[GTALUG] Question

Russell rreiter91 at gmail.com
Tue Jun 13 08:11:32 EDT 2017 

On June 13, 2017 7:33:55 AM EDT, Alvin Starr via talk <talk at gtalug.org> wrote:
>On 06/13/2017 06:57 AM, o1bigtenor wrote:
>
>>
>>
>> On Mon, Jun 12, 2017 at 9:44 PM, Alvin Starr via talk
><talk at gtalug.org 
>> <mailto:talk at gtalug.org>> wrote:
>>
>>
>>     You can never be paranoid enough.
>>
>>     What your looking for is a tempest enclosure.
>>     Its basically a Faraday cage but tested to NATO et al
>>     standards.(https://en.wikipedia.org/wiki/Tempest_(codename))
>>     <https://en.wikipedia.org/wiki/Tempest_%28codename%29%29>.
>>     A bunch of years ago I was dealing with CSE and got to learn that
>>     you can read a CRT screen from a good distance away (I vaguely
>>     remember it was on the order of a KM or so). There is apparently
>>     at least 1 tempest building in Ottawa that got screwed up because
>>     someone cut some holes for plumbing.
>>     So your not the first person worried about others capturing your
>>     radiated signal.
>>
>>     Not that long ago I read an ACM article talking about being able
>>     to read an LCD screen in the next room from RF and then there was
>>     another ACM article about being able to read a screen from the
>>     reflection off a persons eyeballs.
>>
>>     So to keep completely safe.
>>     1) remove the battery
>>     2) wrap it in aluminum foil
>>     3) wrap it in copper foil
>>     4) solder the edges.
>>
>>
>> Greetings
>>
>> Why - - - I do believe that that would work - - - except then the 
>> device isn't usable - - - shucks!!!
>>
>> Dee
>
>You can have either security or usability but almost never both.
>
>As for IoT. Its is most often bundled with "cloud" control and that is 
>where I have a problem.
>The idea of networks of devices is great.
>Being able to control and monitor "things" over an internal wireless 
>network is nice.
>Of course that is predicated on the wireless protocol being secure and 
>very hard to hack.

Software Defined Radio over USB is a little off this topic, but this presenter from last years defcon has a substantial list of usb hardware with pairing problems, macro vulnerabilities and IoT exploits.

DEF CON 24 - Marc Newlin - MouseJack: Injecting Keystrokes into Wireless Mice

https://www.youtube.com/watch?v=00A36VABIA4

>
>The problem quickly becomes all those devices like the Nest thermostat 
>
>where your device is controlled and connected to some foreign
>corporation.
>They chose how you interact and if they decide to get out of the 
>business(or go out of business) then your hardware is now just so much 
>wall decoration.
>Then there is the fact that they can extract information about you by 
>the way you control your devices and that is just a little bit creepy.
>
>I like devices that I can control from inside the perimiter of my own 
>somewhat secured network.
>That way the control is what I chose and the information I share is my 
>own security/privacy trade-off.


-- 
Russell
Sent by K-9 Mail

More information about the talk mailing list