appropriate precautions  or  decide
          whether any precautions are necessary.
                   Legislation  should  be   enacted  to  require  all
          electronic  equipment to  prominently display  its level  of
          emanations  and  whether  it  is   TEMPEST  Certified.    If
          individuals are to choose to protect themselves they must be
          able  to  make  a  informed   decision  regarding  how  much
          protection is enough.
                 TEMPEST  Certified equipment  should be available  to
          the private  sector.   The current  ban on  selling to  non-
          governmental  agencies  prevents  individuals  who  need  to
          protect information from having the technology to do so.
                 Possession of  TEMPEST ELINT equipment should  not be
          made  illegal.   The  inherently  passive nature  and simple
          design  of  TEMPEST ELINT  equipment  means that  making its
          possession illegal  will not deter  crime; the units  can be
          easily manufactured and are impossible  to detect.  Limiting
          their   availability   serves   only   to   monopolize   the
          countermeasures research, information, and equipment for the
          government;   this   prevents   the  testing,   design   and

<New Page>
          manufacture of counter-measures by the private sector.
                 Legislation mirroring  England's Data Protection  Act
          1984 should be  enacted.  Preventing disclosure  of personal
          data  can  only be  accomplished  by giving  those companies
          holding the data a reason to protect  it.  If data users are
          held liable for  their failure  to take reasonable  security
          precautions they  will  begin to  take  reasonable  security
          precautions,  including   the  use   of  TEMPEST   Certified
Date:      19 Jan 90 18:00:04 GMT
From:      [email protected] (Lee Ratzan)
Subject:   biological computer viruses
Just a thought... We anthropomorphize certain computer programs
and call them viruses in order to better conceptualize their
actions for the sake  of our internal cognitive models. The
biological model is used:computer viruses replicate, they can
be malignant, they can infect and be disinfected etc. It is the
biological model which drives the image to explain the computer
model. What if this situation be reversed? If we would try to
explain the biological phenomena of a virus in terms of how
a computer virus operates perhaps we might obtain insight into
the biology which is now lacking because of cognitive blinders?

Just thinking...
Lee Ratzan
Unix systems
University of Medicine/Dentistry of NJ

Date:      19 Jan 90 22:59:33 GMT
From:      [email protected] (Tim Morgan)
Subject:   Cardkey locks
Does anyone have information on cheap but effective cardkey lock systems?
How about manufacturers who sell off-the-shelf components which can
be connected to a computer (eg, a card reader that sends ASCII over

Tim Morgan
UC Irvine ICS Dept.

Date:      21 Jan 90 20:54:53 GMT
From:      [email protected] (Robert L. Krawitz)
Subject:   GNU and security

   777 is one heck of a lot different than 4777...

This is true, but forcibly installing everything writable leaves a lot
of holes open for trojan horses (there's precious little that you can't
do with Emacs Lisp), and it's hard to see any compelling technical
reason for this installation mode.

Date:      22 Jan 90 05:55:21 GMT
From:      [email protected] (MARK KINSLER)
Subject:   Home security
Nothing works like heavy doors, strong (not complex--drug addicts don't
pick locks), and window grates.  This won't win you the House Beautiful
award, but you'll be safe.  It's not obvious to me how panes of glass
are supposed to deter intruders.  Best philosophy:  Put yourself in
the place of an intruder and see how you could break in.  An alarm
is a good idea, of course, but it should be a backup for physical
security.  If the decorator doesn't like your home reinforcements
then you are probably on the right track.  If you can open a door
with a good kick or three then you need to reinforce it...

<[email protected]>

Date:      22 Jan 90 13:44:00 GMT
From:      [email protected] (Jeffrey Walsh)
Subject:   Re:  Bill Changers
I've been told that the bill changer scans the portrait to determine the
type of bill that has been inserted.  As far as determining authenticity,
I don't know.

Remind me to tell you about an interesting way that con-artists can construct
what appears to be a bill of higher denomination than the one that actually

[email protected]

Date:      23 Jan 90 03:19:59 GMT
From:      [email protected]
Subject:   Cuckoo's Egg

     Stoll, Clifford.
     The cuckoo's egg : tracking a spy through the maze of computer
 espionage / by Clifford Stoll.  1st ed.  New York : Doubleday, 1989.
     vi, 326p; 25 cm.
     Includes bibliographical references (p. 325-326)
     ISBN  0385249462 : $18.95

Take this citation to any "ordinary" bookstore, and they can order it if they
don't have it in stock.  The ISBN number is used by the book trade industry
as a stock control number and an order number to request copies from jobbers,
wholesalers, etc...

In the unlikely event the book is "sold out."  Then I would suggest you
contact a library and have it borrowed for you from elsewhere if they don't
own it.  I would imagine TRW has a corporate information center of some kind
that can have the material delivered to your office.


Craig A. Summerhill
Assistant Systems Librarian

Date:      23 Jan 90 13:18:02 GMT
From:      [email protected] (Jonathan I. Kamens)
Subject:   Re: Policy

  I am somewhat involved with the administration of news here at Project
Athena, and I have never heard "mechanized privacy invasion" given as the
primary reason why we do not run the arbitron scripts here, although it may be
one of the reasons (the discussion hasn't come up since I've been here, so
it's quite possible that at one point privacy concerns were discussed but I
missed the discussion).

  The main reason we don't run the arbitron scripts is that because of the way
Project Athena works, the arbitron script wouldn't be able to read most users'
.newsrc files in order to compile the statistics.

  At Project Athena, users' files are stored in NFS (or AFS, for a small number
of users) filesystems.  The news service at Athena is run by the 
Student Information Processing Board (SIPB), which is INDEPENDENT of Project
Athena's administration, and therefore does not have any super-user privileges
on any Project Athena user fileservers.  Since user accounts have a top-level
directory permission of 711 and a umask of 077 by default, .newsrc files are
not world-readable by default, and therefore any arbitron script run by the
SIPB wouldn't be able to read them.

  Short form of the above: yes, the arbitron scripts may be an invasion of
privacy; however, even if the SIPB didn't think they were, we still
wouldn't be able to use them to generate statistics.

  Just one of the prices you pay for working in a distributed computing
environment, I guess....

Jonathan Kamens			              USnail:
MIT Project Athena				11 Ashford Terrace
[email protected]				Allston, MA  02134
Office: 617-253-8495			      Home: 617-782-0710

Date:      23 Jan 90 14:06:33 GMT
From:      [email protected]
Subject:   Policy

   ...the arbitron scripts may be an invasion of privacy...

I may have misunderstood or misremembered Ambar's comments, but that
was one point I thought she made.  It may not have been the primary
reason Athena doesn't run arbitron, but would be one of interest to a
security mailing list/newsgroup.

   however, even if the SIPB didn't think they were, we still wouldn't
   be able to use them to generate statistics [because of a healthy
   policy of not trusting root across the wire to read users' files].

OSU CIS similarly mistrusts root across the wire, and has similar
default user account modes and umasks.  With some mildly clever
hacquery, Karl Kleinpaste has modified the arbitron script to send a
proxy of itself to each file server holding users' home directories,
where it runs as root to peruse users' .newsrc files.  The results are
then collated into a single chunk that is sent in to Arbitron Central.

I'd be quite interested to know whether Athena's practice is policy or
pragmatics!  (I have no beef with either, I'm just curious.)

   Just one of the prices you pay for working in a distributed
   computing environment, I guess....

There are other ways of running a computing environment that can
legitimately call themselves "distributed"!  Athena's model is right
honorable and obviously successful and well-known, but not unique,
exclusive nor necessarily the best for everyone.

Date:      23 Jan 90 14:27:39 GMT
From:      [email protected] ("Melissa A. Fowler")
Subject:   tapes and x-ray machines
I have frequently carried tapes through airports and recently took 3
3480s to Australia.  X-ray will not damage the tapes, I put the tapes in
my checked baggage (which going internationally is x-rayed).  I have also
had no problem handing a tape to a security guard when going through the
metal detectors.
For the record, X-ray machines will not damage film less than 1000 speed.
Most film used is 200 or 400.  I also sent all my (exposed and unexposed)
film through the X-ray machines in multiple airports with no problems.
If you are still worried, you can purchase a lead film bag.  I would
suspect traveling internationally, the bag might draw attention.

Melissa A. Fowler

Date:      23 Jan 90 14:52:55 GMT
From:      [email protected] ("Michael J. Chinni, SMCAR-CCS-E")
The following is an excerpt from a message sent by one of our computer
security people.

[It was also the Big News Item all around Usenix...  _H*]

			    Michael J. Chinni
                        Picatinny Arsenal, New Jersey  
       ARPA: [email protected]	UUCP: ...!uunet!!mchinni

                  Verdict: "GUILTY"

Student "worm" whiz is found guilty.  A U.S. court jury returned its verdict
about 9:30 pm after approximately six hours of deliberation.  Robert T. Morris
was found guilty of federal computer tampering charges for unleashing a rogue
program that crippled a nationwide computer network (Internet system).  A date
for sentencing has not yet been set.  Morris faces up to five years in prison
and a $250,000 fine.  He is the first person brought to trial under a 1986
federal computer fraud and abuse law that makes it a felony to break into a
federal computer network and prevent authorized use of the system.  Morris 
testified that he had made a programming error that caused a computer "worm"
to go berserk and cripple the Internet system back on November 2, 1988.  The
"worm" he designed immobilized an estimated 6,000 computers linked to Internet,
including ones at the NASA, some military facilities and a few major universi-
ties.  Morris's attorney Thomas Guidobomi argued that Morris never intended to
prevent authorized access.  However testimony showed Morris did in deed deliber-
ately steal computer passwords from hundreds of people so the "worm" could
break into as many computers as possible.  It was brought out in the trial that 
he took deliberate and conscious steps to make the rogue program difficult to
detect and eliminate.  Morris camouflaged sending of the program by unleashing
it from the computer system at Massachusetts Institute of Technology in
Cambridge and made it look like it had been sent from the University of
California at Berkeley so authorship of the program could not be traced to him
at Cornell.  Other evidences showed Morris had at least six eariler versions of
the "worm", which had been found on his Cornell computer accounts and that his
own comments on the "worm" program used the words "break-in" and "steal".

Date:      23 Jan 90 15:20:08 GMT
From:      [email protected] (Greg Mumm)
To:        [email protected]
Subject:   Slim-Jim purchase
Anyone know where I can get a Slim-Jim from? I think that's what they
call those thin metal devices that cops use to unlock car doors with. How
much do they cost? Are they legal? I would like to purchase it as a joke
for my brother.

Internet: [email protected]     Bitnet: gregm%[email protected]  
Uucp: [email protected]   Name  : Greg Mumm 

[Moderator add-on: US General Tools had 'em, last I checked.  "Not legal
for sale in NY or NJ."  I had the item cut out and tacked on my door for
a while, with the header line modified to read "Never get locked out
of your [neighbor's] car again!"  But why buy one when they show you a
*picture* of what the thing looks like, complete with a cutaway view of
the car door?!?!?  Find a piece of packing strap and take a pair of shears
to it.   _H*]

Date:      23 Jan 90 20:50:39 GMT
From:      [email protected] (Lee Ratzan)
Subject:   grants
Now that the Morris case has been at least legally resolved
there is a high probability that the publicity will engender
more realization on aspects of computer security. To this end
there may be agencies, schools or companies who would be 
willing to fund innovative approaches or assist in the
development of security related issues. Does anyone know of
present sources of funding in this regard? It would be in our
best interest as professionals in the field to be aware of
such support.

Lee Ratzan
Univ Med/Dent NJ

Date:      27 Jan 90 11:59:40 GMT
From:      [email protected]
Subject:   Re:  RACF database
I designed (one of) the first solid state disks.  One of my former graduate
students did his dissertation on performance issues in using one under UNIX.
My design was marketed as the "EMU" by Monolithic Systems Corp, Englewood, CO.
For those concerned about data loss on power fail, a Battery Backup Unit was
offered as an option.

For best UNIX performance, I'd suggest a dual-port solid state disk, with
/tmp or /usr/tmp on one port and either your database or the commonly-used
system programs on the other.  The bottleneck is then moved from the
electromechanics of the classic disk drive to the device driver.  Most
device drivers are VERY wasteful of time because they have to wait about
17,000 - 36,000 microseconds for the desired sector to come around.  When
that latency is removed by installing a solid-state disk, a driver latency
of about 1,000+ microseconds then appears.

Questions gladly answered!

Rob Lake
BP Research

Date:      Tue, 30 Jan 90  08:10:16 EST
From:      [email protected]
To:        [email protected]
Subject:   Re:  Finding a key blank
> [Moderator add-on: Most hardware stores and other places that have blanks
> *will* sell you blanks, especially if you express indignation at their weak
> attempts to not do so.  Keep at it.   _H*]

I do not know what part of the country you are in, but I live in
Maryland (the ancestral home of goody twoshoes, and test market for
all future restrictions on American's rights). Here no locksmith, or
locksmith supply house, or hardware store will sell you key blanks.
Of course, the real reason for the restriction is to "lock up" the
keymaking business as a big money-maker for the locksmiths. What they
tell those who try to buy blanks is that you must be a licensed lock-
smith. I tried to buy a lousy flat blank to make a key for a microscope
cabinet and was refused out of hand. I even tried bringing the cabinet
with me to show them what I wanted it for, but was still refused. At
least here in Maryland these are not weak attempts, they are absolute
and total restrictions. For my part, rather than give ANY money at all
to these profit-hungry, blood-sucking "artisans" I will go to my grave
never having seen the insides of the nine cabinets that I need keys

Now that I have vented my spleen on the subject of refusal on the
part of locksmiths to dispense keyblanks I DO have a constructive
solution to the problem. At virtually every flea market you will
find one or more people selling rings, or strings, or cans or
boxes full of old keys, and at ridiculously low prices (I paid $3
for a can containing 147 keys). Although it may involve consider-
ably more effort than working from "blank" key blanks, it is
quite possible to reshape existing keys to fit other locks. In a
few cases it is possible to find keys that require only a touch
of the jewelers file here and there to fit another lock. I have
done this successfully on quite a few occasions. In other cases
I have found exact matches, sometimes in unusual ways. I bought
a small, nineteenth century, mahogany box that was locked and
required a small "skeleton" key. At another time I bought a small
Reichert microscope from the turn of the century that came with
a locked, leather-covered box. Just on a whim I tried the micro-
scope key in the mahogany box and found it an exact match. The
two locks are half a century apart in manufacture.

I guess the bottom line is, that as our country becomes more and
more restrictive, it will be necessary to counter by becoming more
and more innovative.

                                      Kokkor Hekkus
                                      [email protected]

Date:      31 Jan 90 07:08:40 GMT
From:      [email protected] (MARK KINSLER)
Subject:   Do hot stereos make the rounds?
Yup, they sure do.  Often they get blown out a few times in the process.
I ran a stereo repair shop in the Garfield section of Pittsburgh and
saw machines that had to have been swiped several times.  The lifespan
seems to average about three thefts.  An electronic key would be an
excellent deterrent to car stereo theft.

<[email protected]>, U of Southern Mississippi, Gulf Coast

Date:      31 Jan 90 07:12:01 GMT
From:      [email protected] (MARK KINSLER)
Subject:   Remote alarm systems
Mostly they still use the 100 year old dc current loop system.  A rented
phone line with a current change sensor on it is all they've used since
ADT started in about 1860.

<[email protected]>, U of Southern Mississippi, Gulf Coast