Viability of power-line intrusions

[FYIGMO]

If I connect my Vista laptop to a power outlet in public, such as an airport
terminal, library, or coffee shop, how viable is the threat from someone
gaining access to my computer via a power-line network? If the threat is
viable today, what is the best method of stopping it?

I know many people will say this is too unlikely and that other security
threats are of much more concern to the average computer user, but with the
increasing sophistication of ripoff artists either trying to steal your
identity or pilfer your financial data I wouldn't assume the threat is not
viable and not likely to increase in the future. After all, the federal
government and the defense industry utilize TEMPEST, outlining the need for
classified "Red Power" systems to protect computers from power-line
monitoring and Van Eyck monitoring as well, versus "Black Power" systems that
are connected to the public grid. In fact, not too long ago the French were
caught conducting industrial espionage by tapping into a local power grid and
accessing information via power lines.

Any thoughts would be welcome. Thanks.

 

[Smithsonian]

There is no way really to prevent someone from accessing your computer. Id
say you wouldnt. I'd say dont enter any personal information.

 

[Alun Jones]

If I connect my Vista laptop to a power outlet in public, such as an
airport
terminal, library, or coffee shop, how viable is the threat from someone
gaining access to my computer via a power-line network? If the threat is
viable today, what is the best method of stopping it?

Be realistic.

If you are concerned about the kind of highly-motivated, well-funded and
overly-technical attacker that would be able to deduce anything from
monitoring your power usage (let alone inject anything through the power
cable), you already work for an institution that can give you advice (such
as "don't use your laptop... anywhere but in the office").

Yes, Van Eyck phreaking allows an observer with a large truckful of
expensive equipment to get something of an idea of what's on your screen
(with varying degrees of success and/or resolution) - provided there isn't a
lot of interference. There are some interesting results with reading light
levels from a CRT in a darkened room, but your laptop doesn't have a CRT.

Your laptop power supply takes 50-60Hz alternating current, applies
rectifiers (diodes) and smoothers (capacitors) to it, plus probably a
significant level of other solid-state electronics, to create a more
smoothed direct current signal. I've not heard of any attacks that can use
fluctuating power drain to determine the activity on your system - that
doesn't mean they don't exist or aren't possible, but if you truly fear
that, carry a battery charger, and plug _that_ into the outlet; always work
off battery.

I'm pretty certain that there are no good attacks that allow any measure of
control over your system through fluctuating the power supply, short of the
obvious overloading, or de-powering.

The short answer - if you think your opponents are smarter and richer than
you, and they're interested in your information, stop using the information
in places they can get to.

Alun.
~~~~

 

[Jason]

Get a good antivirus program such as Kaspersky and a free firewall like ZoneAlarm. Kaspersky has auto detect and will cut your chances of getting penetrated by 90%.


Post Originated from http://www.VistaForums.com Vista Support Forums

 

[FYIGMO]

I understand realism, which is why anyone would simply use battery power if
they were that afraid of a power-line intrusion. The question is more
theoretical at this time, but for how long? If there's two things I've
learned over the years it's never underestimate the cunning and tenacity of
criminals, and second is that computer software and hardware continues to
increase in capability while dropping in price, resulting in home computers
or laptops today that two or three decades ago would have taken "national"
means to have owned and operated.

Also, you wrote: "If you are concerned about the kind of highly-motivated,
well-funded and overly-technical attacker that would be able to deduce
anything from monitoring your power usage...."

I clearly said in my original posting that power-line intrusions are used to
collect data, not monitor your power usage. I suggest you read about the
NSA's TEMPEST program and security requirements regarding it. Computer data
can be just as easily collected via power lines as through a broadband
connection, only it's much more covert. If governments and corporations can
use it and are concerned with protection against it, then there's no reason
to believe criminals have not, or will not soon, be using it.

You also said: "The short answer - if you think your opponents are smarter
and richer than you, and they're interested in your information, stop using
the information in places they can get to."

For now, you still have that option, but as companies and/or their products
are increasingly connected to the web and cell networks, it won't be long
before you don't have any choice. Have you ever tried operating a computer
that's not connected to the internet? It's amazing how many programs won't
function because the program can't communicate to the internet for reasons
such as product verification, and when you try to communicate with the
company they go into vapor lock (as though regular mail doesn't exist or is
not an option anymore for communications) and fail or refuse to pass along
authorization numbers, etc., for your legally owned software to function.

I don't think it's a dumb question to be asking about criminals and
power-line intrusions. As we all become more connected to the web for
everyday needs and services, it's just another possible vulnerability to be
concerned about.

FYIGMO

 

[FromTheRafters]

If I connect my Vista laptop to a power outlet in public, such as an
airport
terminal, library, or coffee shop, how viable is the threat from someone
gaining access to my computer via a power-line network? If the threat is
viable today, what is the best method of stopping it?

I know many people will say this is too unlikely and that other security
threats are of much more concern to the average computer user, but with
the
increasing sophistication of ripoff artists either trying to steal your
identity or pilfer your financial data I wouldn't assume the threat is not
viable and not likely to increase in the future. After all, the federal
government and the defense industry utilize TEMPEST, outlining the need
for
classified "Red Power" systems to protect computers from power-line
monitoring and Van Eyck monitoring as well, versus "Black Power" systems
that
are connected to the public grid. In fact, not too long ago the French
were
caught conducting industrial espionage by tapping into a local power grid
and
accessing information via power lines.

Any thoughts would be welcome. Thanks.

Well engineered laptops would have good filtering of the AC to DC conversion
inbound as well as RF decoupling outbound. Nothing is perfect though, so
there
will be some leakage. This is not the same as 'access to my computer' in any
command and control sense. It is data leakage only, and not very much at
that.

Back when I was more familiar with TEMPEST, laptops didn't exist. However,
I'm reasonably sure the guidelines for sensitive data on laptops include not
doing
as you suggest. )

 

[FYIGMO]

That's why the threat is potentially so great. For example, some businessman
is waiting to board his flight and using his computer in the terminal. The
battery dies, and he's forced to plug-in (good luck finding a plug!).
Anyway, he may be doing something as simple as his home finances with Quicken
and, BAM!, some thief who's accessed his laptop via the power lines has just
tapped into his financial data. For people who are prudent with security
that will never be a problem, but the scenario above describes the vast
majority of computer users who innocently operate their computers yet are
totally vulnerable to intrusion. Just more food for thought.

FYIGMO

 

[FromTheRafters]

No, it's not that simple. It would take much time to
gather enough information from the data leakage
to allow penetration of your system. The bad guy
would have to invest much time gathering and then
analyzing - just to get the merest crumbs.

I'm reasonably sure there won't be enough time in the
case of your businessman.

Governments have to worry about such things because
the bad guys know that the end result may prove worth
the time and effort.

 

[FYIGMO]

I can see your point, but I'll still remain a bit paranoid when it comes to
the tenacity of thieves. I read in the Wall Street Journal yesterday about a
grocery chain's fiber optic network (thought to be secure) which was
penetrated by malware, allowing the thieves to intercept customer's credit
card numbers as they swiped them at the checkout counter. I figure that at
some point these guys will resort to power-line intrusions of banks, etc.,
because, as you mentioned, the financial gain is such that it is worth the
time and effort of sifting through the data. In summary, I don't trust
anyone these days....

FYIGMO

 

[FromTheRafters]

I can see your point, but I'll still remain a bit paranoid when it comes to
the tenacity of thieves.

A healthy paranoia is a good thing. )

I read in the Wall Street Journal yesterday about a
grocery chain's fiber optic network (thought to be secure) which was
penetrated by malware, allowing the thieves to intercept customer's credit
card numbers as they swiped them at the checkout counter.

I believe that that is my employer. I hadn't heard about
the fiber optic angle though. Man in the middle attack
is all I heard. I was wondering how the man got in the
middle.

I figure that at
some point these guys will resort to power-line intrusions of banks, etc.,
because, as you mentioned, the financial gain is such that it is worth the
time and effort of sifting through the data. In summary, I don't trust
anyone these days....

[snip]

 

[FYIGMO]

You can read more about this story at the following URL:

http://www.newser.com/story/23007.html

It would be interesting to see if it is where you work. On a related
subject, I just read a piece about a guy who encountered a network on his
Apple in 2005 -- accessed through the power plug and the apartment's
electrical wiring. After discovering the network (via OS X's Network
Monitor), he disconnected the internet line. This had no effect on the
exchange of information between his computer and the other system. The
computer had no wireless capacity. The only option was the powerline.

The Perpheral Monitor detected a second "Display" attached to his computer.
After a while, he plugged more and more devices into vacant outlets on the
power strip. After adding a TV, clock radio and cordless phone to the strip,
the network vanished. About twenty-minutes later, it was reestablished, using
a process called "Python." He also discovered a user, named "Wheeler" who had
"root user" access. Apparently, it turned out to be local police (Roseville,
California) in the upstairs apartment conducting warrantless surveillance,
which I assume immediately ceased as the above-mentioned computer user was an
attorney.

Comments?

A healthy paranoia is a good thing. )

I believe that that is my employer. I hadn't heard about
the fiber optic angle though. Man in the middle attack
is all I heard. I was wondering how the man got in the
middle.

I figure that at
some point these guys will resort to power-line intrusions of banks, etc.,
because, as you mentioned, the financial gain is such that it is worth the
time and effort of sifting through the data. In summary, I don't trust
anyone these days....

[snip]

 

[Alun Jones]

Also, you wrote: "If you are concerned about the kind of highly-motivated,
well-funded and overly-technical attacker that would be able to deduce
anything from monitoring your power usage...."

I clearly said in my original posting that power-line intrusions are used
to
collect data, not monitor your power usage.

And how would you collect data over the power line, if not by monitoring the
power usage?

I suggest you read about the
NSA's TEMPEST program and security requirements regarding it. Computer
data
can be just as easily collected via power lines as through a broadband
connection, only it's much more covert. If governments and corporations
can
use it and are concerned with protection against it, then there's no
reason
to believe criminals have not, or will not soon, be using it.

Sure there is - if they can get credit card numbers, say, by paying someone,
or indulging in a little light hacking of a badly-secured web-site, why on
earth would they try and sink thousands of dollars into a truckful of
electronics that they then would need to spend a few months learning how to
use?

It's different if you think someone is targeting you, of course. Then you
have to theorise that there is no "easier target", because you're the one
they want - is your data really so interesting? If it is, may I suggest not
using an airport lounge or other public area to fetch your data?

I don't think it's a dumb question to be asking about criminals and
power-line intrusions. As we all become more connected to the web for
everyday needs and services, it's just another possible vulnerability to
be
concerned about.

Power-line intrusions have nothing to do with "as we all become more
connected to the web". You're needlessly expanding the discussion.

If you have data that valuable and that secret, you stay off the web, and
you use places you know to be safe. No compromise.

Alun.
~~~~

 

[Alun Jones]

It would be interesting to see if it is where you work. On a related
subject, I just read a piece about a guy who encountered a network on his
Apple in 2005 -- accessed through the power plug and the apartment's
electrical wiring. After discovering the network (via OS X's Network
Monitor), he disconnected the internet line. This had no effect on the
exchange of information between his computer and the other system. The
computer had no wireless capacity. The only option was the powerline.

The Perpheral Monitor detected a second "Display" attached to his
computer.
After a while, he plugged more and more devices into vacant outlets on the
power strip. After adding a TV, clock radio and cordless phone to the
strip,
the network vanished. About twenty-minutes later, it was reestablished,
using
a process called "Python." He also discovered a user, named "Wheeler" who
had
"root user" access. Apparently, it turned out to be local police
(Roseville,
California) in the upstairs apartment conducting warrantless surveillance,
which I assume immediately ceased as the above-mentioned computer user was
an
attorney.

Comments?

While there are some network protocols that piggy-back on the electrical
wiring, I've not heard of any that are included by default in a system's
power connection. For it to show up in his own Network Monitor, it would
have to be a legitimate network, and not simply one made by looking for
patterns in power usage, such as you're describing.

So, your clever attorney must have bought himself an "ethernet over power
lines" network adaptor, plugged into it, and then forgotten that he'd done
so.

As for the dual display, my Mac is so crap at detecting displays plugged in
or unplugged, that I wouldn't be at all surprised.

More likely is that his system was acting strangely, and it was easier to
blame outside influences than his own inability to use the computer. I've
seen that _far_ more often than I've seen examples of security breaches that
verge on the fantastic, if not the entirely impossible.

Alun.
~~~~

 

[FYIGMO]

The primary issue is not hiding secret data, but being able to make purchases
via the web and not have your credit card info intercepted. At any rate,
what you said is correct, one must use common sense whenever accessing the
web and never compromise regarding personal/financial data and its security.
Quite frankly, I'm more concerned about giving my credit card to a waiter or
waitress (which I haven't done for years) than I am using it over the web.
Later....

FYIGMO

 

[FromTheRafters]

Use encryption.

 

[Paul Adare]

So their friends in government
reciprocate by harassing me however they can, and preventing the database
from ever getting off the ground.

Time to double up on your medications Lloyd.

 

[lloyd dettering]

you're naive if you think power outlet intrusions only take place in public places!



Posted as a reply to:

Re: Viability of power-line intrusions


Be realistic

If you are concerned about the kind of highly-motivated, well-funded and
overly-technical attacker that would be able to deduce anything from
monitoring your power usage (let alone inject anything through the power
cable), you already work for an institution that can give you advice (such
as "don't use your laptop... anywhere but in the office")

Yes, Van Eyck phreaking allows an observer with a large truckful of
expensive equipment to get something of an idea of what's on your screen
(with varying degrees of success and/or resolution) - provided there isn't a
lot of interference. There are some interesting results with reading light
levels from a CRT in a darkened room, but your laptop doesn't have a CRT

Your laptop power supply takes 50-60Hz alternating current, applies
rectifiers (diodes) and smoothers (capacitors) to it, plus probably a
significant level of other solid-state electronics, to create a more
smoothed direct current signal. I've not heard of any attacks that can use
fluctuating power drain to determine the activity on your system - that
doesn't mean they don't exist or aren't possible, but if you truly fear
that, carry a battery charger, and plug _that_ into the outlet; always work
off battery

I'm pretty certain that there are no good attacks that allow any measure of
control over your system through fluctuating the power supply, short of the
obvious overloading, or de-powering

The short answer - if you think your opponents are smarter and richer than
you, and they're interested in your information, stop using the information
in places they can get to

Alun
~~~~

EggHeadCafe - Software Developer Portal of Choice
WCF Workflow Services Using External Data Exchange
http://www.eggheadcafe.com/tutorial...a-6dafb17b6d74/wcf-workflow-services-usi.aspx

 

[lloyd dettering]

AC and DC CAN BOTH BE ACCESSED! you're an expert? I doubt it!



Posted as a reply to:

Re: Viability of power-line intrusions


Be realistic

If you are concerned about the kind of highly-motivated, well-funded and
overly-technical attacker that would be able to deduce anything from
monitoring your power usage (let alone inject anything through the power
cable), you already work for an institution that can give you advice (such
as "don't use your laptop... anywhere but in the office")

Yes, Van Eyck phreaking allows an observer with a large truckful of
expensive equipment to get something of an idea of what's on your screen
(with varying degrees of success and/or resolution) - provided there isn't a
lot of interference. There are some interesting results with reading light
levels from a CRT in a darkened room, but your laptop doesn't have a CRT

Your laptop power supply takes 50-60Hz alternating current, applies
rectifiers (diodes) and smoothers (capacitors) to it, plus probably a
significant level of other solid-state electronics, to create a more
smoothed direct current signal. I've not heard of any attacks that can use
fluctuating power drain to determine the activity on your system - that
doesn't mean they don't exist or aren't possible, but if you truly fear
that, carry a battery charger, and plug _that_ into the outlet; always work
off battery

I'm pretty certain that there are no good attacks that allow any measure of
control over your system through fluctuating the power supply, short of the
obvious overloading, or de-powering

The short answer - if you think your opponents are smarter and richer than
you, and they're interested in your information, stop using the information
in places they can get to

Alun
~~~~

EggHeadCafe - Software Developer Portal of Choice
WCF Workflow Services Using External Data Exchange
http://www.eggheadcafe.com/tutorial...a-6dafb17b6d74/wcf-workflow-services-usi.aspx

 

[lloyd dettering]

No anti-virus program will stop a powerline intrusion by the government's powerline intrusion. Microsoft gave them the Source Codes for the Windows O/S family and the anti-malware programs depend on the O/S first starting up bafore they can protect you; the gov. is in control BEFORE the anti-malware program starts up!



Posted as a reply to:

Re: Viability of power-line intrusions


Be realistic.

If you are concerned about the kind of highly-motivated, well-funded and
overly-technical attacker that would be able to deduce anything from
monitoring your power usage (let alone inject anything through the power
cable), you already work for an institution that can give you advice (such
as "don't use your laptop... anywhere but in the office").

Yes, Van Eyck phreaking allows an observer with a large truckful of
expensive equipment to get something of an idea of what's on your screen
(with varying degrees of success and/or resolution) - provided there isn't a
lot of interference. There are some interesting results with reading light
levels from a CRT in a darkened room, but your laptop doesn't have a CRT.

Your laptop power supply takes 50-60Hz alternating current, applies
rectifiers (diodes) and smoothers (capacitors) to it, plus probably a
significant level of other solid-state electronics, to create a more
smoothed direct current signal. I've not heard of any attacks that can use
fluctuating power drain to determine the activity on your system - that
doesn't mean they don't exist or aren't possible, but if you truly fear
that, carry a battery charger, and plug _that_ into the outlet; always work
off battery.

I'm pretty certain that there are no good attacks that allow any measure of
control over your system through fluctuating the power supply, short of the
obvious overloading, or de-powering.

The short answer - if you think your opponents are smarter and richer than
you, and they're interested in your information, stop using the information
in places they can get to.

Alun.
~~~~

EggHeadCafe - Software Developer Portal of Choice
WCF Workflow Services Using External Data Exchange
http://www.eggheadcafe.com/tutorial...a-6dafb17b6d74/wcf-workflow-services-usi.aspx

 

[lloyd dettering]

Van Eyck? You're so old-hat!



Posted as a reply to:

Re: Viability of power-line intrusions


Be realistic

If you are concerned about the kind of highly-motivated, well-funded and
overly-technical attacker that would be able to deduce anything from
monitoring your power usage (let alone inject anything through the power
cable), you already work for an institution that can give you advice (such
as "don't use your laptop... anywhere but in the office")

Yes, Van Eyck phreaking allows an observer with a large truckful of
expensive equipment to get something of an idea of what's on your screen
(with varying degrees of success and/or resolution) - provided there isn't a
lot of interference. There are some interesting results with reading light
levels from a CRT in a darkened room, but your laptop doesn't have a CRT

Your laptop power supply takes 50-60Hz alternating current, applies
rectifiers (diodes) and smoothers (capacitors) to it, plus probably a
significant level of other solid-state electronics, to create a more
smoothed direct current signal. I've not heard of any attacks that can use
fluctuating power drain to determine the activity on your system - that
doesn't mean they don't exist or aren't possible, but if you truly fear
that, carry a battery charger, and plug _that_ into the outlet; always work
off battery

I'm pretty certain that there are no good attacks that allow any measure of
control over your system through fluctuating the power supply, short of the
obvious overloading, or de-powering

The short answer - if you think your opponents are smarter and richer than
you, and they're interested in your information, stop using the information
in places they can get to

Alun
~~~~

EggHeadCafe - Software Developer Portal of Choice
WCF Workflow Services Using External Data Exchange
http://www.eggheadcafe.com/tutorial...a-6dafb17b6d74/wcf-workflow-services-usi.aspx