|
"Deep
in the sea are riches beyond compare.
But if you seek safety, it is on the shore."
What
to do you if you are attacked or hacked : Part Four
Hardware
hacking?
How to spot
a hardware based keylogger? How to spot TEMPEST attack? Cameras
watching you as you type your passphrases? Someone tampering you
phonelines etc? How about just lurking over your shoulder when
you use your laptop computer? Its hard but not impossible. Again,
prevention is the key issue here. Prevent anyone from entering
the space where the computer is located and you have fixed this
issue. Or if you are using a laptop computer, make sure you carry
it with you all times even when you dont need it. Make sure tought
that its not stolen...and if it is, you have nothing to worry
about since all your sensitive data is protected by strong cryptography
and passphrases and plaintext copies are wiped...right? RIGHT?!?
Hardware keyloggers
can be very dangerous. But you can check your keyboard and especially
the line in it. Anything special about? What about in the mainboard?
Any strange box between your keyboard and computer or inside your
keyboard? Even a tiny one? If there is, bingo! You might have
found an advanced keylogger! These babys are pretty cheap actually.
They can store a huge amount of data of your keypressings and
there is absolutely no way you can discover then unless you know
what you are looking at and where to look at. No software can
find them. Sometimes they send to data as wireless to 10-50 meters
away to main station that sends them forward.
Under TEMPEST
attack? Maybe you are just a paranoid but again, you can never
be to carefull. If you want to protect against TEMPEST, you need
to implement so serious security precautions that they are beyond
the scope of these pages. In general, if nothing can get out of
the room you are in, TEMPEST is pretty much useless. That means,
if you cant operate a radio or GSM phone in the room you are in,
then you are propably safe from TEMPEST. A metal cage around the
room should be enought to produce Faraday's cage.
Cameras and
microphones and such can be tricky. Its easy to put a GSM phone
in the room online so that it can be used as microphone! Very
easy and cheap. You can buy devices that check for online GSM
phones and they arent that expensive either. Some schools use
them to make sure that students arent cheating at exams using
their GSM phones (in here Finland atleast). Anyway, back to computers...the
point is, that if you can hear the keyboard pressings, you can
easily reconstruct what was typed. Dont underestimate microphones!
Cameras are troublesome too. They can be hidden onto...well..anything.
Finding them might be easy or it might be very hard. Just look
around for anything strange in your room, especially somewhere
up or in some holes. If you find it, rip it off and take it to
someone who knows more about it...and search for more, if "they"
could have planted one, they could have planted a dozen of them.
If you discover that you have been spyed upon like this, concider
EVERYTHING compromised. Everything!
Are you phonelines
wiretapped? You cant know for sure has someone tampered your phonelines
(unless you ask phonecompany guys to check it out which will cost
you...). If you have reason to believe someone might be doing
it, concider all your communications compromised. Never use unencrypted
connections, use services like www.anonymizer.com to encrypt all
traffic in you www-surfing and be cautious about man-in-the-middle
attacks! Also, GSM does provide some level of encryption, a level
that just might be enought to fool a hacker next door, but not
enought to prevent someone who knows he's job to wiretap and listen
all your communications.
One
thing is to concider when using a laptop computer: A mask. It
is hard to explain (especially since english is not my native
language), but you can put a mask on the screen of your computer,
that changes the polarization of the light so that human eye cant
see anything except pure white in it. When you wear a pair or
specially tailored sunglasses, you can, however, look at the screen
as normal since they "cut out" the polarity. This means,
that people around you that dont have similiar sunglasses (regular
ones wont help), wont be able to see what is in your screen, but
only you can! Ofcourse, they can still look what you type with
your laptop computer, but not whats in the screen! Ask more about
this kinda system from computer suppliers or security experts
in your local area.
-Markus
Jansson
|
|