这份文件只是一个初稿。法律部分是概述。它们将在下一个版本中得到显著扩展。
我们在这个国家,在这一代人中,是 - 通过命运而不是选择 - 世界自由墙上的守望者。[1]- 预测John F. Kennedy
在1984年的小说中,乔治奥韦尔预测了个人没有预期隐私的未来,因为国家垄断了间谍技术。政府从出生到死亡时观察了其受试者的行为。没有人可以保护自己,因为监督和反监督技术由政府控制。本说明探讨了被称为Tempest的监控技术的法律地位[2]。使用Tempest技术可以拦截任何数字设备中的信息,并重建为有用的智能,而无需靠近他的目标。该技术特别有用于拦截存储在数字计算机中的信息或在计算机终端上显示。根据美国的法律[3]或英格兰,使用Tempest的使用并不违法。加拿大有具体的法律规定了暴风雨窃听,但法律妨碍监测对策,而不是防止暴风雨监测。在美国,个人对暴风雨监督有效的反措施是非法的。这导致了个人和政府为个人合法地侵犯了他人的隐私,而是非法为个人采取措施保护他们的隐私。 The author would like to suggest that the solution to this conundrum is straightforward. Information on protecting privacy under TEMPEST should be made freely available; TEMPEST Certified equipment should be legally available; and organizations possessing private information should be required by law to protect that information through good computer security practices and the use of TEMPEST Certified equipment.
间谍分为专业人士分为两种主要类型:人类智力聚集(亨特)和电子智能聚会(埃林特)。由于名称意味着,谦虚依赖于人工人员,而闪白依赖于技术操作员。在过去的雨处是收集智能的唯一方法。[4]谦卑的手术将窃取重要文件,观察部队和武器运动[5],引诱人们陷入困境,以提取秘密,并在房屋的屋檐[6]下面,窃听居住者。随着技术的进展,曾经只能由人类执行的任务已被机器接管。所以它一直在间谍。现代卫星技术允许以更高的精确度且从人类间谍可能希望实现更高的距离和武器运动。现在可以以电子方式执行对话的盗窃和窃听对话。这意味着对人类手术的安全性更大,其唯一受累可能是初始椭圆设备的放置。这导致了诸如荷花的Elint的升级,因为椭圆形设备的放置和监测可以由在屏幕上没有训练的技术人员来执行。 The gathered intelligence may be processed by an intelligence expert, perhaps thousands of miles away, with no need of field experience. ELINT has a number of other advantages over HUMINT. If a spy is caught his existence could embarrass his employing state and he could be forced into giving up the identities of his compatriots or other important information. By its very nature, a discovered ELINT device (bug) cannot give up any information; and the ubiquitous nature of bugs provides the principle state with the ability to plausibly deny ownership or involvement. ELINT devices fall into two broad categories: trespassatory and non-trespassatory. Trespassatory bugs require some type of trespass in order for them to function. A transmitter might require the physical invasion of the target premises for placement, or a microphone might be surreptitiously attached to the outside of a window. A telephone transmitter can be placed anywhere on the phone line, including at the central switch. The trespass comes either when it is physically attached to the phone line, or if it is inductive, when placed in close proximity to the phone line. Even microwave bugs require the placement of the resonator cone within the target premises.[7] Non-trespassatory ELINT devices work by receiving electromagnetic radiation (EMR) as it radiates through the aether, and do not require the placement of bugs. Methods include intercepting[8] information transmitted by satellite, microwave, and radio, including mobile and cellular phone transmissions. This information was purposely transmitted with the intent that some intended person or persons would receive it. Non-trespassatory ELINT also includes the interception of information that was never intended to be transmitted. All electronic devices emit electromagnetic radiation. Some of the radiation, as with radio waves, is intended to transmit information. Much of this radiation is not intended to transmit information and is merely incidental to whatever work the target device is performing.[9] This information can be intercepted and reconstructed into a coherent form. With current TEMPEST technology it is possible to reconstruct the contents of computer video display terminal (VDU) screens from up to a kilometer distant[10]; reconstructing the contents of a computer's memory or the contents of its mass storage devices is more complicated and must be performed from a closer distance.[11] The reconstruction of information via EMR, a process for which the United States government refuses to declassify either the exact technique or even its name[12], is not limited to computers and digital devices but is applicable to all devices that generate electromagnetic radiation.[13] TEMPEST is especially effective against VDUs because they produce a very high level of EMR.[14]
ELINT并不局限于政府。它通常被个人用于他们自己的目的。几乎所有形式的ELINT都可以提供给具有技术专长或有资金聘请具有该专长的人的个人。为了保护政府和民众的隐私,政府试图将所有使用电子邮件的人定为犯罪。
不应非法拥有暴风玻璃设备。天生的被动性和简单的临时闪黄设备的设计意味着使其拥有非法不会阻止犯罪;该单元可以容易地制造,并且无法检测。限制他们的可用性仅用于垄断政府的对策研究,信息和设备;这可以防止私营部门的反措施进行测试,设计和制造。应制定1984年1984年立法镜像英国的数据保护法。防止个人数据的披露只能通过给予那些持有数据保护它的原因来实现的。如果数据用户因其未能采取合理的安全预防措施持有责任,他们将开始采取合理的安全预防措施,包括使用Tempest认证设备。33。
关于防止个人电脑电磁窃听的说明。TEMPEST是与限制数据处理和相关设备产生的有害电磁辐射相关的技术的代码名称。它的目标是限制对手收集计算机设备内部数据流信息的能力。大多数有关TEMPEST规格的资料是由美国政府分类的,不能供其公民使用。TEMPEST技术的原因是特别重要的在电脑和其他电子数据处理设备的各种信号组件在计算机使用交谈(平方波)和他们的时钟速度(以兆赫)产生一个特别丰富的无意在很大部分的电磁信号光谱。由于杂散辐射占据了光谱的很大一部分,用于阻挡其中一部分光谱的技术(如拉上窗帘阻挡可见光部分)在另一部分光谱中不一定有效。计算机系统的非故意排放可以被捕获和处理,以揭示目标系统的信息,从简单的活动级别到甚至远程复制击键或捕获监测信息。据推测,保护不力的系统可以在距离目标设备1公里左右的地方有效地监视。这说明将检查一些实际的方面,降低敏感性的个人计算机设备远程监控使用容易安装,广泛可用的售后市场组件。 I One way of looking at TEMPEST from the lay person's point-of-view is that it is virtually identical to the problem of preventing electromagnetic interference ("EMI") by your computer system to others' radios, televisions, or other consumer electronics. That is, preventing the emission of wide-band radio "hash" from your computers, cabling, and peripherals both prevents interference to you and your neighbors television set and limits the useful signal available to a person surreptitiously monitoring. Viewing the problem in this light, there are quite a few useful documents available form the government and elsewhere attacking this problem and providing a wealth of practical solutions and resources.
非常有用的地方是:射频干扰:如何找到它并修复它。Ed Hare,Ka1CV和Robert Schetgen,Ku7g,编辑美国广播电台联盟,纽丁顿,CT ISBN 0-87259-375-4(C)1991,第二印刷1992联邦通信委员会干涉手册(1991)FCC消费者援助分公司葛底斯堡,PA 17326 717-337-1212和MIL-STD-188-124B正在准备中(包括关于战术通信系统的军事屏蔽的信息)文件美国政府印刷办公室华盛顿州的文件,DC 20402 202-783-3238信息屏蔽特定件消费者电子设备可能可从:电子工业公司协会(EIA)2001 2001宾夕法尼亚州Ave NW华盛顿,DC 20006防止意外电磁排放是一个相对术语。减少到零所有意外排放是不可行的。例如,我的个人目标可能是减少杂散排放的数量和质量,直到监测范围一公里在我的前院之前必须有效地窃听我的电脑。具有未知邻居的公寓居民仅限英寸(通过墙壁)可能希望更加仔细地采用以下许多建议,因为可用于检测的信号随着从监控设备到计算机的距离的距离而减小。II从符合现代排放标准的计算机设备开始。在美国,计算机和外围设备的“最安静”标准被称为“B类”级别。(A类是用于在业务环境中使用的计算机的严格标准。)。 You want to verify that all computers and peripherals you use meet the class B standard which permits only one-tenth the power of spurious emissions than the class A standard. If you already own computer equipment with an FCC ID, you can find out which standard applies. Contact the FCC Consumers Assistance Branch at 1-717-337-1212 for details in accessing their database. Once you own good equipment, follow the manufacturer's recommendations for preserving the shielding integrity of the system. Don't operated the system with the cover off and keep "slot covers" in the back of the computer in place. III Use only shielded cable for all system interconnections. A shielded cable surrounds the core of control wires with a metal braid or foil to keep signals confined to that core. In the late seventies it was common to use unshielded cable such as "ribbon" cable to connect the computer with, say, a diskette drive. Unshielded cable acts just like an antenna for signals generated by your computer and peripherals. Most computer manufacturer supply shielded cable for use with their computers in order to meet FCC standards. Cables bought from third-parties are an unknown and should be avoided (unless you are willing to take one apart to see for yourself!) Try to avoid a "rat's nest" of wire and cabling behind your equipment and by keeping all cables as short as possible. You want to reduced the length of unintended antennas and to more easily predict the likely paths of electric and magnetic coupling from cable to cable so that it can be more effectively filtered. IV Block radiation from the power cord(s) into the house wiring. Most computers have an EMI filter built into their body where the AC line cord enters the power supply. This filter is generally insufficient to prevent substantial re-radiation of EMI voltages back into the power wiring of your house and neighborhood. To reduce the power retransmitted down the AC power cords of your equipment, plug them in to special EMI filters that are in turn plugged into the wall socket. I use a model 475-3 overvoltage and EMI filter manufactured by Industrial Communication Engineers, Ltd. P.O. Box 18495 Indianapolis, IN 46218-0495 1-800-ICE-COMM ask for their package of free information sheets (AC and other filters mentioned in this note are available from a wide variety of sources including, for example, Radio Shack. I am enthusiastic about ICE because of the "over-designed" quality of their equipment. Standard disclaimers apply.) This particular filter from ICE is specified to reduce retransmission of EMI by a factor of at least 1000 in its high-frequency design range. Although ideally every computer component using an AC line cord ought to be filtered, it is especially important for the monitor and computer CPU to be filtered in this manner as the most useful information available to opponents is believed to come from these sources. V Block retransmitted information from entering your fax/modem or telephone line. Telephone line is generally very poorly shielded. EMI from your computer can be retransmitted directly into the phone line through your modem or can be unintentionally picked up by the magnetic portion of the EMI spectrum through magnetic induction from power supplies or the yoke of your cathode ray tube "CRT" monitor. To prevent direct retransmission, EMI filters are specifically designed for modular telephone jacks to mount at the telephone or modem, and for mounting directly at the service entrance to the house. Sources of well-designed telephone-line filter products include ICE (address above) and K-COM Box 82 Randolph, OH 44265 216-325-2110 Your phone company or telephone manufacturer may be able to supply you with free modular filters, although the design frequencies of these filters may not be high enough to be effective through much of the EMI spectrum of interest. Keep telephone lines away from power supplies of computers or peripherals and the rear of CRTs: the magnetic field often associated with those device can inductively transfer to unshielded lines just as if the telephone line were directly electrically connected to them. Since this kind of coupling decreases rapidly with distance, this kind of magnetic induction can be virtually eliminated by keeping as much distance (several feet or more) as possible between the power supply/monitor yoke and cabling. VI Use ferrite toroids and split beads to prevent EMI from escaping on the surface of your cables. Ferrites are magnetic materials that, for certain ranges of EMI frequencies, attenuate the EMI by causing it to spend itself in heat in the material rather than continuing down the cable. They can be applied without cutting the cable by snapping together a "split bead" form over a thick cable such as a power cord or by threading thinner cable such as telephone several times around the donut-shaped ferrite form. Every cable leaving your monitor, computer, mouse, keyboard, and other computer peripherals should have at least one ferrite core attentuator. Don't forget the telephone lines from your fax, modem, telephone or the unshielded DC power cord to your modem. Ferrites are applied as close to the EMI emitting device as possible so as to afford the least amount of cable that can act as an antenna for the EMI. Good sources for ferrite split beads and toroids include Amidon Associates, Inc. P.O. Box 956 Torrance, CA 90508 310-763-5770 (ask for their free information sheet) Palomar Engineers P.O. Box 462222 Escondido, CA 92046 619-747-3343 (ask for their free RFI information sheet) and Radio Shack. VII Other practical remedies. Other remedies that are somewhat more difficult to correctly apply include providing a good EMI "ground" shield for your computer equipment and other more intrusive filters such as bypass capacitor filters. You probably ought not to think about adding bypass capacitors unless you are familiar with electronic circuits and digital design. While quite effective, added improperly to the motherboard or cabling of a computer they can "smooth out" the square wave digital waveform -- perhaps to the extent that signals are interpreted erroneously causing mysterious "crashes" of your system. In other cases, bypass capacitors can cause unwanted parasitic oscillation on the transistorized output drivers of certain circuits which could damage or destroy those circuits in the computer or peripherals. Also, unlike ferrite toroids, adding capacitors requires actually physically splicing them in or soldering them into circuits. This opens up the possibility of electric shock, damage to other electronic components or voiding the warranty on the computer equipment. A good EMI ground is difficult to achieve. Unlike an electrical safety ground, such as the third wire in a three-wire AC power system, the EMI ground must operate effectively over a much wider part of the EMI spectrum. This effectiveness is related to a quality known as electrical impedance. You desire to reduce the impedance to as low a value as possible over the entire range of EMI frequencies. Unlike the AC safety ground, important factors in achieving low impedance include having as short a lead from the equipment to a good EMI earth ground as possible (must be just a few feet); the gauge of the connecting lead (the best EMI ground lead is not wire but woven grounding "strap" or wide copper flashing sheets; and the physical coupling of the EMI into the actual earth ground. An 8 ft. copper-plated ground may be fine for AC safety ground, but may present appreciable impedance resistance to an EMI voltage. Much better would be to connect a network of six to eight copper pipes arranged in a six-foot diameter circle driven in a foot or two into the ground, electrically bonded together with heavy ground strap and connected to the equipment to be grounded via a short (at most, several feet), heavy (at least 3/4-1" wide) ground strap. If you can achieve a good EMI ground, then further shielding possibilities open up for you such as surrounding your monitor and computer equipment in a wire-screen Faraday cage. You want to use mesh rather than solid sheet because you must preserve the free flow of cooling air to your equipment. Buy aluminum (not nylon) screen netting at your local hardware store. This netting typically comes in rolls 36" wide by several feet long. Completely surround your equipment you want to reduce the EMI being careful to make good electrical bonds between the different panels of netting and your good earth ground. I use stainless steel nuts, bolts, and lock washers along with special non-oxidizing electrical paste (available from Electrical contractors supply houses or from ICE) to secure my ground strapping to my net "cages". A good Faraday cage will add several orders of magnitude of EMI attenuation to your system. VIII Checking the effectiveness of your work. It is easy to get a general feeling about the effectiveness of your EMI shielding work with an ordinary portable AM radio. Bring it very close to the body of your computer and its cables in turn. Ideally, you should not hear an increased level of static. If you do hear relatively more at one cable than at another, apply more ferrite split beads or obtain better shielded cable for this component. The practice of determining what kind of operating system code is executing by listening to a nearby AM radio is definitely obsolete for an well-shielded EMI-proof system! To get an idea of the power and scope of your magnetic field emissions, an ordinary compass is quite sensitive in detecting fields. Bring a compass within a few inches of the back of your monitor and see whether it is deflected. Notice that the amount of deflection decreases rapidly with distance. You want to keep cables away from magnetic sources about as far as required not to see an appreciable deflection on the compass. VIIII Summary If you start with good, shielded equipment that has passed the FCC level B emission standard then you are off to a great start. You may even be able to do even better with stock OEM equipment by specifying "low-emission" monitors that have recently come on the market in response to consumer fears of extremely low frequency ("ELF") and other electromagnetic radiation. Consistently use shielded cables, apply filtering and ferrite toroids to all cabling entering or leaving your computer equipment. Finally, consider a good EMI ground and Faraday cages. Beyond this there are even more effective means of confining the electrical and magnetic components of your system through the use of copper foil adhesive tapes, conductive paint sprays, "mu metal" and other less common components.
1.约翰·肯尼迪总统未发表的演讲,达拉斯公民委员会(1963年11月22日)35-36。
2.TEMPEST是瞬态电磁脉冲发射标准的首字母缩写。该标准阐述了美国官方对一台设备在不影响其正在处理的信息的情况下可能发出的电磁辐射量的看法。暴风雨是防御的标准;符合本标准的设备称为经TEMPEST认证的设备。美国政府拒绝解密用于拦截未经暴风认证设备电磁信息的设备的首字母缩写。在本文中,这些设备及其背后的技术也将被称为TEMPEST;在这种情况下,TEMPEST代表瞬态电磁脉冲监视技术。美国政府拒绝公布有关TEMPEST的细节,并继续进行有组织的努力,以审查有关它的信息传播。例如,美国国家安全局通过对王实验室在TEMPEST认证设备上的演讲内容进行分类,并威胁要以泄露机密信息起诉演讲者,从而成功地阻止了王实验室的演讲。 [cite coming].
3.本说明不会讨论TEMPEST与美国宪法下的授权令要求的关系。它也不会讨论宪法将外国公民排除在搜查令要求之外的问题。
4.自独立战争以来,美国一直在使用人工智能技术。“很明显,必须得到可靠的消息,这是不必再劝了。我剩下要补充的就是,你要把整个事情尽量保密。因为大多数这类企业的成功都依赖于秘密,由于缺乏秘密,无论计划多么周密,前景多么有利,它们通常都会失败。”乔治华盛顿的信(1777年7月26日)。
5."...我希望你尽你所能,派遣你可以信赖的人到史坦顿岛去,了解敌人的情况和数量——他们是什么样的部队,有什么样的近卫军——他们的兵力和部署在哪里。”Id。
6.“偷听”是盎格鲁-撒克逊语的一个词,指用来防止雨水落在房屋地基附近的宽阔的悬檐。这种窃听装置提供了“一个隐蔽的地方,人们可以躲在那里秘密地听房子里的谈话。”《汉语词汇起源词典》,1998(1)。
7.Pursglove,《俄罗斯间谍无线电的工作原理》,无线电电子学,89-91页(1962年1月)。
8.拦截是一种间谍术语,应该与其更常见的使用区别。当信息被拦截时,拦截器以及预期的收件人接收信息。当未被用作艺术术语时拦截是指接受为别人的某些东西的人;预期的收件人从未收到他打算接收的内容。
9.有两种类型的辐射,传导和辐射。当组件或电缆充当天线传送电子邮件r时,就会形成辐射辐射;当辐射沿电缆或其他连接点传导但不辐射时,称为“传导”。来源包括电缆、接地回路、印刷电路板、内部电线、电源线耦合的电源、电缆到电缆耦合、开关晶体管和大功率放大器。电磁干扰控制方法和程序,
10.1(1985)。设备可以作为天线直接发送信号,甚至两者都接收信号并在远离源设备的地方重新发射。以这种方式充当天线的电缆可能比设备本身更有效地传输信号。类似的情况也会发生在生活用水(. ...)等金属管道上如果一个接地(接地)系统没有正确安装,这样有一个路径电路中电阻很高(例如油漆防止传导和作为绝缘体),然后整个接地系统很可能以类似的方式采取行动,天线……[对于一个VDU]最强的信号,或其谐波,通常在60-250 MHz左右。但是,在电视频带和450-800兆赫兹之间的较高频率有一个明显的例外,即极强烈的辐射。《计算机法律与安全报告》第27期(1988)。10.TEMPEST ELINT算子可以区分同一房间内不同的vdu,因为homo和heterogeneous单元的EMR特征不同。“[T]这里的EMR特性与其他同类设备几乎没有什么比较。 Only if the [VDU] was made with exactly the same components is there any similarity. If some of the components have come from a different batch, have been updated in some way, and especially if they are from a different manufacturer, then completely different results are obtained. In this way a different mark or version of the same [VDU] will emit different signals. Additionally because of the variation of manufacturing standards between counties, two [VDUs] made by the same company but sourced from different counties will have entirely different EMR signal characteristics...From this it way be thought that there is such a jumble of emissions around, that it would not be possible to isolate those from any one particular source. Again, this is not the case. Most received signals have a different line synchronization, due to design, reflection, interference or variation of component tolerances. So that if for instance there are three different signals on the same frequency ... by fine tuning of the RF receiver, antenna manipulation and modification of line synchronization, it is possible to lock onto each of the three signals separately and so read the screen information. By similar techniques, it is entirely possible to discriminate between individual items of equipment in the same room." Potts, supra note
9.关于暴风雨ELINT威胁的讨论参见《记忆银行》,AMERICAN BANKER 20(1985年4月1日);专家说,银行计算机系统的排放使窃听变得容易,美国银行家1(1985年3月26日);CRT间谍:对企业安全的威胁,《个人电脑周刊》(1987年3月10日)。
11.TEMPEST涉及数字设备形成的瞬态电磁脉冲。所有电子设备都会辐射EMR,可对其进行重构。数字设备将信息处理为1和0——开或关。正因为如此,数字设备发出EMR脉冲。这些脉冲比模拟设备发出的非脉冲EMR更容易在一定距离内重建。有关宽带数字信息辐射问题的详细讨论,请参见军事标准MIL-STD-461 REO2;白色,前注9,10.2。
12.见上文注2。
13.电子情报收集器特别感兴趣的是来自计算机、通信中心和航空电子设备的电子病历。舒尔茨,用暴风雨击败伊万,国防电子64(1983年6月)。
14.CRT屏幕上的图像是由在屏幕上排成一行的象素(像素)组成的。这些像素是由材料构成的,当受到能量冲击时,材料会发出荧光。这种能量是由显像管后面的电子枪射出的电子束产生的。电子束以有规律的重复方式扫描阴极射线管的屏幕。当光束的电压很高时,它聚焦的像素就会发出光子,并在屏幕上显示为一个点。通过选择性的射击,当它扫描CRT的表面时,像素在CRT屏幕上形成字符。这些象素只能发光很短的时间,而且必须经常受到电子束的照射才能保持明亮。为了保持所有应该被照亮的象素的光输出,电子束每秒要穿过整个CRT屏幕60次。每次激光束发射时,都会产生高电压的EMR发射。该EMR可用于重建目标CRT屏幕的内容。 TEMPEST ELINT equipment designed to reconstruct the information synchronizes its CRT with the target CRT. First, it uses the EMR to synchronize its electron gun with the electron gun in the target CRT. Then, when the TEMPEST ELINT unit detects EMR indicating that the target CRT fired on a pixel, the TEMPEST ELINT unit fires the electron gun of its CRT. The ELINT CRT is in perfect synchronism with the target CRT; when the target lights a pixel, a corresponding pixel on the TEMPEST ELINT CRT is lit. The exact picture on the target CRT will appear on the TEMPEST ELINT CRT. Any changes on the target screen will be instantly reflected in the TEMPEST ELINT screen. TEMPEST Certified equipment gives off emissions levels that are too faint to be readily detected. Certification levels are set out in National Communications Security Information Memorandum 5100A (NACSIM 5100A). "[E]mission levels are expressed in the time and frequency domain, broadband or narrow band in terms of the frequency domain, and in terms of conducted or radiated emissions." White, supra, note 9, 10.1. For a thorough though purposely misleading discussion of TEMPEST ELINT see Van Eck, Electromagnetic Radiation from Video Display units: An Eavesdropping Risk?, 4 Computers & Security 269 (1985).
15.酒吧。L. 90-351, 82 Stat. 197。该法案将个人和政府机构的非法侵入电子信息视为犯罪。参见Katz v. United States, 389 U.S. 347(1967)(第四修正案禁止政府而非个人进行监视)。
16.18事项2511 (1)(a)。
17.“美国诉霍尔案”,488 F.2d 193(1973年第9号判例)(发现没有立法史表明国会打算将无线电话通话包括在内)。此外,第三章只将拦截排除所有计算机通信形式的“听觉”通信定为犯罪。
18.威拉曼特订阅电视诉Cawood,580 F.Supp 1164(D.或。1984)(非线通信缺乏对隐私的任何期望)。
19.酒吧。第99- 508,100号法令1848(美国联邦法典第18号第2510-710号)[以下为ECPA]。
20.18 U.S.C. 2511(1)(a)将不考虑隐私期望而截获“任何有线、口头或电子通信”的行为定为犯罪。
21.《1985年通信拦截法案》,长标题,为通过邮政或公共电信系统发送的通信进行拦截并与之相关作出新规定的法案,并修订《1984年电信法》第45节。
22.《1985年通讯拦截法》(1)本节的下列规定,一个人有意截取通信过程中其邮寄或通过一个公共电信传输系统的人应当犯法和责任——(a)在总结信念,罚款不超过法定最高;(b)经公诉程序定罪,可处不超过两年的监禁或罚款,或两者兼处。
*** 23.违反规约的攻击(AKA侵入性窃听)是明显的。“由截取的通信法案第1条创建的罪行涵盖了计算机通信上的那些形式的窃听,涉及”攻丝“消息的电线。然而,可能出现的一个问题是吗?通过公共电信系统在其传输过程中截获了问题的通信。在技术上,可以在其传输中播放几个阶段的通信,并且可能是决定它进入的阶段的事实问题“公共”境界。法律委员会,工作文件编号。110:计算机误用,3.30(1988)。
24.他说:“还有一些窃听形式是该法案没有涵盖的。为例。通过监测周围的辐射场,以便在窃听者的屏幕上显示合法用户屏幕上出现的任何内容,从而窃听V.D.U.(此处指CRT)屏幕。这种活动似乎不构成任何刑事犯罪……”法律委员会,工作文件第2号。110:计算机误用,3.31(1988)。
25.加拿大刑法第301.2(1)条规定:…(a)直接或间接地获得任何计算机服务;(b)通过电磁手段……或直接或间接拦截计算机系统的任何功能的其他装置、拦截器或导致拦截器……犯有可起诉的罪行。
26.美国量刑委员会,联邦量刑指南手册(1988)(在未知页面))
27.关于什么是计算机犯罪一直有很大的争论。有几种思想流派。更明确的学派,即作者所坚持的一派,认为计算机犯罪的范畴应仅限于针对计算机的犯罪;例如,恐怖分子用炸药摧毁电脑就属于这一类。把“幽灵雇员”安装到工资单电脑上、收取他们的工资等犯罪行为,不过是由来已久的会计欺诈;今天,诈骗涉及电脑,因为记录保存在电脑上。计算机只不过是犯罪的辅助工具。这已经被错误地贴上了计算机犯罪的标签,应该仅仅被称为借助计算机进行的欺诈行为。最后,还有信息犯罪。 These are crimes related to the purloining or alteration of information. These crimes are more common and more profitable due to the computer's ability to hold and access great amounts of information. TEMPEST ELINT can best be categorized as a information crime.
28.举例来说,比较一下水门事件,窃贼回来移动一个位置不好的扩频窃听器时被发现。
29.TEMPEST认证是指通过NACSIM 5100A规定的测试和发射制度的设备。这份机密文件规定了国家安全局认为数字设备可以在不影响其处理信息的情况下发出的辐射水平。NACSIM 5100A和TEMPEST的所有细节都是保密的。为了获得使用权,承包商必须证明政府内部对拟认证的特定类型设备有需求。由于标准是保密的,承包商不能将设备出售给不安全的政府机构或公众。这就防止了对其物理实施例标准的反向工程,即认证设备。通过阻止私营部门拥有这种反窃听设备,国家安全局有效地阻止了他们保护电脑中的信息。
30.以前是标准局。NIST是商务部的一个部门。
31.在这种情况下,计算机设备将包括所有外围计算机设备。如果打印机或调制解调器没有通过认证,则使用经TEMPEST认证的计算机是没有用的。
32.美国国家安全局曾试图限制TEMPEST信息的可用性,以防止这些设备的传播。关于第一修正案和事先限制的讨论见美利坚合众国诉进步公司467 F。增补990 (1979,WD Wis.)(打算出版核武器计划的杂志;预先限制禁令发布),reh。窝。美国诉进步公司案补充5 (1979,WD Wis.), den Morland诉Sprecher 443 US 709(1979)动议(mandamus),动议否决美国诉Progressive, Inc. 5 Media L R (1979, 7th Cir.), dismd。没有op. U.S. v. Progressive, Inc . 610 F.2d 819 (1979, 7th Cir.);《纽约时报》公司诉美国政府案,403 U.S. 713 (1971)(per curium)(五角大楼文件案:提出政府无法满足的事先限制标准);《言论自由制度》(1970年); Balance Between Scientific Freedom and NAtional Security, 23 JURIMETRICS J. 1 (1982)(current laws and regulations limiting scientific and technical expression exceed the legitimate needs of national security); Hon. M. Feldman, Why the First Amendment is not Incompatible with National Security, HERITAGE FOUNDATION REPORTS (Jan. 14, 1987). Compare Bork, Neutral Principles and Some First Amendment Problems, 47 IND. L. J. 1 (First Amendment applies only to political speech); G. Lewy, Can Democracy Keep Secrets, 26 POLICY REVIEW 17 (1983)(endorsing draconian secrecy laws mirroring the English system).
33.例如,NSA刚刚允许药物执法机构(DEA)购买Tempest认证的计算机设备。DEA希望安全的计算机设备,因为富裕的毒枭正在使用Tempest窃听设备。
34.管理使用自动处理的个人信息以及提供此类信息相关服务的法案-1984年数据保护法,长标题。
35.“个人资料”指由可从该资料(或从该资料使用者所管有的该等及其他资料)辨识的与在世个人有关的资料组成的资料,包括就该名个人表达意见,但不包括表明该资料使用者就该名个人的意图。- 1984年数据保护法案1(3)
36.“数据用户”是指持有数据的人,如果以下情况,则该人“持有”数据—(a)该数据构成上文第(2)款所述由该人或其代表处理或打算处理的数据集合的一部分[第(2)款定义了“数据”],(b)该人(单独或共同或与其他人共同)控制收集中包含的数据的内容和使用;和(c)数据采用上文(a)段所述的已处理或拟处理的格式,或(尽管目前并非采用该格式)在处理后转换为的格式,以期在随后的情况下进一步处理。-数据保护法1(5)。
37.《1984年数据保护法案》,4,5。
38.资料使用者所持有的个人资料的当事人…以及因(1)(c)…如资料使用者在没有上述授权的情况下,披露该等资料或查阅该等资料,均有权获得补偿。对于个人因…而遭受的任何痛苦披露或访问。- 1984年数据保护法
39……这将是一种辩护,以证明……数据使用者…在所有情况下采取了合理要求的谨慎措施,以防止……有问题的披露或访问。1984年数据保护法23(3)
http://www.usc.edu/~rengen/PROCESS/Public/Text/Pseudo_Intell/Tempset_文档
来自:cj %(电子邮件保护)(克里斯托弗J。塞琳((电子邮件保护)以下是一篇有关《TEMPEST》的文章的预稿。我把它贴在这个新闻组上,希望:(1)激发对这个问题的讨论;(2)暴露文件中的技术错误;(3)寻求新的信息来源;揭开我忘记盖上的东西。我将无法监控这篇文章的讨论。因此,请将您的评论发送到新闻组,但请按下面列出的地址发送一份给我。我收到了许多关于本文格式的邮件。下面是一些解释:每页“____________________”后面的编号段落是脚注。我建议把文件打印出来而不是在CRT上读。 Thanks you in advance. Christopher Seline(电子邮件保护)(电子邮件保护)(c) 1990年克里斯托弗J。塞琳=============================================================================