phco@ecsvax.UUCP (10/10/84)
According to the October 5, 1984 issue of "Buss", the U.S. Government
awarded on October 2 a contract to Zenith Data Systems for $99.8
million worth of Z-150 microcomputers "specially designed to meet U.S.
Government 'Tempest' security specifications required for computers and
peripherals used in government classified work, including research,
aerospace, defense, and diplomatic functions." The contract calls for
delivery of approximately 10,500 desktop systems over the next five years
to the Air Force, Navy, and Marine Corps. The article goes on to say
"To achieve the necessary security specifications, the Zenith Tempest
models employ state-of-the-art technology that electronically secures
data inside the computer."
Does anybody know anything about the "Tempest" specs and what they mean?
John Miller (ecsvax!phco)
Dept. of Pharmacology, Univ. of N.C.,
Chapel Hill, N.C.henry@utzoo.UUCP (Henry Spencer) (10/14/84)
> Does anybody know anything about the "Tempest" specs and what they mean?
The "Tempest" specs are a tough set of specs on exactly how much of the
system's electromagnetic activity can be detected at specific (short)
ranges. The intent is not protecting other systems from interference,
but protecting secret data against electromagnetic eavesdropping. In
theory, you can get a nice readout of a computer's internal activity
by monitoring its radio emissions; the Tempest specs aim at cutting down
the radiation to the point where such snooping is utterly impractical.
The details of the Tempest specs are secret (!). You can't even get a
look at them unless the government agrees that you are a potential
supplier of Tempest-qualified gear, and you meet the other assorted
prerequisites for a suitable level of security clearance.
--
Henry Spencer @ U of Toronto Zoology
{allegra,ihnp4,linus,decvax}!utzoo!henrydat@hpcnoe.UUCP (dat) (10/15/84)
Having worked on 'Tempest' terminals for a while, I can say that they are yet another example of the extreme caution under which the Government functions; The 'Tempest' is typically an enclosure for the computer combined with a demonstrably secure central computing facility (if needed) and secure communications lines that do NOT radiate their signal outside of the wire (if needed). The enclosure and lines are to prevent an 'enemy' (generic term, I suppose) from pointing some sensitive electronic equipment tuned to the output bandwidth of the terminal screen (for example) and sitting back and smiling while a duplicate of the screen is received on his equipment. This can in fact be done, according to some guru engineers that I have talked to!! Similar with the wire...if you can keep track of the traffic on a communications line, you can decipher the information (especially if it is standard ASCII or something.) The process is again somewhat analogous to a Ham radio operator listening to the seemingly meaningless noise on a given frequency and actually getting valid data from it! Even with this, there is a bit of a tendency to use a secure environment which forces the users to be (up to) extremely uncomfortable while using the computer. The project I left was at the point where all the computers and terminals were in a large safe..like a concrete bomb shelter..with marines wandering in and out, and people being hussled off to be interrogated if they made a mistake like mounting a 'classified' tape on an 'unclassified' drive. (This happened!) I suppose the alternative is to essentially broadcast all our governmental secrets over the airwaves which would be bad news too! The only problem is that the Tempest machines tend to look like late 50's rejects for futuristic computers. Further questions, to the limit I understand, can be freely thrown at me. Dave Taylor now at HP - CNO
mikey@trsvax.UUCP (10/17/84)
Tempest is is the designation for limits of radiation. A few years ago a government agency actually proved they could sit up to hundreds of feet away from a computer and decode what was going on by monitoring the EMI. (Mostly because of the video and keyboard signals.) Tempest is supposed to limit this kind of eavesdropping on machines that meet criteria in the Tempest specs. Last I heard you can get a Tempest proposal document but if you don't need the complete specs, you don't get them. Mikey at trsvax
jbn@wdl1.UUCP (jbn ) (10/24/84)
Many Tempest-qualified units tend to look miserable because they consist of a noisy unit in a heavy case, but DEC makes a Tempest-qualified VT100 that looks just like an ordinary VT100 except for a fine mesh grid in front of the tube. The Compass Grid lap-sized computer is available in a Tempest-qualified version; the solid magnesium case made this an easy one to shield.