From: Hawkspirit Date: Mon Jan 21, 2002 11:51am Subject: Wireless LAN Test Gear Anyone have any experience with this test gear and software? Roger A handful of test equipment companies are currently developing advanced site survey tools - Berkeley Varitronics Systems (Metuchen, New Jersey) and Softbit (Oulu, Finland) now have products on the market. Softbit's TriCycle. is software that installs on a laptop equipped with a radio card and provides a very useful display of nearby access points, association status, signal levels, and has the ability to display coverage areas. This product doesn't get you away from lugging a laptop around, but it certainly has features that decrease the time and increase the accuracy of performing site surveys. Berkeley Varitronics Systems' Grasshopper. has fewer graphical features, but it is a small handheld device weighing only 3 lbs. http://www.80211-planet.com/tutorials/article/0,4000,10724_953661,00.html 4594 From: James M. Atkinson Date: Mon Jan 21, 2002 0:12pm Subject: Re: Help on R.F. signal identification You really don't need a dish, but you will need either a yagi or a horn. A dish tends to be a little too high of a gain antenna to use indoors, mostly due to the reflections of the signals. However, a small dish if really helpful as your outside and dealing with wide open spaces. Log periodic units are OK, but they are too broadband for this kind of situation, and don't have don't have sufficient gain to be of much value in cases like this. My personal preference would be a 16 dBi standard gain horn fed into an LNA with a filter on the front end. I prefer a 30-43+ dB LNA with a really sharp bandpass filter. When digging around in the 2.4 GHz ISM band you have to fight with PCS phones down below 1.9 GHz, and deal with MMDS and Aero Radar close to the band as well (many a sweeper has confused 2.7-2.9 GHz radar scatter with a burst transmission). You can get away with about 12 dB of antenna gain, but it is important to filter, then amplify. If your using something like a MSR-904 or SPECTRE then you have to fight with 20+ dB of system noise as well, so that filtered LNA is an absolute must. Figure the standard gain horn gives you a moderately directional signal (about a 20-30 degree pattern), but that the LNA actually cleans it up and isolates it so the receiver can hear it. On an MSR-904 you want to punch up the signals of interest by about 30 dB (plus the noise figure of the amplifier), and mount the LNA/Filter DIRECTLY on the horn. When you buy the horn get it with an SMA connector and attach the LNA directly to this (using an SMA to SMA L connector). If you are unable to find an LNA with the filter internal in the amp then buy an external and put it (or them) between the horn and the amplifier. The goal is to knock down the 1.8 PCS band by at least 60 dB, and preferably kill everything below 2 GHz by at least 40 dB. If your working near an airport you will also have to filter everything above 2.7 GHz. To measure the time domain crank the bandwidth of your receiver to about 50 MHz and dump the detected signal into a logarithmic amplifier and then to your scope. Set the trigger to be slightly above the noise floor of the incoming signal and document how it behaves. It is far more important to use the equipment to TRACE the source of the signal, then it is to try to figure out the mystery from a distance using passive techniques. -jma At 9:33 AM -0800 1/21/02, Hawkspirit wrote: >Thanks, Jim, > >The overall bandwidth is by the numbers 66MHZ, The individual pulses >appeared to be about 5MHZ each. As far as the time domain, I was using my >surveillance receiver so I could not do any kind of frame capture. >What would be the best technique for measurement in the time domain? >I could get a general direction on the signal but the sweep was started >after dark so I could not see the surrounding area. It is a residential >neighborhood. >The antenna's I am using are various flavors of wire wound configurations. >It appears I will need some kind of dish for this. Would this be your >recommendation for better directional analysis? >Thanks as always for your expert R.F.help. Roger > > >Roger, >What was the bandwidth of the signals, and did you examine the >signals in the time domain? >I would suspect an 802.11 WLAN connection, but of course it has to be >assumed a hostile signal until proven otherwise. >Where did you trace the signal to? >Was it originating INSIDE your clients facility? >What kind of antenna where you using? >-jma -- -------------------------------------------------------------------------------------------------- The First, The Largest, The Most Popular, and The Most Complete TSCM, Bug Sweep, Spy Hunting, and Counterintelligence Site on the Internet. -------------------------------------------------------------------------------------------------- James M. AtkinsonPhone: (978) 546-3803 Granite Island GroupFax: (978) 546-9467 127 Eastern Avenue #291http://www.tscm.com/ Gloucester, MA 01931-8008mailto:jmatk@t... -------------------------------------------------------------------------------------------------- People sleep peaceably in their beds at night only because rough men stand ready to do violence on their behalf. - George Orwell -------------------------------------------------------------------------------------------------- 4595 From: Hawkspirit Date: Mon Jan 21, 2002 0:28pm Subject: Help on R.F. signal Identification From looking at these two articles, it sure seems that this describes my signal. Roger Part 4: the Frequency Hopping Spread Spectrum PHY (Naftali Chayat, BreezeCom) Part 5: the Direct Sequence Spread Spectrum PHY (Jan Boer, Lucent Technologies) http://grouper.ieee.org/groups/802/11/main.html 4596 From: James M. Atkinson Date: Mon Jan 21, 2002 0:59pm Subject: Re: Help on R.F. signal Identification OK, But you still have to find out where the signal is coming from. Bluetooth is quite capable of being used for voice eavesdropping, and as such you have to hunt down where the signals are coming from. For example, an eavesdropper can plant microphones all over someone office and then wire them into the companies LAN. Then extended the LAN "off premises" with Bluetooth so the eavesdropper can backdoor into the network and download the audio from the microphones. With some fairly cheap consumer technology the eavesdropper can have a VOX type voice recorder with a USB interface (like some of the 22 hour units) tied into a small controller that sits on the network. Every week of so the eavesdropper simply drives by the building and downloads a half dozen of these audio files from the controller in just a matter of minutes. A sophisticated eavesdropper could also have obtains a Bluetooth eavesdropping device, and what your picking up on is actually a signal a hostile device. Trace down where the signal is coming from, then trace the network connected to it. Suspect it is hostile until you can prove otherwise. -jma At 10:28 AM -0800 1/21/02, Hawkspirit wrote: > From looking at these two articles, it sure seems that this describes my >signal. Roger > >Part 4: the Frequency Hopping Spread Spectrum PHY (Naftali Chayat, BreezeCom) >Part 5: the Direct Sequence Spread Spectrum PHY (Jan Boer, Lucent >Technologies) > >http://grouper.ieee.org/groups/802/11/main.html > -- -------------------------------------------------------------------------------------------------- The First, The Largest, The Most Popular, and The Most Complete TSCM, Bug Sweep, Spy Hunting, and Counterintelligence Site on the Internet. -------------------------------------------------------------------------------------------------- James M. AtkinsonPhone: (978) 546-3803 Granite Island GroupFax: (978) 546-9467 127 Eastern Avenue #291http://www.tscm.com/ Gloucester, MA 01931-8008mailto:jmatk@t... -------------------------------------------------------------------------------------------------- People sleep peaceably in their beds at night only because rough men stand ready to do violence on their behalf. - George Orwell -------------------------------------------------------------------------------------------------- 4597 From: Aimee Farr Date: Mon Jan 21, 2002 0:59pm Subject: RE: China silent over spy devices found on its presidential plane > The story was not carried by any local media. Analysts said yesterday they > saw the lack of response by Beijing so far as a sign that the Chinese > leadership wanted to downplay the incident. Downplay...The Washington Post immediately jumps to mind, doesn't it? Pht. ~Aimee ''When the mass support is sufficiently good to block the leakage of news, it is often possible by various ruses to succeed in leading the enemy into a morass of wrong judgments and actions so that he loses his superiority and the initiative. The saying, "There can never be too much deception in war", means precisely this. What does "being caught unawares" mean? It means being unprepared. Without preparedness superiority is not real superiority and there can be no initiative either. Having grasped this point, a force which is inferior but prepared can often defeat a superior enemy by surprise attack. We say an enemy on the move is easy to attack precisely because he is then off guard, that is, unprepared.'' -- MAO 4598 From: James M. Atkinson Date: Mon Jan 21, 2002 1:09pm Subject: ONLY IN AMERICA ONLY IN AMERICA 1. Only in America...can a pizza get to your house faster than an ambulance. 2. Only in America...are there handicap parking places in front of a skating rink. 3. Only in America...do drugstores make the sick walk all the way to the back of the store to get their prescriptions while healthy people can buy cigarettes at the front. 4. Only in America...do people order double cheese burgers, large fries, and a diet coke. 5. Only in America...do banks leave safe doors open and then chain the pens to the counters. 6. Only in America...do we leave cars worth thousands of dollars in the driveway and put our useless junk in the garage. 7. Only in America...do we use answering machines to screen calls and then have call waiting so we won't miss a call from someone we didn't want to talk to in the first place. 8. Only in America...do we buy hot dogs in packages of ten and buns in packages of eight. 9. Only in America...do we use the word "politics" to describe the process so well: "Poli" in Latin meaning "many" and "tics" meaning "bloodsucking creatures." 10. Only in America...do they have drive-up ATM machines with Braille lettering -jma -- -------------------------------------------------------------------------------------------------- The First, The Largest, The Most Popular, and The Most Complete TSCM, Bug Sweep, Spy Hunting, and Counterintelligence Site on the Internet. -------------------------------------------------------------------------------------------------- James M. AtkinsonPhone: (978) 546-3803 Granite Island GroupFax: (978) 546-9467 127 Eastern Avenue #291http://www.tscm.com/ Gloucester, MA 01931-8008mailto:jmatk@t... -------------------------------------------------------------------------------------------------- People sleep peaceably in their beds at night only because rough men stand ready to do violence on their behalf. - George Orwell -------------------------------------------------------------------------------------------------- 4599 From: James M. Atkinson Date: Mon Jan 21, 2002 2:56pm Subject: Me want beer Indian walks into a bar with a shotgun in one hand and a bucket of Buffalo manure in the other. He says to the bartender: "Me want beer." The bartender says: "Sure Chief, coming right up." He gets the Indian a tall draft beer and the Indian drinks it down in one gulp, picks up the bucket, throws the manure into the air and blasts it with the shotgun, then he walks out. Four days later the Indian returns. He has his shotgun in one hand and another bucket of manure in the other. He walks up to the bar and says to the bartender: "Me want beer." The bartender says: "Whoa, Tonto, we're still cleaning up from the last time you were in here. What was that all about, anyway? "The Indian says, "Me in training for job as federal employee; drink beer, shoot the shit, and disappear for a few days." -jma -- -------------------------------------------------------------------------------------------------- The First, The Largest, The Most Popular, and The Most Complete TSCM, Bug Sweep, Spy Hunting, and Counterintelligence Site on the Internet. -------------------------------------------------------------------------------------------------- James M. AtkinsonPhone: (978) 546-3803 Granite Island GroupFax: (978) 546-9467 127 Eastern Avenue #291http://www.tscm.com/ Gloucester, MA 01931-8008mailto:jmatk@t... -------------------------------------------------------------------------------------------------- People sleep peaceably in their beds at night only because rough men stand ready to do violence on their behalf. - George Orwell -------------------------------------------------------------------------------------------------- 4600 From: gvp Date: Mon Jan 21, 2002 2:13pm Subject: [jmatk@t...: Re: Help on R.F. signal Identification] Bluetooth probably isn't the culprit (although it operates in the 2.4 gig ISM band), as the range for Bluetooth and other Personal Area Networks is about 10 - 15 meters. One of the 802.11 variants is more likely. ----- Forwarded message from "James M. Atkinson" ----- Delivered-To: 25th.com-gvp@2... X-eGroups-Return: sentto-49964-5064-1011639627-gvp=25th.com@r... X-Sender: jmatk@t... X-Apparently-To: TSCM-L@yahoogroups.com X-Sender: spook8@p... In-Reply-To: <5.1.0.14.0.20020121102529.00a3b020@1...> To: TSCM-L@yahoogroups.com From: "James M. Atkinson" X-Yahoo-Profile: graniteislandgroup Mailing-List: list TSCM-L@yahoogroups.com; contact TSCM-L-owner@yahoogroups.com Delivered-To: mailing list TSCM-L@yahoogroups.com Precedence: bulk List-Unsubscribe: Date: Mon, 21 Jan 2002 13:59:36 -0500 Subject: Re: [TSCM-L] Help on R.F. signal Identification OK, But you still have to find out where the signal is coming from. Bluetooth is quite capable of being used for voice eavesdropping, and as such you have to hunt down where the signals are coming from. For example, an eavesdropper can plant microphones all over someone office and then wire them into the companies LAN. Then extended the LAN "off premises" with Bluetooth so the eavesdropper can backdoor into the network and download the audio from the microphones. With some fairly cheap consumer technology the eavesdropper can have a VOX type voice recorder with a USB interface (like some of the 22 hour units) tied into a small controller that sits on the network. Every week of so the eavesdropper simply drives by the building and downloads a half dozen of these audio files from the controller in just a matter of minutes. A sophisticated eavesdropper could also have obtains a Bluetooth eavesdropping device, and what your picking up on is actually a signal a hostile device. Trace down where the signal is coming from, then trace the network connected to it. Suspect it is hostile until you can prove otherwise. -jma At 10:28 AM -0800 1/21/02, Hawkspirit wrote: > From looking at these two articles, it sure seems that this describes my >signal. Roger > >Part 4: the Frequency Hopping Spread Spectrum PHY (Naftali Chayat, BreezeCom) >Part 5: the Direct Sequence Spread Spectrum PHY (Jan Boer, Lucent >Technologies) > >http://grouper.ieee.org/groups/802/11/main.html > -- -------------------------------------------------------------------------------------------------- The First, The Largest, The Most Popular, and The Most Complete TSCM, Bug Sweep, Spy Hunting, and Counterintelligence Site on the Internet. -------------------------------------------------------------------------------------------------- James M. AtkinsonPhone: (978) 546-3803 Granite Island GroupFax: (978) 546-9467 127 Eastern Avenue #291http://www.tscm.com/ Gloucester, MA 01931-8008mailto:jmatk@t... -------------------------------------------------------------------------------------------------- People sleep peaceably in their beds at night only because rough men stand ready to do violence on their behalf. - George Orwell -------------------------------------------------------------------------------------------------- ======================================================== TSCM-L Technical Security Mailing List "In a multitude of counselors there is strength" To subscribe to the TSCM-L mailing list visit: http://www.yahoogroups.com/community/TSCM-L It is by caffeine alone I set my mind in motion. It is by the juice of Star Bucks that thoughts acquire speed, the hands acquire shaking, the shaking is a warning. It is by caffeine alone I set my mind in motion. =================================================== TSKS Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/ ----- End forwarded message ----- 4601 From: James M. Atkinson Date: Mon Jan 21, 2002 6:45pm Subject: The cat walked by and broke wind... Good Evening, I just had a little chat with some salesmen who called and tried to hustle me into becoming an "exclusive dealer" for some highly sophisticated counter-surveillance which I can sell in my "store" (like I have time to run a storefront). I decided to entertain the call for a few minutes, and played the "gosh, what is a bug detector" game; which cause the sales weenie to explain how sophisticated the equipment was. I asked if they made the equipment themselves, and he proudly answered in the affirmative. He kept pushing me to visit his website, which I did (I am not going to give out the link on the off chance one of our membership is foolish enough to buy the gear). He explains to me that the pricing on their website is for dealers only, and that I can markup the prices by at least 800% or more. I of course feigned getting excited about all the money that could be made selling his equipment. I let him go through his little sales script, then I started lobbing "clueless questions" about "gee, what kinds of wiretaps will it detect", then asked him to explain what they meant by series and parallel, etc. Then, I dropped a bomb on the poor guy and asked him if it would detect "high impedance wiretaps" and he walked right into it. "Oh, Sure" he tells me after consulting with someone on his end, "but you have to get our Advanced System". He then went on to tell me that the engineers on his end have spent the last 15 years designing this equipment, etc... etc... The CIA buys is, the NSA certified it, the FBI is trying to force them out of business, and so on. I then explained that he can "insert and rotate" his little spy shop toys, that his descriptions are fraudulent, that his products are crap, and are being offered in violation of the law. Sheesh, it is really unbelievable the crap some of these people are trying to foist on the public. The sad part is that I have actually seen some of their equipment in the hands of neophytes (who paid the 800%). While it didn't detect any covert eavesdropping equipment it did blink when the cat walked by and broke wind... other then that it was a worthless paperweight. -jma -- -------------------------------------------------------------------------------------------------- The First, The Largest, The Most Popular, and The Most Complete TSCM, Bug Sweep, Spy Hunting, and Counterintelligence Site on the Internet. -------------------------------------------------------------------------------------------------- James M. AtkinsonPhone: (978) 546-3803 Granite Island GroupFax: (978) 546-9467 127 Eastern Avenue #291http://www.tscm.com/ Gloucester, MA 01931-8008mailto:jmatk@t... -------------------------------------------------------------------------------------------------- People sleep peaceably in their beds at night only because rough men stand ready to do violence on their behalf. - George Orwell -------------------------------------------------------------------------------------------------- 4602 From: Matthew Paulsen Date: Mon Jan 21, 2002 7:58pm Subject: RE: The cat walked by and broke wind... hehe.. Reminds me of a buddy of mine that has one that goes off when you put it up to your head. Best $100 toy I've seen in years. -----Original Message----- From: James M. Atkinson [mailto:jmatk@t...] Sent: Monday, January 21, 2002 4:46 PM To: TSCM-L Mailing List Subject: [TSCM-L] The cat walked by and broke wind... Good Evening, I just had a little chat with some salesmen who called and tried to hustle me into becoming an "exclusive dealer" for some highly sophisticated counter-surveillance which I can sell in my "store" (like I have time to run a storefront). I decided to entertain the call for a few minutes, and played the "gosh, what is a bug detector" game; which cause the sales weenie to explain how sophisticated the equipment was. I asked if they made the equipment themselves, and he proudly answered in the affirmative. He kept pushing me to visit his website, which I did (I am not going to give out the link on the off chance one of our membership is foolish enough to buy the gear). He explains to me that the pricing on their website is for dealers only, and that I can markup the prices by at least 800% or more. I of course feigned getting excited about all the money that could be made selling his equipment. I let him go through his little sales script, then I started lobbing "clueless questions" about "gee, what kinds of wiretaps will it detect", then asked him to explain what they meant by series and parallel, etc. Then, I dropped a bomb on the poor guy and asked him if it would detect "high impedance wiretaps" and he walked right into it. "Oh, Sure" he tells me after consulting with someone on his end, "but you have to get our Advanced System". He then went on to tell me that the engineers on his end have spent the last 15 years designing this equipment, etc... etc... The CIA buys is, the NSA certified it, the FBI is trying to force them out of business, and so on. I then explained that he can "insert and rotate" his little spy shop toys, that his descriptions are fraudulent, that his products are crap, and are being offered in violation of the law. Sheesh, it is really unbelievable the crap some of these people are trying to foist on the public. The sad part is that I have actually seen some of their equipment in the hands of neophytes (who paid the 800%). While it didn't detect any covert eavesdropping equipment it did blink when the cat walked by and broke wind... other then that it was a worthless paperweight. -jma -- -------------------------------------------------------------------------- ------------------------ The First, The Largest, The Most Popular, and The Most Complete TSCM, Bug Sweep, Spy Hunting, and Counterintelligence Site on the Internet. -------------------------------------------------------------------------- ------------------------ James M. Atkinson Phone: (978) 546-3803 Granite Island Group Fax: (978) 546-9467 127 Eastern Avenue #291 http://www.tscm.com/ Gloucester, MA 01931-8008 mailto:jmatk@t... -------------------------------------------------------------------------- ------------------------ People sleep peaceably in their beds at night only because rough men stand ready to do violence on their behalf. - George Orwell ------------------------------------------------------------------------ -------------------------- Yahoo! Groups Sponsor ADVERTISEMENT ======================================================== TSCM-L Technical Security Mailing List "In a multitude of counselors there is strength" To subscribe to the TSCM-L mailing list visit: http://www.yahoogroups.com/community/TSCM-L It is by caffeine alone I set my mind in motion. It is by the juice of Star Bucks that thoughts acquire speed, the hands acquire shaking, the shaking is a warning. It is by caffeine alone I set my mind in motion. =================================================== TSKS Your use of Yahoo! Groups is subject to the Yahoo! Terms of Service. [Non-text portions of this message have been removed] 4603 From: Aimee Farr Date: Mon Jan 21, 2002 9:40pm Subject: RE: The cat walked by and broke wind... I bet Jim makes for colorful testimony. Deceptive advertising and deceptive trade practice seem to run rampant in your industry on all sides. In many states, the deceptive trade practice statutes might offer assistance (goods and services), but only if people are knowledgeable enough to seek relief through counsel, and view it as worth the trouble. You've also got AGs and the FTC (federal deceptive trade practices and deceptive advertising). Lobbying for special provisions might offer extra bite. The Texas deceptive trade practice statute has special provisions for secondhand watches, kosher foods and Indian artifacts. (One would think that if the 'secondhand watch people' can get legislation....) Because of the unique natures of the goods and services in this area, I think it warrants a special deceptive trade practice provision, or a separate statute. Elected officials see a personal stake in many of these issues, they might be more receptive than you think. ~Aimee 4604 From: A Grudko Date: Tue Jan 22, 2002 10:23am Subject: The cat walked by and broke wind... - Original Message - From: James M. Atkinson I have an advantage in that I was born with a cat fart detector in the middle of my face - sorry I don't know the frequency it works on or any other tech specs.. > I let him go through his little sales script, then I started lobbing > "clueless questions" about "gee, what kinds of wiretaps will it > detect", then asked him to explain what they meant by series and > parallel, etc. I had a guy working for me who could not tell wire from 4x4 timber who now offers TSCM services. > Then, I dropped a bomb on the poor guy and asked him if it would > detect "high impedance wiretaps" and he walked right into it. "Oh, > Sure" he tells me after consulting with someone on his end, "but you > have to get our Advanced System". 60M ohm, 0.1 pf parallel, invisible to all but the best. > He then went on to tell me that the engineers on his end have spent > the last 15 years designing this equipment, etc... etc... The CIA > buys is, the NSA certified it, the FBI is trying to force them out of > business, and so on. Yada yada.... > > I then explained that he can "insert and rotate" his little spy shop > toys, that his descriptions are fraudulent, that his products are > crap Such mild language jma? Perhaps buy some under bcontroled conditons do a media exposure. Andy Grudko D.P.M., Grad I.S, (S.A.) - Grudko Associates - www.grudko.com , Est. 1981 International business intelligence and investigations - ICQ 146498943 Johannesburg (+27 11) 465 9673 - 465 1487 (Fax), Pretoria (+27 12) 244 0255 - 244 0256 (Fax) SACI, WAD, CALI, SAMLF, UKPIN, AFIO (OS), IWWA, PRETrust, AmChamCom When you need it done right - first time 4605 From: Shawn Hughes Date: Tue Jan 22, 2002 11:32pm Subject: computer question I'm sitting here watching a show on cable ( I know). They are discussing the encroachment of surveillance by the gov against citizens. One detail they gave was on the Ames case. They stated that the FBI was remotely powering on Ames home computer, then subsequently removed data from, and powered it back down via the residential power lines. I am a little skeptical, unless they put a black box inside his pc. For instance, what kept ALL pc's on that transformer circuit from waking up? But, I am low on the knowledge base totem pole. What say ye, experts? Thanks! Shawn 4606 From: Matthew Paulsen Date: Wed Jan 23, 2002 3:16am Subject: RE: computer question The Ames case goes back to February, 1994 with Aldrich Ames, a counterintelligence officer with the CIA. In February, 1997 Ames plead guilt to committing espionage for Russia. From what I've been exposed to, various government and private groups have been developing alternative measure to pass information through alternate methods such as power lines and water, such as IC/SS PLC/SS circuits. IE:Intel, Itron, National Semi, Rockwell, Motorola, Cyplex, Daewoo, Now defunct Enron (and subsidiaries and subcontractors), etc. Power line theory for transmission of information for intercommunication between generating stations, substations and control rooms holds that this sort of espionage is feasible at lower levels down to the receiving devices - such as remote espionage of consumer television sets, etc. Further, this could be used for non-compliant networks which are operating antiquated systems - C64, Altos, TSR 80's, etc. Remote power switches are available commerically, so it is conceivable that one was used, but it would have to be planted and integrated into a LAN/WAN connection or remote dialup/LAN connection to work, or chips / circuits (ie: a board is installed in the PC, station, remote manager, etc). Baud rates vary depending on who you talk to as well as data transmission distances - I've seen 300bps to 1gb/s at distances of a few hundred yards to worldwide, and phy being water, fiber, cable, PL, etc. Outside this range, there are microchip capable devices that are available with no power supply source that are attachable, injected, injested, that can be worn, carried, etc, but this would not provide the scope of services that you are describing, and they are only for intermittent use, but are capable of being interfaced via RF and then to LAN/WAN for public transmission through PPTP / HTTP, etc over IP, IPX, whatever, for global communication. I've worked on some systems that have provided PL monitoring from centralize base stations for power utilities for automated billing and other services - downtimes, line failures, etc, which can be automated to interoperate with MRP/ERP systems and other systems, so it's not a hard feat to take that integration and migrate it from consumer/commerical applications to industrial and government espionage services. Minature digital transceivers based on these technologies are under development, and in use by some organizations, federal and otherwise. Normally though, it's easier to plant a trojan to access the system and manage remote booting, kslogging, etc, microphones, and any cameras if present. Guess it comes down to... It's easier, cheaper, and more reliable - "engineers viewpoint - It's not broken, so lets add more to it, vs 'normal' person viewpoint - it's not broken, so don't fix it" being a reasonable assumption. But, in the world of unlimited budgets without justification for expenses... who knows. Probably not much of an answer, but it's a start. If anyone else has other information, I'd be happy to find out what others have used/seen beyond what I have. -----Original Message----- From: Shawn Hughes [mailto:srh@e...] Sent: Tuesday, January 22, 2002 9:32 PM To: TSCM-L@yahoogroups.com Subject: [TSCM-L] computer question I'm sitting here watching a show on cable ( I know). They are discussing the encroachment of surveillance by the gov against citizens. One detail they gave was on the Ames case. They stated that the FBI was remotely powering on Ames home computer, then subsequently removed data from, and powered it back down via the residential power lines. I am a little skeptical, unless they put a black box inside his pc. For instance, what kept ALL pc's on that transformer circuit from waking up? But, I am low on the knowledge base totem pole. What say ye, experts? Thanks! Shawn Yahoo! Groups Sponsor ADVERTISEMENT ======================================================== TSCM-L Technical Security Mailing List "In a multitude of counselors there is strength" To subscribe to the TSCM-L mailing list visit: http://www.yahoogroups.com/community/TSCM-L It is by caffeine alone I set my mind in motion. It is by the juice of Star Bucks that thoughts acquire speed, the hands acquire shaking, the shaking is a warning. It is by caffeine alone I set my mind in motion. =================================================== TSKS Your use of Yahoo! Groups is subject to the Yahoo! Terms of Service. [Non-text portions of this message have been removed] 4607 From: Michael Puchol Date: Wed Jan 23, 2002 4:57am Subject: Re: computer question Matthew, You are right - the technology is there. A friend of mine has a patent for implementing an automated electricity meter reading system (by tapping into the integrator), which sends the consumption totals every so often to the nearest substation, which in turn forwards it to the billing computer, all done via your standard power lines. There are kits available that provide a standard LAN interface to computers, but that use your home's electrical wiring to send the data between these 'access points'. So, I presume it would be easy to implement such a concept. The way I'd do it, I would insert a custom PCB inside the power supply of the target computer, connected to the PC's wake-on-LAN port (most computers provide this function, or at least a wake-on-ring from a modem). That way, I could send a message to my 'bug' to turn on or off the computer at will, as it would also control the power supply. Getting it to send data afterwards is a different matter, but there are ways around that too. I guess your custom PCB could tap into the keyboard port, and send you the keystrokes logged. In any case, sufficient time and physical access to the target computer are needed, and certainly these functions are not built-in into any computer I know of. All the best, Mike ----- Original Message ----- From: "Matthew Paulsen" To: Sent: Wednesday, January 23, 2002 10:16 AM Subject: RE: [TSCM-L] computer question > The Ames case goes back to February, 1994 with Aldrich Ames, a > counterintelligence officer with the CIA. In February, 1997 Ames plead guilt > to committing espionage for Russia. From what I've been exposed to, various > government and private groups have been developing alternative measure to > pass information through alternate methods such as power lines and water, > such as IC/SS PLC/SS circuits. IE:Intel, Itron, National Semi, Rockwell, > Motorola, Cyplex, Daewoo, Now defunct Enron (and subsidiaries and 4608 From: Matthew Paulsen Date: Wed Jan 23, 2002 0:29pm Subject: RE: computer question I totally forgot about WOL and other techs. I worked at Intel to help develop portions of the technology in 1995/96. The network adapter is fed constant power through a secondary interface from the power supply in the system - the power supply maintains current to the NIC when the rest of the system is turned off. Another system we had at Intel was codenamed hammerhead, now part of LANDesk, that allowed you to access systems through WOL and rebuild the entire system from scratch. These two systems together were designed to allow large corporations to hire untrained techs to roll out tens of thousands of systems on a LAN, or to allow the end user to install their system and have centralized IT blast the image down over the wire - simply plug in the system into the lan, setup kb/mouse, power cord, etc, and we'll turn it on via a WOL wakeup token, rebuild it to corporate standard and reboot it and leave it at a login prompt, all remotely. HP & Compaq & others have integrated remote management adapters for their servers. -----Original Message----- From: Michael Puchol [mailto:mpuchol@s...] Sent: Wednesday, January 23, 2002 2:57 AM To: TSCM-L@yahoogroups.com Subject: Re: [TSCM-L] computer question Matthew, You are right - the technology is there. A friend of mine has a patent for implementing an automated electricity meter reading system (by tapping into the integrator), which sends the consumption totals every so often to the nearest substation, which in turn forwards it to the billing computer, all done via your standard power lines. There are kits available that provide a standard LAN interface to computers, but that use your home's electrical wiring to send the data between these 'access points'. So, I presume it would be easy to implement such a concept. The way I'd do it, I would insert a custom PCB inside the power supply of the target computer, connected to the PC's wake-on-LAN port (most computers provide this function, or at least a wake-on-ring from a modem). That way, I could send a message to my 'bug' to turn on or off the computer at will, as it would also control the power supply. Getting it to send data afterwards is a different matter, but there are ways around that too. I guess your custom PCB could tap into the keyboard port, and send you the keystrokes logged. In any case, sufficient time and physical access to the target computer are needed, and certainly these functions are not built-in into any computer I know of. All the best, Mike ----- Original Message ----- From: "Matthew Paulsen" To: Sent: Wednesday, January 23, 2002 10:16 AM Subject: RE: [TSCM-L] computer question > The Ames case goes back to February, 1994 with Aldrich Ames, a > counterintelligence officer with the CIA. In February, 1997 Ames plead guilt > to committing espionage for Russia. From what I've been exposed to, various > government and private groups have been developing alternative measure to > pass information through alternate methods such as power lines and water, > such as IC/SS PLC/SS circuits. IE:Intel, Itron, National Semi, Rockwell, > Motorola, Cyplex, Daewoo, Now defunct Enron (and subsidiaries and Yahoo! Groups Sponsor ------------------------------------------------------------------------ ======================================================== TSCM-L Technical Security Mailing List "In a multitude of counselors there is strength" To subscribe to the TSCM-L mailing list visit: http://www.yahoogroups.com/community/TSCM-L It is by caffeine alone I set my mind in motion. It is by the juice of Star Bucks that thoughts acquire speed, the hands acquire shaking, the shaking is a warning. It is by caffeine alone I set my mind in motion. =================================================== TSKS Your use of Yahoo! Groups is subject to the Yahoo! Terms of Service. [Non-text portions of this message have been removed] 4609 From: James M. Atkinson Date: Wed Jan 23, 2002 3:00pm Subject: Re: computer question - Dangling the Dongle Shawn, It's really no big mystery. Most computers have a specific key on the keyboard (or motherboard) that when pressed allows the computer to wake up and go through a boot. This function can be remotely controlled by installing a "remote boot dongle" inside the keyboard, or inside the computer so an eavesdropper can turn the computer on or off remotely. The dongle either turns the machine on/off at a preset time, waits until a certain period of non usage has occurred, or wakes up in response to a remote command. The remote activation command can come in via any variety of conductors (phone line, power line, Cable TV, LAN, etc) or though a wireless connection. Once the computer is up and booted the eavesdropper can then access the OS remotely, and depending on which software they are using they perform any number of tasks. Occasionally, you will come across such goodies on larger corporate sweeps, and most often on servers, remote machines, or problem children where the sys admin doesn't want to keep running to remote parts of the campus to tweak software. Such a system allows the sys admin to remotely wake-up or boot the machine in question and "do those things which admins do so well". Usually on the corporate sweeps the 'wake up" signal goes out though the LAN as a wake-up packet addressed to the dongle, and more recently though a 802.11 network. If the bug the FBI used on Ames utilized the power lines, then the listening post would have to be fairly close to the Ames home as you lose quite a bit of your signal at the distribution transformer. In all probability they where camped out in a home nearby and simply brought up the OS, and then issued basic DOS commands (from their end) to browse through the hard drive and suck down files. After they where done it would have been quite simple to shut the machine down. -jma PS: Ames was a putz, and didn't follow good tradecraft Technical Counterintelligence Rule #374 Agent shall always turn of his/her computer when not in immediate use, and shall remove the power cord from the wall and/or disengaged the breaker on the individual UPS when the machine will not be in use for more then two hours. In the event the agent does not have a positive 7/24 security force in place the computer will also be powered down and locked into an approved security container (such as a safe) and physically disconnected from both the telephone circuits, LAN circuits, and all other conductive or radiated paths. At 12:32 AM -0500 1/23/02, Shawn Hughes wrote: >I'm sitting here watching a show on cable ( I know). They are discussing >the encroachment of surveillance by the gov against citizens. > >One detail they gave was on the Ames case. They stated that the FBI was >remotely powering on Ames home computer, then subsequently removed data >from, and powered it back down via the residential power lines. > >I am a little skeptical, unless they put a black box inside his pc. For >instance, what kept ALL pc's on that transformer circuit from waking up? > >But, I am low on the knowledge base totem pole. What say ye, experts? > >Thanks! > >Shawn -- -------------------------------------------------------------------------------------------------- The First, The Largest, The Most Popular, and The Most Complete TSCM, Bug Sweep, Spy Hunting, and Counterintelligence Site on the Internet. -------------------------------------------------------------------------------------------------- James M. AtkinsonPhone: (978) 546-3803 Granite Island GroupFax: (978) 546-9467 127 Eastern Avenue #291http://www.tscm.com/ Gloucester, MA 01931-8008mailto:jmatk@t... -------------------------------------------------------------------------------------------------- People sleep peaceably in their beds at night only because rough men stand ready to do violence on their behalf. - George Orwell -------------------------------------------------------------------------------------------------- 4610 From: James M. Atkinson Date: Wed Jan 23, 2002 4:24pm Subject: China plane bugs Sloppy U.S. spying or untrue? http://famulus.msnbc.com/FamulusIntl/reuters01-22-174254.asp?reg=PACRIM China plane bugs Sloppy U.S. spying or untrue? WASHINGTON, Jan. 22 - Either U.S. spy agencies were incredibly sloppy by planting so many eavesdropping devices in a Chinese presidential plane that detection was almost certain, or it was not their work, U.S. intelligence experts said on Tuesday. The experts expressed skepticism that American spies had a hand in what newspaper reports said were more than two dozen bugs found inside a plane to be used by Chinese President Jiang Zemin, including in the bathroom and the headboard of the bed. On one hand, the CIA, National Security Agency and FBI have a strong national security interest in collecting intelligence on China. But on the other hand, the intelligence experts questioned whether the spy agencies would have been so slipshod to have planted more than two dozen bugs, increasing the risk of discovery, in a plane they knew would be carefully swept for just such items. Weekend reports in The Washington Post and the Financial Times, citing Chinese officials, raised the specter of American spies at work because the Boeing 767 spent close to a year in Texas being refurbished before it was sent to China last August. Official Washington from the White House to the CIA has simply declined to comment, leaving the issue murky without a firm denial. And Beijing offered a similar lack of comment, saying China had no knowledge of such an incident. The reports of possible espionage uncovered came at a delicate moment, with President George W. Bush due to visit China next month. But the methods outlined in the media raised questions for some U.S. experts. 'FAIR GAME' ''I'm skeptical,'' one intelligence expert said. ''It seems an odd way to go about it if it is true.'' The CIA, which is generally not allowed to spy on Americans, could bug equipment heading for key targets such as Iran, North Korea or China. ''It's fair game,'' a former intelligence official said on condition of anonymity. But on putting two dozen bugs into plane upholstery that could be easily detected, he said: ''It would be surprising, and increase risk of discovery.'' One version of the story circulating in Beijing, according to a New York Times report on Tuesday, suggested the bugs were placed by the Chinese Air Force, which was guarding the plane during its construction in the United States. Intelligence experts also said it would be difficult to conduct such an operation without informing the American firm. Philip O'Connor, a vice president at Dee Howard Aircraft Maintenance, said the San Antonio, Texas, firm that provided the space and security for refitting the plane had no knowledge of any listening devices planted. ''We were surprised because there is no way we would jeopardize this company,'' he told Reuters in a telephone interview. ''We've done so many heads-of-state aircraft and never had a complaint about anything like that.'' The company has worked previously on aircraft belonging to the king of Saudi Arabia, the sultan of Oman and the sultan of Brunei, among others, he said. ''There is no way that we would get involved with that. We don't build our integrity and reputation on that kind of stuff,'' O'Connor said. Asked whether the U.S. government would have had to notify the firm for such a mission, O'Connor replied: ''I don't know. I don't have a clue how that works. I don't know what these covert actions are like.'' He said the company had not heard about any bugging incident from either the Chinese or American governments. O'Connor said a six-foot (two-meter) fence had surrounded the plane while the work was going on, with a single entrance that was monitored around the clock. The company was gathering all its daily reports on who had access to the plane in the event they were needed, he said. Also, about 20 Chinese security guards monitored security over three shifts a day, seven days a week, O'Connor added. Copyright 2002 Reuters Limited. All rights reserved. -- -------------------------------------------------------------------------------------------------- The First, The Largest, The Most Popular, and The Most Complete TSCM, Bug Sweep, Spy Hunting, and Counterintelligence Site on the Internet. -------------------------------------------------------------------------------------------------- James M. AtkinsonPhone: (978) 546-3803 Granite Island GroupFax: (978) 546-9467 127 Eastern Avenue #291http://www.tscm.com/ Gloucester, MA 01931-8008mailto:jmatk@t... -------------------------------------------------------------------------------------------------- People sleep peaceably in their beds at night only because rough men stand ready to do violence on their behalf. - George Orwell -------------------------------------------------------------------------------------------------- 4611 From: Hawkspirit Date: Thu Jan 24, 2002 6:43am Subject: Pricey? Are these rates a bit pricey or is it just that I work a lot harder for less? Roger Tolces www.bugsweeps.com · Each average size office area , or conference room .................$ 1,275.00 · Each telephone instrument ......................................................$ ...280.00 · Each telephone trunk line .......................................................$ ...300.00 · Each telephone Main Frame Room , including PBX or KSU ..$ ...750.00 · Each intermediate Frame Room .............................................$ ...300.00 · Each outside pedestal box or overhead junction box ..............$ ...300.00 http://www.segnow.com/SWEEP%20BROUCHERE.htm 4612 From: Hawkspirit Date: Thu Jan 24, 2002 6:50am Subject: Your Gonna love this one! The Truth: For years, counter surveillance technicians have used sophisticated heavy equipment, such as Time Domain Reflectometers, Oscilloscopes, Signal Generators, Frequency Counters and even Volt Meters. All of this equipment is ACTUALLY GOOD. From being a seasoned company, we have used all of these types of equipment to find Telephone Intrusions by doing physical sweeps. But through literally years of research and time, we have come up with a practical solution to REPLACE this equipment.. It almost seems unbelievable. Most Counter Surveillance technicians even find it hard to believe until they have used our products. . http://www.antispy.com/telephone.html 4613 From: James M. Atkinson Date: Thu Jan 24, 2002 7:03am Subject: Re: Pricey? At 4:43 AM -0800 1/24/02, Hawkspirit wrote: >Are these rates a bit pricey or is it just that I work a lot harder for less? >Roger Tolces >www.bugsweeps.com > > > >· Each average size office area , or conference room >.................$ 1,275.00 >· Each telephone instrument >......................................................$ ...280.00 >· Each telephone trunk line >.......................................................$ ...300.00 >· Each telephone Main Frame Room , including PBX or KSU ..$ ...750.00 >· Each intermediate Frame Room >.............................................$ ...300.00 >· Each outside pedestal box or overhead junction box ..............$ >...300.00 > >http://www.segnow.com/SWEEP%20BROUCHERE.htm Personally, I think the way they have their pricing broken down is unrealistic. You can't charge "by the room" unless you know how big the rooms are, and how they are appointed. For example, is it a storage room? a conference room? an executive office? or a computer room... each takes a drastically varying amount of time for a sweep. I was quite tickled to see that they are charging almost nothing for private planes, but 400 dollars for at least 4 days of work doesn't seem like much. Oh well, if their client are paying it, and their are getting a fair service, then I guess they can pretty much charge whatever they like. I have my own estimate worksheet at: http://www.tscm.com/estimate.html My terms and conditions can be found at: http://www.tscm.com/howcost.html -jma -- -------------------------------------------------------------------------------------------------- The First, The Largest, The Most Popular, and The Most Complete TSCM, Bug Sweep, Spy Hunting, and Counterintelligence Site on the Internet. -------------------------------------------------------------------------------------------------- James M. AtkinsonPhone: (978) 546-3803 Granite Island GroupFax: (978) 546-9467 127 Eastern Avenue #291http://www.tscm.com/ Gloucester, MA 01931-8008mailto:jmatk@t... -------------------------------------------------------------------------------------------------- People sleep peaceably in their beds at night only because rough men stand ready to do violence on their behalf. - George Orwell -------------------------------------------------------------------------------------------------- 4614 From: James M. Atkinson Date: Thu Jan 24, 2002 7:08am Subject: Re: Your Gonna love this one! At 4:50 AM -0800 1/24/02, Hawkspirit wrote: >The Truth: >For years, counter surveillance technicians have used sophisticated heavy >equipment, such as Time Domain Reflectometers, Oscilloscopes, Signal >Generators, Frequency Counters and even Volt Meters. All of this equipment >is ACTUALLY GOOD. > From being a seasoned company, we have used all of these types of >equipment to find Telephone Intrusions by doing physical sweeps. But >through literally years of research and time, we have come up with a >practical solution to REPLACE this equipment.. It almost seems >unbelievable. Most Counter Surveillance technicians even find it hard to >believe until they have used our products. . > >http://www.antispy.com/telephone.html > The product being offered would appear to be a hoax, and they are making seriously unrealistic claims. Looks like just another spyshop toy. -jma -- -------------------------------------------------------------------------------------------------- The First, The Largest, The Most Popular, and The Most Complete TSCM, Bug Sweep, Spy Hunting, and Counterintelligence Site on the Internet. -------------------------------------------------------------------------------------------------- James M. AtkinsonPhone: (978) 546-3803 Granite Island GroupFax: (978) 546-9467 127 Eastern Avenue #291http://www.tscm.com/ Gloucester, MA 01931-8008mailto:jmatk@t... -------------------------------------------------------------------------------------------------- People sleep peaceably in their beds at night only because rough men stand ready to do violence on their behalf. - George Orwell -------------------------------------------------------------------------------------------------- 4615 From: Steve Uhrig Date: Thu Jan 24, 2002 8:08am Subject: Re: Pricey? Once upon a midnight dreary, Hawkspirit pondered, weak and weary: > Are these rates a bit pricey or is it just that I work a lot > harder for less? > http://www.segnow.com/SWEEP%20BROUCHERE.htm This is a well known spy shop and spy groupie in the Northern VA/DC area. He has no professional equipment and zero experience, and is a laughing stock. He is also a crook. I personally witnessed him deliver, in Mexico City, kit bugs and kit 'tracking transmitters' claiming them as his own top of the line stuff, for several thousand dollars. He's holding a little circuit board half the size of a pack of matches and claiming 20 mile range. I'm sitting there with a professional beacon the size of a chalkboard eraser having just told the client the range would be 1 to 2 miles at most in their environment, and my price was the same as his. He's a Jim Ross acolyte, so that should tell the story. He has never and will never do a sweep for real, let alone for the prices listed. They are purely eyewash to lend credibility to his spy shop. In no way can they be used as references. Steve ******************************************************************* Steve Uhrig, SWS Security, Maryland (USA) Mfrs of electronic surveillance equip mailto:Steve@s... website http://www.swssec.com tel +1+410-879-4035, fax +1+410-836-1190 "In God we trust, all others we monitor" ******************************************************************* 4616 From: Johnston, Richard Date: Thu Jan 24, 2002 8:08am Subject: RE: Your Gonna love this one! Just as they predicted! "It almost seems unbelievable. Most Counter Surveillance technicians even find it hard to believe until they have used our products." After you have used it please tell us about your "conversion," your immediate change of heart or (dare I say it?) your epiphany. 8>) Rico -----Original Message----- From: James M. Atkinson [mailto:jmatk@t...] Sent: Thursday, January 24, 2002 6:09 AM To: TSCM-L@yahoogroups.com Subject: Re: [TSCM-L] Your Gonna love this one! At 4:50 AM -0800 1/24/02, Hawkspirit wrote: >The Truth: >For years, counter surveillance technicians have used sophisticated heavy >equipment, such as Time Domain Reflectometers, Oscilloscopes, Signal >Generators, Frequency Counters and even Volt Meters. All of this equipment >is ACTUALLY GOOD. > From being a seasoned company, we have used all of these types of >equipment to find Telephone Intrusions by doing physical sweeps. But >through literally years of research and time, we have come up with a >practical solution to REPLACE this equipment.. It almost seems >unbelievable. Most Counter Surveillance technicians even find it hard to >believe until they have used our products. . > > http://www.antispy.com/telephone.html > The product being offered would appear to be a hoax, and they are making seriously unrealistic claims. Looks like just another spyshop toy. -jma -- ---------------------------------------------------------------------------- ---------------------- The First, The Largest, The Most Popular, and The Most Complete TSCM, Bug Sweep, Spy Hunting, and Counterintelligence Site on the Internet. ---------------------------------------------------------------------------- ---------------------- James M. Atkinson Phone: (978) 546-3803 Granite Island Group Fax: (978) 546-9467 127 Eastern Avenue #291 http://www.tscm.com/ Gloucester, MA 01931-8008 mailto:jmatk@t... ---------------------------------------------------------------------------- ---------------------- People sleep peaceably in their beds at night only because rough men stand ready to do violence on their behalf. - George Orwell ---------------------------------------------------------------------------- ---------------------- Yahoo! Groups Sponsor [] _____ ======================================================== TSCM-L Technical Security Mailing List "In a multitude of counselors there is strength" To subscribe to the TSCM-L mailing list visit: http://www.yahoogroups.com/community/TSCM-L It is by caffeine alone I set my mind in motion. It is by the juice of Star Bucks that thoughts acquire speed, the hands acquire shaking, the shaking is a warning. It is by caffeine alone I set my mind in motion. =================================================== TSKS Your use of Yahoo! Groups is subject to the Yahoo! Terms of Service . [Non-text portions of this message have been removed] 4617 From: Date: Thu Jan 24, 2002 3:59am Subject: Re: Pricey? In a message dated 1/24/02 4:47:21 AM Pacific Standard Time, hawkspirit@e... writes: << Are these rates a bit pricey or is it just that I work a lot harder for less? >> A visit to his web site was revealing. It appears that he copied a copyrighted sweep estimate form from one of the oldest and established TSCM practitioners. It does appear that he's using top of the line equipment from one of the oldest established TSCM equipment manufacturers. Perhaps a visit to the state licensing board for a perusal of his application is the next step. M. 4618 From: James M. Atkinson Date: Thu Jan 24, 2002 8:48am Subject: Farmer Joe Farmer Joe decided his injuries from his recent accident were serious enough to take the trucking company responsible for the accident to court. In court, the trucking company's fancy lawyer was questioning farmer Joe. "Didn't you say, at the scene of the accident, that you were fine?" ''Well, I'll tell you what happened. I had just loaded my favorite mule Bessie into the--" ''I didn't ask for any details,'' the lawyer interrupted. ''Just answer the question. Did you not say, at the scene of the accident, that you were fine?" ''Well I had just got Bessie into the trailer and was driving down the road--'' ''Judge, I am trying to establish the fact that, at the scene of the accident, this man told the Highway Patrolman on the scene that he was just fine. Now several weeks after the accident he is trying to sue my client. I believe he is a fraud. Please tell him to simply answer the question.'' By this time the Judge was fairly interested in Farmer Joe's answer and told the lawyer so. ''Well," said the farmer, "as I was saying, I had just loaded Bessie, my favorite mule, into the trailer and was driving her down the highway when this huge semi-truck and trailer ran the stop sign and smacked my truck right in the side. I was thrown into one ditch and Bessie was thrown into the other. I was hurting real bad and didn't want to move. However, I could hear ol' Bessie moaning and groaning. I knew she was in terrible shape just by her groans. Shortly after the accident a Highway Patrolman came on the scene. He could hear Bessie moaning and groaning so he went over to her. After he looked at her he took out his gun and shot her between the eyes. Then the Patrolman came across the road with his gun in his hand and looked at me. He said, 'Your mule was in such bad shape I had to shoot her. How are you feeling?'" -- -------------------------------------------------------------------------------------------------- The First, The Largest, The Most Popular, and The Most Complete TSCM, Bug Sweep, Spy Hunting, and Counterintelligence Site on the Internet. -------------------------------------------------------------------------------------------------- James M. AtkinsonPhone: (978) 546-3803 Granite Island GroupFax: (978) 546-9467 127 Eastern Avenue #291http://www.tscm.com/ Gloucester, MA 01931-8008mailto:jmatk@t... -------------------------------------------------------------------------------------------------- People sleep peaceably in their beds at night only because rough men stand ready to do violence on their behalf. - George Orwell -------------------------------------------------------------------------------------------------- 4619 From: David Alexander Date: Thu Jan 24, 2002 10:47am Subject: re: computer question This is my area of expertise. I'm a computer security/Information Warfare geek, not a 'bug-hunter' (no offence intended or implied). I'll give you the short answer: Yes, there is a system that allows LAN awakening and control of a PC. This system normally depends on a special cable from the Network card to a connector on the motherboard that awakens the PC. Any self-respecting company removes this cable to disable the facility as the very first thing they do when the PC arrives as it is a massive security hole and should never, ever be allowed to be active. Half of me wants to say that any company that does not deserves everything they get, but that is counter to the philosophy of this group. If your outfit has these cables in place, get them removed ASAP, they are a hackers dream. On Windows 2000 and Windows XP (TM acknowledged) there is another way of taking over a PC through the Netmeeting utility. Great for remote support and software installations. The remote install function via network wake-up is not needed due to something called Remote Install Server. I won't bore you with the details here. If anyone has more questions I'd be happy to take them offline direct to my e-mail address unless JMA thinks the info is of interest to all (your call) regards _____________________________ David Alexander M.INSTIS Global Client-Server, Communications & Infrastructure Director Bookham Technology plc Tel: +44 (0) 1235 837823 Mobile: +44 (0) 7799 881284 Fax: +44 (0) 1235 837201 http://www.bookham.com ======================================================================= This e-mail is intended for the person it is addressed to only. The information contained in it may be confidential and/or protected by law. If you are not the intended recipient of this message, you must not make any use of this information, or copy or show it to any person. Please contact us immediately to tell us that you have received this e-mail, and return the original to us. Any use, forwarding, printing or copying of this message is strictly prohibited. No part of this message can be considered a request for goods or services. ======================================================================= Any questions about Bookham's E-Mail service should be directed to postmaster@b.... 4620 From: David Alexander Date: Thu Jan 24, 2002 10:52am Subject: computer question parts 2 There is a much simpler way that Ames could have been monitored - TEMPEST emissions In case some of you are unaware, with a decent yagi and some software you can see what someone's' PC is doing real-time while they are doing it. Fibre-glass bodied van with aerial inside and you can sit some distance away and see what's happening without entering premises and leaving a bug to be found or anything to recover afterwards. Any surveillance team could do this...if they are not putz's (with acknowledgement to the previous poster) _____________________________ David Alexander M.INSTIS Global Client-Server, Communications & Infrastructure Director Bookham Technology plc Tel: +44 (0) 1235 837823 Mobile: +44 (0) 7799 881284 Fax: +44 (0) 1235 837201 http://www.bookham.com ======================================================================= This e-mail is intended for the person it is addressed to only. The information contained in it may be confidential and/or protected by law. If you are not the intended recipient of this message, you must not make any use of this information, or copy or show it to any person. Please contact us immediately to tell us that you have received this e-mail, and return the original to us. Any use, forwarding, printing or copying of this message is strictly prohibited. No part of this message can be considered a request for goods or services. ======================================================================= Any questions about Bookham's E-Mail service should be directed to postmaster@b.... 4621 From: Hawkspirit Date: Thu Jan 24, 2002 11:29am Subject: Jim Ross From: "Steve Uhrig" "He's a Jim Ross acolyte, so that should tell the story." Steve I never have heard your take on Jim Ross, I don't know whether you heard my rather public debate with Ross in the early 1980's about TDR when he continually insisted they were worthless for TSCM. Roger 4622 From: Steve Uhrig Date: Thu Jan 24, 2002 1:23pm Subject: Re: computer question parts 2 Once upon a midnight dreary, David Alexander pondered, weak and weary: > There is a much simpler way that Ames could have been monitored - > TEMPEST emissions > In case some of you are unaware, with a decent yagi and some > software you can see what someone's' PC is doing real-time while > they are doing it. > Fibre-glass bodied van with aerial inside and you can sit some > distance away and see what's happening without entering premises > and leaving a bug to be found or anything to recover afterwards. > Any surveillance team could do this...if they are not putz's > (with acknowledgement to the previous poster) Don't believe everything you read in the spy books. Or everything Frank Jones says either. Sorry to dump on your guru. It would be a waste of bandwidth to go into all the reasons why the above statements are ludicrous. Surveillance technology is advancing in leaps and bounds, but do you see anyone advertising or any government specifying Tempest- shielded equipment anymore? Why? Other than a staged highly controlled demo by the FBI during a security briefing almost 20 years ago, I've never seen a demo or real world application of an intercept of this sort. Maybe we're all just putzes. Steve ******************************************************************* Steve Uhrig, SWS Security, Maryland (USA) Mfrs of electronic surveillance equip mailto:Steve@s... website http://www.swssec.com tel +1+410-879-4035, fax +1+410-836-1190 "In God we trust, all others we monitor" *******************************************************************