e-print.e-print.本文件是一个粗略的草稿。法律部分是概述。他们将在下一个版本中显着扩展。
我们在这个国家,在我们这一代,是 - 被命运,而不是选择 - 自由世界的墙壁上的守望者[1]-President肯尼迪
在小说1984年,乔治·奥威尔预言,在未来,个人没有隐私预期,因为国家垄断的间谍技术。政府关注的对象,从出生到死亡的行动。没有因为监视和反监视技术是由政府控制的一个可以保护自己。这说明探讨的监视技术,悲天悯人地称为TEMPEST [2]的法律地位。使用TEMPEST技术在任何数字设备中的信息可能会被截取,并改造成有用的情报不手术永远不必来到他的目标靠近。该技术是在存储在数字计算机或上的计算机终端上显示信息的侦听特别有用。使用TEMPEST是不是根据美国[3],或英国法律是非法的。加拿大有刑事犯罪TEMPEST窃听具体的法律,但法律做更多阻碍监督的对策,而不是防止TEMPEST监视。在美国是非法的个人采取对TEMPEST监控有效的反制措施。这导致了难题,这是合法的个人和政府侵犯他人隐私的,但非法的个人采取措施来保护自己的隐私。 The author would like to suggest that the solution to this conundrum is straightforward. Information on protecting privacy under TEMPEST should be made freely available; TEMPEST Certified equipment should be legally available; and organizations possessing private information should be required by law to protect that information through good computer security practices and the use of TEMPEST Certified equipment.
间谍是由专业人士分为两种主要类型:人的情报收集(HUMINT)和电子情报收集(ELINT)。顾名思义,HUMINT依赖于人的操作工,以及电子情报依赖于技术的操作工。在过去HUMINT是用于收集情报的唯一方法。[4]该手术HUMINT会偷重要的文件,遵守军队和武器的动作[5],引诱人们进入他的知心话来提取秘密,站在eavesdrip下[6]的房子,窃听居住者。随着技术的进步,曾经只能由人来执行的任务已经接管了机器。因此,它已与间谍。现代卫星技术,能够以更高的精度和更远的距离比人的间谍可能希望永远以完成观察部队和武器的动作。现在可以通过电脑来完成的文件和窃听对话的盗窃。为人类工作,其唯一的参与可能是最初的电子情报设备的摆放,这意味着更高的安全性。这导致ELINT超过HUMINT的优势,因为位置和监控设备电子情报可以通过谁拥有艺术间谍在没有训练的技术人员来进行。 The gathered intelligence may be processed by an intelligence expert, perhaps thousands of miles away, with no need of field experience. ELINT has a number of other advantages over HUMINT. If a spy is caught his existence could embarrass his employing state and he could be forced into giving up the identities of his compatriots or other important information. By its very nature, a discovered ELINT device (bug) cannot give up any information; and the ubiquitous nature of bugs provides the principle state with the ability to plausibly deny ownership or involvement. ELINT devices fall into two broad categories: trespassatory and non-trespassatory. Trespassatory bugs require some type of trespass in order for them to function. A transmitter might require the physical invasion of the target premises for placement, or a microphone might be surreptitiously attached to the outside of a window. A telephone transmitter can be placed anywhere on the phone line, including at the central switch. The trespass comes either when it is physically attached to the phone line, or if it is inductive, when placed in close proximity to the phone line. Even microwave bugs require the placement of the resonator cone within the target premises.[7] Non-trespassatory ELINT devices work by receiving electromagnetic radiation (EMR) as it radiates through the aether, and do not require the placement of bugs. Methods include intercepting[8] information transmitted by satellite, microwave, and radio, including mobile and cellular phone transmissions. This information was purposely transmitted with the intent that some intended person or persons would receive it. Non-trespassatory ELINT also includes the interception of information that was never intended to be transmitted. All electronic devices emit electromagnetic radiation. Some of the radiation, as with radio waves, is intended to transmit information. Much of this radiation is not intended to transmit information and is merely incidental to whatever work the target device is performing.[9] This information can be intercepted and reconstructed into a coherent form. With current TEMPEST technology it is possible to reconstruct the contents of computer video display terminal (VDU) screens from up to a kilometer distant[10]; reconstructing the contents of a computer's memory or the contents of its mass storage devices is more complicated and must be performed from a closer distance.[11] The reconstruction of information via EMR, a process for which the United States government refuses to declassify either the exact technique or even its name[12], is not limited to computers and digital devices but is applicable to all devices that generate electromagnetic radiation.[13] TEMPEST is especially effective against VDUs because they produce a very high level of EMR.[14]
ELINT并不局限于政府。它通常被个人用于他们自己的目的。几乎所有形式的ELINT都可以提供给具有技术专长或有资金聘请具有该专长的人的个人。为了保护政府和民众的隐私,政府试图将所有使用电子邮件的人定为犯罪。
TEMPEST的ELINT设备占有不应该被定为非法。固有的被动性和TEMPEST ELINT设备意味着使得其非法占有不制止犯罪简单的设计;单元可以容易地制造,并且无法检测。限制了其有效性只能起到垄断的对策研究,信息和设备的政府;这可以防止私营部门的测试,设计和对策制造。立法镜像英国数据保护法1984年应颁布。个人资料的泄露预防,只能通过给那些持有该数据的理由来保护它的公司来完成。如果数据用户承担责任为自己的失败采取合理的安全防范措施,他们将开始采取合理的安全防范措施,包括使用TEMPEST认证设备。33。
关于防止个人电脑电磁窃听的说明。TEMPEST是与限制数据处理和相关设备产生的有害电磁辐射相关的技术的代码名称。它的目标是限制对手收集计算机设备内部数据流信息的能力。大多数有关TEMPEST规格的资料是由美国政府分类的,不能供其公民使用。TEMPEST技术的原因是特别重要的在电脑和其他电子数据处理设备的各种信号组件在计算机使用交谈(平方波)和他们的时钟速度(以兆赫)产生一个特别丰富的无意在很大部分的电磁信号光谱。由于杂散辐射占据了光谱的很大一部分,用于阻挡其中一部分光谱的技术(如拉上窗帘阻挡可见光部分)在另一部分光谱中不一定有效。计算机系统的非故意排放可以被捕获和处理,以揭示目标系统的信息,从简单的活动级别到甚至远程复制击键或捕获监测信息。据推测,保护不力的系统可以在距离目标设备1公里左右的地方有效地监视。这说明将检查一些实际的方面,降低敏感性的个人计算机设备远程监控使用容易安装,广泛可用的售后市场组件。 I One way of looking at TEMPEST from the lay person's point-of-view is that it is virtually identical to the problem of preventing electromagnetic interference ("EMI") by your computer system to others' radios, televisions, or other consumer electronics. That is, preventing the emission of wide-band radio "hash" from your computers, cabling, and peripherals both prevents interference to you and your neighbors television set and limits the useful signal available to a person surreptitiously monitoring. Viewing the problem in this light, there are quite a few useful documents available form the government and elsewhere attacking this problem and providing a wealth of practical solutions and resources.
非常有用的地方是:射频干扰:如何找到它并修复它。Ed Hare,Ka1CV和Robert Schetgen,Ku7g,编辑美国广播电台联盟,纽丁顿,CT ISBN 0-87259-375-4(C)1991,第二印刷1992联邦通信委员会干涉手册(1991)FCC消费者援助分公司葛底斯堡,PA 17326 717-337-1212和MIL-STD-188-124B正在准备中(包括关于战术通信系统的军事屏蔽的信息)文件美国政府印刷办公室华盛顿州的文件,DC 20402 202-783-3238信息屏蔽特定件消费者电子设备可能可从:电子工业公司协会(EIA)2001 2001宾夕法尼亚州Ave NW华盛顿,DC 20006防止意外电磁排放是一个相对术语。减少到零所有意外排放是不可行的。例如,我的个人目标可能是减少杂散排放的数量和质量,直到监测范围一公里在我的前院之前必须有效地窃听我的电脑。具有未知邻居的公寓居民仅限英寸(通过墙壁)可能希望更加仔细地采用以下许多建议,因为可用于检测的信号随着从监控设备到计算机的距离的距离而减小。II从符合现代排放标准的计算机设备开始。在美国,计算机和外围设备的“最安静”标准被称为“B类”级别。(A类是用于在业务环境中使用的计算机的严格标准。)。 You want to verify that all computers and peripherals you use meet the class B standard which permits only one-tenth the power of spurious emissions than the class A standard. If you already own computer equipment with an FCC ID, you can find out which standard applies. Contact the FCC Consumers Assistance Branch at 1-717-337-1212 for details in accessing their database. Once you own good equipment, follow the manufacturer's recommendations for preserving the shielding integrity of the system. Don't operated the system with the cover off and keep "slot covers" in the back of the computer in place. III Use only shielded cable for all system interconnections. A shielded cable surrounds the core of control wires with a metal braid or foil to keep signals confined to that core. In the late seventies it was common to use unshielded cable such as "ribbon" cable to connect the computer with, say, a diskette drive. Unshielded cable acts just like an antenna for signals generated by your computer and peripherals. Most computer manufacturer supply shielded cable for use with their computers in order to meet FCC standards. Cables bought from third-parties are an unknown and should be avoided (unless you are willing to take one apart to see for yourself!) Try to avoid a "rat's nest" of wire and cabling behind your equipment and by keeping all cables as short as possible. You want to reduced the length of unintended antennas and to more easily predict the likely paths of electric and magnetic coupling from cable to cable so that it can be more effectively filtered. IV Block radiation from the power cord(s) into the house wiring. Most computers have an EMI filter built into their body where the AC line cord enters the power supply. This filter is generally insufficient to prevent substantial re-radiation of EMI voltages back into the power wiring of your house and neighborhood. To reduce the power retransmitted down the AC power cords of your equipment, plug them in to special EMI filters that are in turn plugged into the wall socket. I use a model 475-3 overvoltage and EMI filter manufactured by Industrial Communication Engineers, Ltd. P.O. Box 18495 Indianapolis, IN 46218-0495 1-800-ICE-COMM ask for their package of free information sheets (AC and other filters mentioned in this note are available from a wide variety of sources including, for example, Radio Shack. I am enthusiastic about ICE because of the "over-designed" quality of their equipment. Standard disclaimers apply.) This particular filter from ICE is specified to reduce retransmission of EMI by a factor of at least 1000 in its high-frequency design range. Although ideally every computer component using an AC line cord ought to be filtered, it is especially important for the monitor and computer CPU to be filtered in this manner as the most useful information available to opponents is believed to come from these sources. V Block retransmitted information from entering your fax/modem or telephone line. Telephone line is generally very poorly shielded. EMI from your computer can be retransmitted directly into the phone line through your modem or can be unintentionally picked up by the magnetic portion of the EMI spectrum through magnetic induction from power supplies or the yoke of your cathode ray tube "CRT" monitor. To prevent direct retransmission, EMI filters are specifically designed for modular telephone jacks to mount at the telephone or modem, and for mounting directly at the service entrance to the house. Sources of well-designed telephone-line filter products include ICE (address above) and K-COM Box 82 Randolph, OH 44265 216-325-2110 Your phone company or telephone manufacturer may be able to supply you with free modular filters, although the design frequencies of these filters may not be high enough to be effective through much of the EMI spectrum of interest. Keep telephone lines away from power supplies of computers or peripherals and the rear of CRTs: the magnetic field often associated with those device can inductively transfer to unshielded lines just as if the telephone line were directly electrically connected to them. Since this kind of coupling decreases rapidly with distance, this kind of magnetic induction can be virtually eliminated by keeping as much distance (several feet or more) as possible between the power supply/monitor yoke and cabling. VI Use ferrite toroids and split beads to prevent EMI from escaping on the surface of your cables. Ferrites are magnetic materials that, for certain ranges of EMI frequencies, attenuate the EMI by causing it to spend itself in heat in the material rather than continuing down the cable. They can be applied without cutting the cable by snapping together a "split bead" form over a thick cable such as a power cord or by threading thinner cable such as telephone several times around the donut-shaped ferrite form. Every cable leaving your monitor, computer, mouse, keyboard, and other computer peripherals should have at least one ferrite core attentuator. Don't forget the telephone lines from your fax, modem, telephone or the unshielded DC power cord to your modem. Ferrites are applied as close to the EMI emitting device as possible so as to afford the least amount of cable that can act as an antenna for the EMI. Good sources for ferrite split beads and toroids include Amidon Associates, Inc. P.O. Box 956 Torrance, CA 90508 310-763-5770 (ask for their free information sheet) Palomar Engineers P.O. Box 462222 Escondido, CA 92046 619-747-3343 (ask for their free RFI information sheet) and Radio Shack. VII Other practical remedies. Other remedies that are somewhat more difficult to correctly apply include providing a good EMI "ground" shield for your computer equipment and other more intrusive filters such as bypass capacitor filters. You probably ought not to think about adding bypass capacitors unless you are familiar with electronic circuits and digital design. While quite effective, added improperly to the motherboard or cabling of a computer they can "smooth out" the square wave digital waveform -- perhaps to the extent that signals are interpreted erroneously causing mysterious "crashes" of your system. In other cases, bypass capacitors can cause unwanted parasitic oscillation on the transistorized output drivers of certain circuits which could damage or destroy those circuits in the computer or peripherals. Also, unlike ferrite toroids, adding capacitors requires actually physically splicing them in or soldering them into circuits. This opens up the possibility of electric shock, damage to other electronic components or voiding the warranty on the computer equipment. A good EMI ground is difficult to achieve. Unlike an electrical safety ground, such as the third wire in a three-wire AC power system, the EMI ground must operate effectively over a much wider part of the EMI spectrum. This effectiveness is related to a quality known as electrical impedance. You desire to reduce the impedance to as low a value as possible over the entire range of EMI frequencies. Unlike the AC safety ground, important factors in achieving low impedance include having as short a lead from the equipment to a good EMI earth ground as possible (must be just a few feet); the gauge of the connecting lead (the best EMI ground lead is not wire but woven grounding "strap" or wide copper flashing sheets; and the physical coupling of the EMI into the actual earth ground. An 8 ft. copper-plated ground may be fine for AC safety ground, but may present appreciable impedance resistance to an EMI voltage. Much better would be to connect a network of six to eight copper pipes arranged in a six-foot diameter circle driven in a foot or two into the ground, electrically bonded together with heavy ground strap and connected to the equipment to be grounded via a short (at most, several feet), heavy (at least 3/4-1" wide) ground strap. If you can achieve a good EMI ground, then further shielding possibilities open up for you such as surrounding your monitor and computer equipment in a wire-screen Faraday cage. You want to use mesh rather than solid sheet because you must preserve the free flow of cooling air to your equipment. Buy aluminum (not nylon) screen netting at your local hardware store. This netting typically comes in rolls 36" wide by several feet long. Completely surround your equipment you want to reduce the EMI being careful to make good electrical bonds between the different panels of netting and your good earth ground. I use stainless steel nuts, bolts, and lock washers along with special non-oxidizing electrical paste (available from Electrical contractors supply houses or from ICE) to secure my ground strapping to my net "cages". A good Faraday cage will add several orders of magnitude of EMI attenuation to your system. VIII Checking the effectiveness of your work. It is easy to get a general feeling about the effectiveness of your EMI shielding work with an ordinary portable AM radio. Bring it very close to the body of your computer and its cables in turn. Ideally, you should not hear an increased level of static. If you do hear relatively more at one cable than at another, apply more ferrite split beads or obtain better shielded cable for this component. The practice of determining what kind of operating system code is executing by listening to a nearby AM radio is definitely obsolete for an well-shielded EMI-proof system! To get an idea of the power and scope of your magnetic field emissions, an ordinary compass is quite sensitive in detecting fields. Bring a compass within a few inches of the back of your monitor and see whether it is deflected. Notice that the amount of deflection decreases rapidly with distance. You want to keep cables away from magnetic sources about as far as required not to see an appreciable deflection on the compass. VIIII Summary If you start with good, shielded equipment that has passed the FCC level B emission standard then you are off to a great start. You may even be able to do even better with stock OEM equipment by specifying "low-emission" monitors that have recently come on the market in response to consumer fears of extremely low frequency ("ELF") and other electromagnetic radiation. Consistently use shielded cables, apply filtering and ferrite toroids to all cabling entering or leaving your computer equipment. Finally, consider a good EMI ground and Faraday cages. Beyond this there are even more effective means of confining the electrical and magnetic components of your system through the use of copper foil adhesive tapes, conductive paint sprays, "mu metal" and other less common components.
1.约翰·肯尼迪总统未发表的演讲,达拉斯公民委员会(1963年11月22日)35-36。
2.TEMPEST是瞬态电磁脉冲发射标准的首字母缩写。该标准阐述了美国官方对一台设备在不影响其正在处理的信息的情况下可能发出的电磁辐射量的看法。暴风雨是防御的标准;符合本标准的设备称为经TEMPEST认证的设备。美国政府拒绝解密用于拦截未经暴风认证设备电磁信息的设备的首字母缩写。在本文中,这些设备及其背后的技术也将被称为TEMPEST;在这种情况下,TEMPEST代表瞬态电磁脉冲监视技术。美国政府拒绝公布有关TEMPEST的细节,并继续进行有组织的努力,以审查有关它的信息传播。例如,美国国家安全局通过对王实验室在TEMPEST认证设备上的演讲内容进行分类,并威胁要以泄露机密信息起诉演讲者,从而成功地阻止了王实验室的演讲。 [cite coming].
3.本说明不会讨论TEMPEST与美国宪法下的授权令要求的关系。它也不会讨论宪法将外国公民排除在搜查令要求之外的问题。
因为革命4. HUMINT已被用于美国。“采购好情报的必要性是显而易见的和不需要进一步敦促 - 所有这一切仍然让我补充的是,你保持了整个事情的秘密尽可能为在保密,成功取决于在那种大多数企业来说,并为它想要的,他们一般都打败了,但是良好的规划与前途的一个有利的问题。”乔治·华盛顿的信(1777年7月26日)。
5."...我希望你尽你所能,派遣你可以信赖的人到史坦顿岛去,了解敌人的情况和数量——他们是什么样的部队,有什么样的近卫军——他们的兵力和部署在哪里。”Id。
6.“偷听”是盎格鲁-撒克逊语的一个词,指用来防止雨水落在房屋地基附近的宽阔的悬檐。这种窃听装置提供了“一个隐蔽的地方,人们可以躲在那里秘密地听房子里的谈话。”《汉语词汇起源词典》,1998(1)。
7. Pursglove,如何俄罗斯间谍工作收音机,无线电电子学,89-91(1962年1月)。
8.拦截是本领域的术语间谍,应该从它的更常见的用法有所区别。当信息被拦截,拦截器以及预期的收件人收到的信息。当不使用技术术语拦截是指一个人接受的东西供他人;预期的收件人将不会收到什么,他打算接受。
9.有两种类型的排放,进行和辐射。当组件或电缆充当用于传输EMR的天线时,形成辐射排放;当沿电缆或其他连接进行辐射但未辐射时,它被称为“进行”。源包括电缆,地面环,印刷电路板,内线,电源电源电源线耦合,电缆到电缆耦合,开关晶体管和大功率放大器。White&M. Mardiguian,EMI控制方法论和程序,
10.1(1985)。设备可以作为天线直接发送信号,甚至两者都接收信号并在远离源设备的地方重新发射。以这种方式充当天线的电缆可能比设备本身更有效地传输信号。类似的情况也会发生在生活用水(. ...)等金属管道上如果一个接地(接地)系统没有正确安装,这样有一个路径电路中电阻很高(例如油漆防止传导和作为绝缘体),然后整个接地系统很可能以类似的方式采取行动,天线……[对于一个VDU]最强的信号,或其谐波,通常在60-250 MHz左右。但是,在电视频带和450-800兆赫兹之间的较高频率有一个明显的例外,即极强烈的辐射。《计算机法律与安全报告》第27期(1988)。10.TEMPEST ELINT算子可以区分同一房间内不同的vdu,因为homo和heterogeneous单元的EMR特征不同。“[T]这里的EMR特性与其他同类设备几乎没有什么比较。 Only if the [VDU] was made with exactly the same components is there any similarity. If some of the components have come from a different batch, have been updated in some way, and especially if they are from a different manufacturer, then completely different results are obtained. In this way a different mark or version of the same [VDU] will emit different signals. Additionally because of the variation of manufacturing standards between counties, two [VDUs] made by the same company but sourced from different counties will have entirely different EMR signal characteristics...From this it way be thought that there is such a jumble of emissions around, that it would not be possible to isolate those from any one particular source. Again, this is not the case. Most received signals have a different line synchronization, due to design, reflection, interference or variation of component tolerances. So that if for instance there are three different signals on the same frequency ... by fine tuning of the RF receiver, antenna manipulation and modification of line synchronization, it is possible to lock onto each of the three signals separately and so read the screen information. By similar techniques, it is entirely possible to discriminate between individual items of equipment in the same room." Potts, supra note
9.关于暴风雨ELINT威胁的讨论参见《记忆银行》,AMERICAN BANKER 20(1985年4月1日);专家说,银行计算机系统的排放使窃听变得容易,美国银行家1(1985年3月26日);CRT间谍:对企业安全的威胁,《个人电脑周刊》(1987年3月10日)。
11. TEMPEST涉及通过数字设备形成的瞬变电磁脉冲。所有的电子设备辐射EMR可被重建。数字设备处理为1和0's信息 - 上的或关闭的。正因为如此,数码设备散发出EMR的脉冲。这些脉冲是更容易在比由模拟设备发出的非脉冲EMR的距离来重建。为详细讨论的宽带数字信息的辐射问题参见例如军用标准MIL-STD-461 REO2;白前注9,10.2。
12.见上文注2。
13.伦敦集中国的特别兴趣是计算机,通信中心和航空电子设备的EMR。Schultz,击败了Ivan的Tempest,Defent Electronics 64(1983年6月)。
14. CRT屏幕上的图片建立在屏幕上以行组织的图像元素(像素)构建。像素由荧光在能量撞击时的材料制成。能量由从图像管背面的电子枪射出的电子束产生。电子束以规则的重复方式扫描CRT的屏幕。当光束的电压高时,它在发射光子时聚焦的像素在屏幕上显示为点。通过选择性地射击枪,因为它扫描在CRT的面部,像素在CRT屏幕上形成字符。像素只有很短的时间焕发,并且必须常规地被电子束击中以保持点亮。为了保持所谓点亮的所有像素的光输出,电子束将整个CRT屏幕横穿六十秒钟。每次光束都会引起它会导致高电压EMR发射。该EMR可用于重建目标CRT屏幕的内容。 TEMPEST ELINT equipment designed to reconstruct the information synchronizes its CRT with the target CRT. First, it uses the EMR to synchronize its electron gun with the electron gun in the target CRT. Then, when the TEMPEST ELINT unit detects EMR indicating that the target CRT fired on a pixel, the TEMPEST ELINT unit fires the electron gun of its CRT. The ELINT CRT is in perfect synchronism with the target CRT; when the target lights a pixel, a corresponding pixel on the TEMPEST ELINT CRT is lit. The exact picture on the target CRT will appear on the TEMPEST ELINT CRT. Any changes on the target screen will be instantly reflected in the TEMPEST ELINT screen. TEMPEST Certified equipment gives off emissions levels that are too faint to be readily detected. Certification levels are set out in National Communications Security Information Memorandum 5100A (NACSIM 5100A). "[E]mission levels are expressed in the time and frequency domain, broadband or narrow band in terms of the frequency domain, and in terms of conducted or radiated emissions." White, supra, note 9, 10.1. For a thorough though purposely misleading discussion of TEMPEST ELINT see Van Eck, Electromagnetic Radiation from Video Display units: An Eavesdropping Risk?, 4 Computers & Security 269 (1985).
15.酒吧。L. 90-351, 82 Stat. 197。该法案将个人和政府机构的非法侵入电子信息视为犯罪。参见Katz v. United States, 389 U.S. 347(1967)(第四修正案禁止政府而非个人进行监视)。
16. 18 U.S.C.2511(1)(a)。
17.“美国诉霍尔案”,488 F.2d 193(1973年第9号判例)(发现没有立法史表明国会打算将无线电话通话包括在内)。此外,第三章只将拦截排除所有计算机通信形式的“听觉”通信定为犯罪。
18.姆特订阅电视诉卡伍德,580 F.Supp 1164(D.或者,1984)(非双线通信缺少的隐私任何期望)。
19.酒吧。第99- 508,100号法令1848(美国联邦法典第18号第2510-710号)[以下为ECPA]。
20.18 U.S.C. 2511(1)(a)将不考虑隐私期望而截获“任何有线、口头或电子通信”的行为定为犯罪。
21.《1985年通信拦截法案》,长标题,为通过邮政或公共电信系统发送的通信进行拦截并与之相关作出新规定的法案,并修订《1984年电信法》第45节。
22.《1985年通讯拦截法》(1)本节的下列规定,一个人有意截取通信过程中其邮寄或通过一个公共电信传输系统的人应当犯法和责任——(a)在总结信念,罚款不超过法定最高;(b)经公诉程序定罪,可处不超过两年的监禁或罚款,或两者兼处。
*** 23.攻丝(又名trespassatory窃听)显然是违反规约。窃听‘沿着该消息被传递。可能出现的一个问题的导线“由通信法1985覆盖了涉及对计算机通信窃听的那些形式的截取部分1产生的罪行’,但是,是是否所述的问题在问题的通信是通过一个公共电信系统的装置,在其输送过程中截获。这在技术上是可能的截距在其传输几个阶段的通信,并且它可以是决定在它进入阶段事实问题“公共” 的境界法律委员会,工作文件NO 110:。滥用电脑,3.30(1988)。
24.他说:“还有一些窃听形式是该法案没有涵盖的。为例。通过监测周围的辐射场,以便在窃听者的屏幕上显示合法用户屏幕上出现的任何内容,从而窃听V.D.U.(此处指CRT)屏幕。这种活动似乎不构成任何刑事犯罪……”法律委员会,工作文件第2号。110:计算机误用,3.31(1988)。
25.加拿大刑法第301.2(1)条规定:…(a)直接或间接地获得任何计算机服务;(b)通过电磁手段……或直接或间接拦截计算机系统的任何功能的其他装置、拦截器或导致拦截器……犯有可起诉的罪行。
26.美国量刑委员会,联邦量刑指南手册(1988)(在未知页面))
27.已经有过究竟什么是计算机犯罪的大辩论。有思想的几所学校。在更为清晰的学校,而提交附着认为,类计算机犯罪应仅限于针对计算机犯罪的一个;例如,恐怖分子摧毁炸药的计算机将属于这一类。罪行,如将工资单台计算机上鬼的员工,并收集他们的工资仅仅是古老的会计欺诈;今天诈骗涉及计算机,因为记录保存在电脑上。计算机仅仅是附属于犯罪。这已被贴错标签的计算机犯罪和应仅仅被称为欺诈与计算机的帮助下犯下的。最后,还有信息犯罪。这些都是关系到盗取或信息变更罪行。 These crimes are more common and more profitable due to the computer's ability to hold and access great amounts of information. TEMPEST ELINT can best be categorized as a information crime.
28.比较,例如,水门唱到其中的窃贼被当他们回到了移动放置不当扩频漏洞被发现。
29. TEMPEST认证指的是已经通过所述设备在NACSIM 5100A指定的测试和放射物制度。该机密文件阐述了放射物水平的NSA认为数字设备能发出不影响正在处理的信息。NACSIM 5100A分类,因为是TEMPEST的所有细节。为了获得访问它,承包商必须证明有政府内部需求为打算证明设备的具体类型。由于标准进行分类,承包商不能将设备出售给非安全的政府机构或公众。这防止反转标准的工程为它的物理实施例中,认证设备。通过防止拥有该反窃听设备的私营部门,国家安全局已经有效地在他们的计算机保护信息阻止了他们。
30.以前是标准局。NIST是商务部的一个部门。
31.在这种情况下,计算机设备将包括所有外围计算机设备。如果打印机或调制解调器没有通过认证,则使用经TEMPEST认证的计算机是没有用的。
32.国家安全局试图限制的TEMPEST信息的可用性,以防止设备的扩散。对于第一修正案的讨论和事先限制见,例如。美利坚合众国诉进步,公司467 F.Supp 990(1979年,WD威斯康星州)(杂志打算发表的核武器计划;发出事先限制禁令),REH。书房。United States v. Progressive Inc. 486 F.Supp 5 (1979, WD Wis.), motion den Morland v. Sprecher 443 US 709 (1979)(mandamus), motion denied United States v. Progressive, Inc. 5 Media L R (1979, 7th Cir.), dismd. without op. U.S. v. Progressive, Inc 610 F.2d 819 (1979, 7th Cir.); New York Times, Co. v. United States, 403 U.S. 713 (1971)(per curium)(Pentagon Papers case: setting forth prior restraint standard which government was unable to meet); T. EMERSON, THE SYSTEM OF FREEDOM OF EXPRESSION (1970); Balance Between Scientific Freedom and NAtional Security, 23 JURIMETRICS J. 1 (1982)(current laws and regulations limiting scientific and technical expression exceed the legitimate needs of national security); Hon. M. Feldman, Why the First Amendment is not Incompatible with National Security, HERITAGE FOUNDATION REPORTS (Jan. 14, 1987). Compare Bork, Neutral Principles and Some First Amendment Problems, 47 IND. L. J. 1 (First Amendment applies only to political speech); G. Lewy, Can Democracy Keep Secrets, 26 POLICY REVIEW 17 (1983)(endorsing draconian secrecy laws mirroring the English system).
33.例如,国家安全局最近刚刚获准缉毒署(DEA)购买TEMPEST认证的计算机设备。在DEA想安全的计算机设备,因为富裕的毒枭已被使用TEMPEST窃听设备。
34.法案规范使用与个人有关的自动处理信息,并就该等信息的提供服务。1984年 - 数据保护法,龙标题。
35.“个人资料”指由可从该资料(或从该资料使用者所管有的该等及其他资料)辨识的与在世个人有关的资料组成的资料,包括就该名个人表达意见,但不包括表明该资料使用者就该名个人的意图。- 1984年数据保护法案1(3)
36.“数据用户”是指一个人谁持有数据,和一个人的“成立”的数据,如果 - (a)所述数据形式处理或数据的集合的一部分旨在由或代表该人的处理如所提到的在上述第(2);[第(2)定义的“数据”]和(b)该人(单独地或共同地或与其他人共用)控制的内容,并使用包含在集合中的数据的;及(c)中的数据是在它们已经或旨在作为在上述(a)段中提及的或要被处理(虽然不是对于时间以该形式存在)转换成它们已经转换的形式的形式之后被如此处理,并且,以被进一步所以在随后的场合进行处理。- 数据保护法1(5)。
37.《1984年数据保护法案》,4,5。
38.资料使用者所持有的个人资料的当事人…以及因(1)(c)…如资料使用者在没有上述授权的情况下,披露该等资料或查阅该等资料,均有权获得补偿。对于个人因…而遭受的任何痛苦披露或访问。- 1984年数据保护法
39. ......要证明......数据用户......在所有情况下都要采取这种护理,以防止...披露或有问题的访问。数据保护法1984 23(3)
http://www.usc.edu/~rengen/PROCESS/Public/Text/Pseudo_Intell/Tempset_Document
来自:cj %[电子邮件受保护](克里J.基线数据([电子邮件受保护]))以下是关于暴风雨的一篇文章的预翻版稿。我希望它将其发布给这个新闻组,希望它将:(1)刺激对这个问题的讨论;(2)揭示文件中的任何技术错误;(3)征求新的信息来源;(4)发现我忘记覆盖的任何东西。我将无法监控文章的讨论。因此,请向新闻组发表评论,但在下面列出的地址发送给我副本。我已经得到了一些关于本文格式的邮件消息。有的解释是为了:编号的段落下面的“____________________”在每一页上都脚注。我建议打印出文档,而不是在CRT上读取它。 Thanks you in advance. Christopher Seline[电子邮件受保护][电子邮件受保护](C)1990的Christopher J.基线数据=============================================================================