Search Mailing List Archives


Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
Limit to: All This Week Last Week This Month Last Month
Select Date Range     through    

[liberationtech] Public Shielded Room Work

Travis Biehn tbiehn at gmail.com
Mon Oct 15 14:16:09 PDT 2018


Hey Karl,
Cool.

On Mon, Oct 15, 2018 at 10:01 AM Karl <gmkarl at gmail.com> wrote:

> Thanks so much for your replies.
>
> On 10/14/2018 09:07 PM, grarpamp wrote:
> > Consider utilizing a github / wiki somewhere for this project,
> > People can join together to generate the motivations and goals,
> > outline areas of research, hacking and acquisitions needed,
> > develop workplans, reproducible test setups, progress, results,
> > costs, etc. Perhaps also some form of makerspace later on.
>
> Okay.  I made these:
>
> - gitlab wiki:
> https://gitlab.com/xloem/openemissions/wikis/FAQ-and-Discussion
> - chat: #openemissions:matrix.org on matrix and #openemissions on freenode
> - loomio decision-making group:
> https://www.loomio.org/g/MYQFl2dC/open-emissions
>
> I struggle with organization and would really appreciate any work to
> make things more organized.
>
> If anybody is interested in collaborating actively on this right now,
> chat is most convenient for me at the moment.
>
> On 10/14/18, CANNON <cannon at cannon-ciota.info> wrote:
> > Any power going into such a room should use a UPS battery to prevent data
> > leakage through power lines/usage.
> > (Would power lines become an antennae for electro-magnetic frequency
> > leakage?) Would a UPS be sufficient enough for
> > security?
>
> Your use of 'UPS' seems a little ambiguous here.  I have been thinking
> of keeping a 12V battery inside the room, and using only DC power.  AC
> power seems like just another source of emissions to track, to me.
>
> My understanding is that filters are placed on lines to prevent any
> but acceptable frequencies being carried on them.  The field of
> electromagnetic compatibility covers this a lot, I think.  Power lines
> completely behave as antennae, and couple nearby signals from one end,
> to the other, by receiving them and then re-radiating them.
>
> Filtered AC power could be plugged straight into the mains, but I
> don't at this time have the experience to trust the filters, and it
> complicates construction of the room to make an additional penetration
> for the wiring.
>
> > And if network connectivity is needed, to prevent network cables from
> being
> > a carrier of EMF leakage, perhaps fiber optic line?
>
> As above, I think sneakernet is the way to go for highest security.
>
> With regard to fiberoptic transmissions, it seems to me the gold
> standard would be open-source transcievers that are shielded to
> decrease the utility of compromising them, and a way to sniff the
> fiber-optic line to verify it does not carry unexpected data.
>

I recently prototyped one of these types of systems, just to prevent EMR
between different security domains, using off-the-shelf components;
PC <-> Arduino <-> MAX232 <-> Fiber Converter <-> Duplicate (apparently
popular for aging SCADA systems, cheaper than BAE Data Diodes - probably
just as good.)

Unidirectional properties are as easy to confirm as leaving a fiber cable
unplugged. Monitoring the fiber itself is probably hard & expensive - but
the signal out of the MAX232s at either end, and going in and out of the
microcontrollers, is easy to inspect using a cheap PC attached Logic
Analyzer (digital domain smuggling between bits) and Oscilloscope (unlikely
analog domain covert channels, which Apple has employed for different
reasons.) I used DSLogic kit paired w/ their fork of sigrok. All very
straightforward.

IF a transmitter was modified to analyze or retransmitting important parts
of EMR over a covert fiber channel, and the receiver was modified to
forward clean RS232 and covertly exfil from the fiber side channel, you
won't catch it with this setup. Interested in whether it's more feasible to
detect side-channels over fiber or verify the transmitters.


> Karl
> --
> Liberationtech is public & archives are searchable on Google. Violations
> of list guidelines will get you moderated:
> https://mailman.stanford.edu/mailman/listinfo/liberationtech.
> Unsubscribe, change to digest, or change password by emailing the moderator
> at zakwhitt at stanford.edu.
>


-- 
Twitter <https://twitter.com/tbiehn> | LinkedIn
<http://www.linkedin.com/in/travisbiehn> | GitHub <http://github.com/tbiehn>
| TravisBiehn.com <http://www.travisbiehn.com> | Google Plus
<https://plus.google.com/+TravisBiehn>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.stanford.edu/pipermail/liberationtech/attachments/20181015/d7f69ed3/attachment.html>


More information about the liberationtech mailing list