- If someone offers the public a HOAX surveillance device then they are committing a federal felony... Remember the law considers INTENT as well as actual action. (Of course they can also run afoul of the various state and federal FRAUD laws on the books).
- If it is any kind of a transmitter, receiver, radio, computer or anything that contains any kind of an oscillator or can be connected to the phone lines then it (by law) must be registered with the FCC (or they will rock your world).
- If at anytime any advertisement, information, data sheets, checks, etc is sent via the US Mail, or product is shipped via the post office then the sender will have hell to pay with the Postal Inspector (when they get caught).
- If more then one person is involved (there usually is) then the conspiracy laws start to kick in, which will complicate the case ten fold.
- If the product technical specifications or CLAIMED capabilities exceed certain levels then the munitions control laws also kick in.
- What this means is that if someone offers you sell you (or demonstrate for you) a "TEMPEST Interception or Scanning System" then they are committing a serious felony.
- If you provide them with the "parts" or equipment to pull off such a demonstration then you will get sucked into the criminal act (and God help you if they, you, or the equipment ever crosses state lines).
- Now consider this for a moment... A con artist tells a reporter or customer that if they will supply some equipment that the con artist will demonstrate a "TEMPEST Interception". The reporter drags a bunch of equipment to the demo, the con artist rigs the demo (as the reporter is not a technical person who could recognize a rigged demo) and the con artist gives a slick presentation.
- Of course the con artist will be unable to demonstrate the 11"technique" except to within a few feet, and certainly not out to hundreds of feet (big surprise). Various excuses about the limited distance will be offered (ie: terrestrial interference, airport radars, aliens, government jamming, etc).
- There will be a great deal of tap-dancing, and eventually the con artist will mention that he has audio and video taped everything and that he intends to blackmail the reporter (remember, the part about the conspiracy where the reporter provided the hardware... the DA will). The con artists crooked attorney will then harass the poor reporter into publishing a fantasy article, or will try to force the poor victim into coughing up blackmail money underthe guise of buying a "TEMPEST Interception" system.
- A con artist can fake a "TEMPEST Interception" demonstration with a one dollar chip and a quarters worth of components (such a demonstration can also be rigged by using an off the shelf video signal generator). The con artist simply gets close enough to be within the magnetic field and he can use a coat hangar and broom stick for coupling device. In such cases a conventional monitor is used, but all the con artist is really doing is grabbing the magnetic field, faking the sync signals and using it to overload the monitor by feeding it back into a secondary monitor.
- Of course if both monitors are very close together the signals from the first can be inductively coupled into the second. In such cases you wouldn't need any equipment other the a 50 cent 555 timer circuit and a coat hangar (as demonstrated in the Army school at Fort Devens on the subject).
- Do not confuse "Raster Analysis and Identification" methods with the urban legend of "TEMPEST Interception". Raster analysis is the collection of a video or repetitive signal from a very close proximity to a piece of equipment, but tends to be useless beyond a few feet.
- Also, do not confuse cryptographic intercept and exploitation methods with "TEMPEST Interception". The interception of fragments of signal leakage from poorly designed or defective cryptographic or secure communications systems is designed to resolve a narrow bandwidth cipher, not the classified information itself. Thus, two systems are used, one to extract the cipher of codes used to encrypt the narrowband signals at a very close/moderately close basis, and then a second systems that can be quite some distance away that is used to collect, catalog, decode, decrypt, and exploit the much wider band information (that is begin encrypted). Each stage of such an exploit. The initial acquisition of a cipher can be from a distance ranging from a few inches to a few hundred feet, unless the code can be impressed onto a secondary carrier that can carry it for miles. Once this initial collection of the cipher takes place the eavesdropping in the data (that was encrypted) can take place from miles away, hundreds, or even thousands of miles away.
- "RAID - Raster Analysis and Identification" is something that is done during TSCM work to identify signals of a repetitive nature and is totally impractical for any kind of covert surveillance. Hell, a soda straw, piece of IV tubing, and condom would be more practical for covert eavesdropping then a RAID system.
Introduction
When a new consumer electronic device such as a computer, DVD player, blender, electric razor or other modern electronic marvel is offered for sale to the public the manufacture has to gain a special certification or authorization from the FCC. This process ensures that when the consumer uses the device that they will not interfere with other devices in the area. For example we don't want a DVD player or blender to accidentally jam all the TV, and cellular telephones in a five-block area due to a poor product design.
The FCC (Federal Communications Commission) and its foreign equivalent has created a series of formal standards which new equipment is evaluated against before it is offered to the public.
These new products are taken into a specialized laboratory, and an engineer completes a complicated battery of tests. These test results are then sent to the FCC who then approves or denies the authorization.
When modern electrical devices operate they generate electromagnetic fields. Digital computers, radio equipment, typewriters, and so on generate massive amounts of electromagnetic signals which if properly intercepted and processed will allow certain amounts of information to be reconstructed based on these "compromising emanations". Basically anything with a microchip, diode, or transistor, gives off these fields.
Compromising emanations are these unintentional intelligence-bearing signals, which, if intercepted and analyzed, potentially disclose the national security information, transmitted, received, handled, or otherwise processed by any information-processing equipment.
These compromising emanation signals can then escape out of a controlled area by power line conduction, other fortuitous conduction paths such as the air conditioning duct work, or by simply radiating a signal into the air (like a radio station).
An excellent example of these compromising emanations may be found in modems and fax machines which utilize the Rockwell DataPump modem chip sets and several modems made by U.S. Robotics. When these modems operate they generate a very strong electromagnetic field which may be intercepted, demodulated, and monitored with most VHF radios. This is also a very serious problem with many speaker phone systems used in executive conference rooms.
This is also a very serious problem with many fax machines, computer monitors, external disc drives, CD-R drives, scanners, printers, and other high bandwidth or high speed peripherals.
If an eavesdropper is using high quality intercept equipment the signal may be easily acquired several hundred feet or more away from the target.
In the consumer markets a slight amount of signal leakage really does not present a problem, however; if a computer processing classified information has a leak the results could be devastating.
To deal with this "signal leakage" issue the government developed a series of standards which lay out how equipment should be designed to avoid such leakage. The TEMPEST standard are really nothing more then several industry measurements standards which were adjusted by the NSA (they gave it steroids).
Really the only difference between a TEMPEST approved computer, and a consumer computer is that the NSA TEMPEST approved one will be in a special heavy metal case, will have special shielding, a modified power supply and a few other modifications which increase its price. The TEMPEST approved unit will also require the use of a special torque wrench anytime you have to work on it.
About TEMPEST
TEMPEST is an official acronym for "Telecommunications Electronics Material Protected From Emanating Spurious Transmissions" and includes technical security countermeasures; standards, and instrumentation, which prevent (or minimize) the exploitation of security vulnerabilities by technical means. TEMPEST is nothing more then a fancy name for protecting against technical surveillance or eavesdropping of UNMODIFIED equipment (the unmodified part is important).
Other popular, but unofficial names for TEMPEST are "Transient Emanations Protected From Emanating Spurious Transmissions", "Transient Electromagnetic Pulse Emanation Standard", "Telecommunications Emission Security Standards", and several similar variations (including: "Tiny ElectroMagnetic Pests Emanating Secret Things").
TEMPEST was "invented" in 1918 when Herbert Yardley and his staff of the Black Chamber were engaged by the U.S. Army to develop methods to detect, intercept, and exploit combat telephones and covert radio transmitters. The initial research identified that "normal unmodified equipment" was allowing classified information to be passed to the enemy through a variety of technical weaknesses. A classified program was then created to develop methods to suppress these "compromising emanations". However, the actual acronym known as TEMPEST was only coined in the late 60's and early 70's (and is now considered an obsolete term, which has since, been replaced by the phrase "Emissions Security" or EMSEC).
TEMPEST and it's associated disciplines involve designing circuits to minimize the amount of "compromising emanations" and to apply appropriate shielding, grounding, and bonding. These disciplines also include methods of radiation screening, alarms, isolation circuits/devices, and similar areas of equipment engineering.
TEMPEST disciplines typically involve eliminating or reducing the transients caused by a communication signal and the resulting harmonics. These signals and their harmonics could allow the original signal to be reconstructed and analyzed.
TEMPEST Approved Devices
A TEMPEST approved device (see below) is one that meets stringent technical requirements. The electromagnetic waves it emits have been reduced through shielding or other techniques to a point where it would be extremely difficult for a hostile intelligence agent to gather information from the electromagnetic waves and disclose the classified information being transmitted.
TEMPEST Approval - Type 1: A classified or controlled cryptographic equipment, assembly, component, or item endorsed by the National Security Agency (NSA) for securing telecommunications and automated information systems for the protection of classified or sensitive U.S. Government information exempted by the Warner Amendment for use by the U.S. Government and its contractors, and subject to restrictions in accordance with the International Traffic in Arms Regulation.
TEMPEST Approval - Type 2: An unclassified cryptographic equipment, assembly, component, or item endorsed by the National Security Agency for use in telecommunications and automated information systems for the protection of unclassified but sensitive information. Type 2 equipment is exempted by the Warner Amendment. Type 2 is available to U.S. Government departments, agencies, sponsored elements of state and local government, sponsored U.S. Government contractors, and sponsored private sector entities. It is subject to restrictions in accordance with the International Traffic in Arms Regulation.
TEMPEST Approval - Type 3: An unclassified cryptographic equipment, assembly, component, or item that implements an unclassified algorithm registered with the National Institute of Standards and Technology (NIST) as a FIPS for use in protecting unclassified sensitive, or commercial, information. This definition does not include Warner-Amendment-exempt equipment.
Test Equipment for a TEMPEST in a TEAPOT
While SIGINT deals with the interception and analysis of "compromising emanations", TEMPEST is the protection of those "emanations". TEMPEST, TEAPOT (as in "TEMPEST in a TEAPOT"), NONSTOP, SKIPJACK, HIJACK, and TSCM are all related standards and protocols which deal with containing "compromising emanations". TEMPEST generally deals specifically with shielding, bonding, and grounding (it is a counter-surveillance science, and has nothing to do with actual surveillance or reading or reconstructing these emanations).
TEAPOT refers to the investigation, study, and control of intentional compromising emanations such as those hostilely induced or provoked from telecommunications and computer equipment.
TSCM includes all countermeasures employed to prevent or detect the interception of sensitive, classified, or private information. TSCM is typically an inspection by a technician or engineer of a physical item or place (briefcase, automobile, office, home, boat, etc...). The purpose is to locate possible covert surveillance devices (bugs), technical security weakness, and technical security hazards.
TEMPEST test equipment is very expensive, and is very highly controlled military products (usually classified). While a number of U.S. companies offer such equipment they will only sell it to government agencies. Beware of anybody who tries to foist a security product onto you and claims it involves TEMPEST technology.
Such equipment utilizes both extremely narrow bandwidths (often 100 Hz or less), and very wide bandwidths (above 50 MHz). This kind of equipment also must use super stable time bases, which are very expensive. Even the most basic models of this kind of equipment cost hundreds of thousands of dollars. Of course such equipment is quite inappropriate for eavesdropping (there is no such thing as a "TEMPEST Eavesdropping System").
Van Ecking
In 1985 Wim van Eck (an engineer in the Netherlands) published a white paper entitled "Electromagnetic Radiation from Video Display Units: An Eavesdropping Risk?" which discussed potential methods which could be used for eavesdropping on video monitors.
The "van Eck receiver" was based on older video monitors which utilized a composite video signal with little or no RF/EMI shielding. These video signals were typical broadcast base-band video signals, and the monitors were generally un-shielded which radiated tremendous amounts of RF energy. Very often when these types of monitors were placed near a television set the video monitor would interfere with the television and the "computer stuff" would appear and interfere with the Dallas and Charlies Angels re-runs. Since these monitors utilized the same timing signals and waveform parameters as commercial video signals the display of the signals was very easy and required only a few dollars on components to stabilize the signal.
van Eck published a second white paper in 1998 entitled "Electromagnetic Eavesdropping Machines for Christmas?" which further delved into eavesdropping on video monitors, but the article did little more then whip up hysteria on the subject, was technically flawed, and incomplete which only applied to poorly designed, unshielded monitors.
Professor Erhart Mollerof at the University of Aachen, in Germany waded in and published a paper entitled: "Protective Measures Against Compromising Electro Magnetic Radiation Emitted by Video Display Terminals." The paper was little more then a regurgitation of the material published by van Eck, but Professor Mollerof included information concerning the need for shielding, bonding, and grounding. The Mollerof paper presented nothing that wasn't already well known and documented three decades prior to his paper being published.
RAID or Raster Analysis
Effectively what van Eck did was to point out a well-known hardware security vulnerability that existed in composite computer monitors. His paper covered methods that could be used to analyze this vulnerability, and brought "emission analysis" to public attention when it was published. Of course every "lid, kid, con-artist, crank, crackpot, and felon" came forward and anointed him or herself an expert on van Eck and TEMPEST technology (and offered some kind of bogus interception product). The demonstrations that van Eck was able to do back in 1985 would be virtually impossible to do today due to the rather stringent government requirements requiring limited emissions from computer equipment for health and safety reasons.
What Wim van Eck presented is actually called RAID or "Raster Analysis" which is the reconstruction of high bandwidth composite or rasterized signals which are based on a repeating synchronization signal (such as Radar, Video, and so on). A brief tutorial on raster or video signal analysis may be found at the following link http://www.tscm.com/TSCM101video3.html
A RAID or "Raster Analysis" is commonly performed during TSCM sweeps to evaluate a rasterized signals to determine if it is a hostile eavesdropping device. As such the equipment for such an analysis is readily available from various sources for only a few hundred dollars. However, such equipment is quite inappropriate for covert eavesdropping. "Raster Analysis" is actually taught in all legitimate government TSCM schools, and is something that every TSCM'er is familiar with.
Raster Analysis in the Real World
Raster Analysis is primarily useful for evaluating modulated video signals such as those created by a broadcast TV signal or from a covert video transmitter (at say 400 MHz). Emissions from a computer monitor on the other hand are not actually modulated (for the most part), and as such are very difficult to work with. Such signals would be considered a "Baseband Signal" as opposed to a "Modulated Signal".
The baseband signal tends to be strongest near the monitor or computer and actual consists of three types of electromagnetic fields. The first of these fields is the magnetic field which is extremely strong right next to the monitor but rapidly diminishes as we move away (even inches). This is why your computer speakers sometimes causes distortion of the video on your computer monitor. Generally this magnetic field will not be detectable outside of a few feet, and this region dominated by this field is called the "near field".
The next field is the electrical field which can actually radiate out quite far in all directions (but requires a big antenna to pick up). The electrical signal drops off much slower then the magnetic field, and the region dominated by the this field is called the "far-field". For example, to intercept the baseband signals at a distance of 12 feet from a standard 15 inch Compaq computer and monitor would require a log periodic antenna measuring a minimum of 13.8 feet wide by 11.16. Of course the closer you get to the monitor the smaller the antenna can become, but in real life the eavesdropper is not going to use a 4 foot antenna to eavesdrop on a monitor 200 feet away. In fact once you get outside the "Transition Point" (about 12-15 feet away) the size of the antenna has to become huge (ie: 30 feet wide by 24 feet or larger). Since the emissions are typically below 40 MHz, with the majority of the energy being below 25 MHz you must have some rather huge antenna just to collect the energy. Of course the closer you get to the item being watched the smaller the antenna can be, but you're talking about being within a few feet to use any antenna smaller then a couch.
The third field is called a "Plane Wave" (and would take about an hour and a five page tutorial to explain).
Within each of the above mentioned fields are a number of very specific signals which include the sync signals, and the actual video signal(s). In the case of a color monitor the individual signals may also be broken into separate colors. If someone wants to eavesdrop on the monitor they will have to isolate each of these signals from each other, stabilize, and then recombine them properly. Also, the eavesdropper would not see precisely" what is on the screen unless you can get perfect sync lock (which is wicked tough to do), and even then you would only fragments of the data on the screen.
Each of these signals in turn create a tremendous amount of harmonics all up and down the spectrum. Of course the higher the monitor resolution, the higher the signals on the spectrum (which is why the FCC mandates that monitors and cables must be "Shielded, Bonded, Grounded, and Filtered".
Lids, Kids, Con-Artists, Cranks, and Crackpots
It should be mentioned that the only place in the United States that a person can learn anything about TEMPEST is a special school taught and sanctioned by the National Security Agency. Once a technician or engineer completes the appropriate training the NSA will actually certify them as a "TEMPEST Technician" or "TEMPEST Engineer" and they will then be authorized the work on or design TEMPEST approved equipment. The (very expensive) courses are only offered to a limited number of people who have a very high level of security clearance, and who will be working with such equipment on a regular basis.
While van Eck's engineering and white paper was quite legitimate a number of con-artists capitalized on the paper to sell special screening boxes, "van Eck receivers", and special "Classified CIA intercept systems".
Raster Analysis eavesdropping products exist, however; but they are highly restricted and controlled SIGINT/COMINT (Signals or Communications Intelligence) products and are CIA/NSA grade surveillance goodies. Such products are only available from a very small number of defense or intelligence contractors, and only to those with really serious security clearances. TEMPEST products are not sold at Radio Shack, by private investigators, at spy shops in New York City, or by security "experts".
These products are generally considered a rather old hoax, but the con artists are still racking in hundreds of thousands of dollars selling bogus toys. Such a system only requires about $15 to construct a special amplifier or timing circuit. The method is a "no-brainer" which any college freshman could do
Intercepting a composite video signal from an older unshielded monitor is actually quite simple, HOWEVER; the modern computer monitors sold today rarely use a composite video signal. Also, due to the serious shielding and emission standards required by the FCC the presence or interception of such signals is virtually nil (even at close distances).
Keep Your Wallet in Your Pocket
Many people, including the members of the media, have been swallowing what is falsely claimed to be TEMPEST simply because they neither understand the science nor will they do even simple research or inquiries on a vendor who claims to be a TEMPEST expert.
The majority of TEMPEST surveillance "demonstrations" are actually rigged or grossly misrepresented (the spy might as well become a psychic and start channeling Ramtha via his big toenail).
In the past few years there have been quite a few "TEMPEST experts" that demonstrate what they claim will intercept "TEMPEST signals". Most of the Tempest/Van Eck surveillance products out there are nothing more then a scam run by thieves, con men, scam artists, liars, thieves, snake oil salesman, felons, and mental patients (no kidding).
Seriously, if such a person attempts to peddle would-be TEMPEST products on you, ask about their current probation status, prior criminal convictions, and ask about the last time they talked with their parole officer, psychiatrist, or other mental health professional (and then watch them run out the door).
Several firms have even gone so far as to pre-record the display of a computer monitor (with a video camcorder no less) and then conceal a playback VCR in a fancy looking demonstration box. The victim pays the "TEMPEST expert" $20,000 for an identical box and never sees the money again, nor do they ever get a magical TEMPEST box. After several months the victim tries to contact the con artist only to find the phone number given goes to a beeper (the owner of which refuses to re-contact the victim).
Other con artists will install a small video transmitter into a computer monitor, or will illegally modify a monitor in other ways to increase it's emissions. Also, such rigged demonstrations typically take place under highly controlled conditions involving less then 12-15 feet so the con artist can capitalize on the near field signals instead of picking up far field signals.
The Law
Keep in mind that if somebody offers you any type of van Eck "intercept" or TEMPEST surveillance system that they are committing a serious federal felony. In the event that you are gullible enough to actually pay the con artist then YOU have committed a serious federal felony. Also, if you attempt in any way to obtain the equipment, or engage in any kind of activity to help someone else obtain the equipment that is also illegal (even if it's a hoax).
You will leave eavesdropping and interception equipment alone unless you have a strong desire to have extended discussions with the nice agents from the FBI. They would be quite happy to talk to you regarding your upcoming indictment and your "all expenses paid vacation at a federally operated vacation resort".
Remember that ANY possession, attempted sale, attempted purchase, or building of such a surveillance product or device is highly illegal unless you are under a very specific government contract (even if it is a hoax).
The building, possession, sale, or advertising of any device designed or developed to exploit signal leakage or compromising emanations is a very serious criminal act in the United States unless you are under a very specific government contract (or are a police officer with a legitimate court order).
Also, any device, or system which is primarily useful for the interception of communications is also illegal, and the justice system takes a very dim view of people who try to skirt the law by playing cute word games.
The above mentioned "Omnibus Crime Control Act of 1968" prohibits offering the public anything that is primarily useful for covert surveillance. It doesn't matter if there are other uses for the equipment, but if it is PRIMARILY useful for surveillance then it is contraband.
In a nutshell:
James M. Atkinson
Granite Island Group
President and Sr. Engineer
http://www.tscm.com/
[email protected]
References
Here are a few of the more common government specifications (out of hundreds) concerning TEMPEST, EMSEC, and their associated disciplines:
(U) NSA-82-89, NACSIM 5000, TEMPEST Fundamentals, National Security Agency, February 1, 1982 (C)
(U) NACSIM 5004, Tempest Countermeasures for Facilities Within the United States, National COMSEC Instruction, January 1984 (S)
(U) NACSIM 5005, Tempest Countermeasures for Facilities Outside the United States, National COMSEC Instruction, NACSIM 5005, January 1985 (S)
(U) NACSIM 5009, Technical Rational: Basis for Electromagnetic Compromising Emanations Limits (C)
(U) NACSIM 5100A Compromising Emanations Laboratory Test Requirements, Electromagnetics. National Security Telecommunications and Information System Security (NSTISS)
(U) NACSIM 5108, Receiver and Amplifier Characteristics Measurement Procedures (FOUO)
(U) NACSIM 5109, TEMPEST Testing Fundamentals, March 1973
(U) NACSIM 5112, NONSTOP Evaluation Techniques
(U) NACSIM 5201, TEMPEST Guidelines for Equipment System Design, September 1978
(U) NSA 82-90, NACSIM 5203, Guidelines for Facility Design and RED/BLACK Installation, National Security Agency, June 30, 1982 (C)
(U) NSA 65-5, NACSIM 5204, RF Shielded Acoustical Enclosures for Communications Equipment: General Specification, National Security Agency, October 30, 1964 and May 1978 (C)
(U) NSA 65-6, NACSIM 5204, R.F. Shielded Enclosures for Communications Equipment: General Specification, National Security Agency, October 30, 1964
(U) NSA 73-2A, NACSIM 5204, National Security Agency Specification for Foil RF Shielded Enclosure, National Security Agency
NSA 89-01 (Draft), NACSIM 5204, National Security Agency Specification for a High Performance Shielded Enclosure, National Security Agency, May 31, 1989
(U) NCSC 3, TEMPEST Glossary (S)
(U) NTISSI 4002, Classification Guide for COMSEC Information (S)
NTISSI 7000, National Telecommunications and Information Systems Security Instruction, TEMPEST Countermeasures for Facilities, October 7, 1988
NTISSP 300, National Telecommunications and Information Systems Security Policy, National Policy on the Control of Compromising Emanations, October 3, 1988
NSTISSAM TEMPEST 1-92, Compromising Emanations Laboratory Test Requirements, Electromagnetics. National Security Telecommunications and Information System Security (NSTISS), December 15, 1992
NSTISSAM TEMPEST 1-93, Compromising Emanations Field Test Requirements Electromagnetics, August 30, 1993 (U)
(U) NSTISSAM TEMPEST 2-91, Compromising Emanations Analysis Handbook, National Security Telecommunications and Information Systems Security Advisory Memorandum (C)
NSTISSAM TEMPEST 2-92, Procedures for TEMPEST Zoning, December 30, 1992
(U) NSTISSAM TEMPEST 2-95, RED/BLACK Installation Guidance, National Security Telecommunications and Information Systems Security Advisory Memorandum, December 12, 1995 (C)
NSTISSAM TEMPEST 3-91, Maintenance and Disposition of TEMPEST Equipment, December 20, 1991
INFOSEC System Security Products & Services Catalog, October 1990, National Security Agency
DOD Directive C-5000.19, Control of Compromising Emanations (U), February 23, 1990
MIL-STD-461E, Department of Defense Interface Standard, Requirements For The Control of Electromagnetic Interference Characteristics of Subsystems and Equipment (Replaces previous 461 and 462), 20 August 1999.
MIL-STD-IB8-124B, Military Standard Grounding, Bonding and Shielding for Common Long Haul/Tactical Communication Systems including Ground Based Communications-Electronics Facilities and Equipment, February 1, 1992.
MIL-HDBK-232, Red/Black Engineering - Installation Guidelines.
MIL-HDBK-411A, Long Haul Communications (DCS), Power and Environmental Control for Physical Plant.
MIL-HDBK-419, Grounding, Bonding, and Shielding for Electronic Equipment and Facilities.
MIL-HDBK-1195, Radio Frequency Shielded Enclosures, September 30, 1988.
MIL-STD-188-124, Grounding, Bonding, and Shielding for Common Long Haul and Tactical Communications Systems.
MIL-STD-285, Method of Attenuation Measurement for Enclosures, Electromagnetic Shielding for Electronic Test Purposes.
General EMI/EMC References
FCC 47CFR Part 15, Radio Frequency Devices.
FCC 47CFR Part 18, Industrial, Scientific and Medical Equipment.
FCC 47CFR Part 68, Connection of Terminal Equipment to the Telephone Network.
MIL-STD-464, Electromagnetic Environmental Effects Requirements for Systems.
MIL-STD-469, Radar Engineering Interface Requirements, Electromagnetic Compatibility Metric.
MIL-STD-1542B, Electromagnetic Compatibility and Grounding Requirements for Space System Facilities.
MIL-HDBK-235/1B, Electromagnetic (Radiated) Environment Considerations for Design and Procurement of Electrical and Electronic Equipment, Subsystems and Systems.
MIL-HDBK-237B, Electromagnetic Environmental Effects on Platforms, Systems, and Equipment.
MIL-HDBK-241B, Design Guide for EMI Reduction in Power Supplies.
MIL-HDBK-1512, Electroexplosive Subsystems, Electrically Initiated, Design Requirements and Test Methods.
MIL-HDBK-1857, Grounding, Bonding and Shielding Design Practices.
FCC References
47CFR, Part 0
47CFR, Part 1
47CFR, Part 2
47CFR, Part 3
47CFR, Part 5
47CFR, Part 11
47CFR, Part 13
47CFR, Part 15
47CFR, Part 17
47CFR, Part 18
47CFR, Part 19
47CFR, Part 20
47CFR, Part 21
47CFR, Part 22
47CFR, Part 23
47CFR, Part 24
47CFR, Part 25
47CFR, Part 26
47CFR, Part 32
47CFR, Part 36
47CFR, Part 41
47CFR, Part 42
47CFR, Part 43
47CFR, Part 51
47CFR, Part 52
47CFR, Part 53
47CFR, Part 54
47CFR, Part 59
47CFR, Part 61
47CFR, Part 62
47CFR, Part 63
47CFR, Part 64
47CFR, Part 65
47CFR, Part 68
47CFR, Part 73
47CFR, Part 74
47CFR, Part 76
47CFR, Part 78
47CFR, Part 79
47CFR, Part 80
47CFR, Part 87
47CFR, Part 90
47CFR, Part 95
47CFR, Part 97
47CFR, Part 100
47CFR, Part 101
FCC Frequency Tables
About the Author
James M. Atkinson is one of a small number of people who have been formally certified and trained by the NSA as a TEMPEST Engineer, and Cryptographic Technician. He has extensive experience with the design and development of SIGINT systems to exploit and/or control compromising emanations. Additionally, he has many years of experience working deep inside highly classified U.S. SPOKE, and NATO cryptographic, communications, and computer systems.
Mr. Atkinson is also one of the most respected names in the TSCM industry (Technical Surveillance Counter Measures or "Bug Sweeping"). He has researched and written a great deal on the subject matter including several books, numerous articles, and is the author of the worlds largest and most extensive web site in the world concerning "bug sweeps" and technical security. He has also contributed heavily to numerous books dealing with "bug sweep" subject matters, and in several cases has written entire textbooks or chapters of textbooks on the subject.
He has attended extensive private and government sponsored TSCM, TEMPEST, EMI, ECM, ECCM, SIGINT, technical intelligence, and security training both in the United States and abroad. He has also been engaged by Congress as a subject matter expert on TEMPEST and secure communications, and in this capacity assisted them in catching a massive fraud scandal involving several large defense contractors who were falsifying TEMPEST designs and documentation. The sad thing about the COngressional project is that the government agency who was purchasing the fraudulent equipment was actually complacent in the fraud, and was aggressively helping the contractor cover it up. Congress actually had to step in and shutdown funding for the project as there was so much malfeasance on the part of the government purchaser, and so much corruption with the contractors that nothing could be done other then to shut the while budget down for a period.
Also, he maintains the worlds largest private reference library regarding technical surveillance devices, and TSCM protocols used internationally. Included in this library is a computerized database of over a quarter million eavesdropping devices. This computerized database includes complex mathematic models which permit the quantitative modeling, evaluation, and analysis of eavesdropping devices.
"If it doesn't involve a torque wrench, then it's not TEMPEST..."
| Home | What is TSCM | Types of Bugs | Warning Signs You're Bugged |
| How To Behave if Bugged | TSCM Threat Levels | How To Engage a TSCM Firm |
| Qualifications | TSCM Protocol | Bug Frequencies | Phone Taps and Bugging |
| Signal Analysis | TDR Analysis | TDR Tutorial | Wiretapping | Training | Tools |
| Equipment | OSC-5000 | Kaiser | Riser Bond | Avcom | Search Rcvrs |
| Outside Links | Recommended TSCM Books | TSCM Reference Library |
| Recommended U.S. TSCM Firms | TSCM-L Mailing List |
For a confidential consultation please E-mail: [email protected]
-
Granite Island Group
127 Eastern Avenue #291
Gloucester, MA 01930
Telephone: (978) 381-9111
International Callers: 001-978-381-9111