At 8:57 AM -0700 6/12/2001, John Young wrote:
The Supreme Court's decision against thermal imaging appears
to be applicable to TEMPEST emissions from electronic devices.
And is it not a first against this most threatening vulnerability
in the digital age? And long overdue.
Remote acquisition of electronic emissions, say from outside a
home, are not currently prohibited by law as far as I know. And
the language of the thermal imaging decision makes it applicable
to any technology not commonly in use.
...
This decision(Kyllo v. US) is important and very welcome, but I am
not sure you are right about the prior status of TEMPEST. There was
an earlier decision (Katz v. US, 1967), cited in the Kyllo decision,
that involved eavesdropping by means of an electronic listening
device placed on the outside of a phone booth. The court held back
then that doing this without a warrant violated the Fourth Amendment.
I can't see how this would fail to apply to TEMPEST.
TEMPEST is not shut down by any means. This decision applies to homes
and places where there is an reasonable expectation of privacy (like
a phone booth). The status of computers in offices, cars, and public
places is less clear. Your data stored on someone else's computer
outside you home is apparently not protected (they got Kyllo's
electric bills legally without a warrant). In any event, the NSA can
still use TEMPEST against foreign nationals and overseas, the FBI can
use it against US nationals with a warrant, and the government can,
de facto, use it secretly, as many people believe they now use
wiretapping, to develop information that leads to other evidence that
is admissible.
The other interesting thing about Kyllo is that the Court clearly
needed the help of a good physicist. If you read the oral arguments,
http://www.supremecourtus.gov/oral_arguments/argument_transcripts/99-8
508.pdf you'll see that no one in the court had a basic understanding
of the science. The case involved a bust for growing marijuana. The
police had obtained Kyllo's electric bills (no warrant required) and
found he used a lot of power. Since power usage varies a lot among
houses, this was not considered sufficient to get a search warrant.
They then used the thermal imager. The government claimed they only
used the imager to verify that a lot of heat was being produced in
the house. No one pointed out that, except for highly unlikely
circumstances (e.g. someone running a lighthouse or charging a LOT of
batteries in the basement), essentially all the electricity consumed
by a house is converted to heat. Discovering that the house radiated
a lot of heat added no new information to what the utility bills
said. The defense claimed it was the presence of specific hot spots
in the image that made the warrant issuable and that these revealed
what was happening inside the house.
There is also some physically unrealistic stuff in the dissenting
opinion. Justice Stevens suggests that the rare homeowner who wishes
to engage in uncommon activities that produce a large amount of heat
[can] make sure that the surrounding area is well insulated. Unless
the homeowner is planning to set her house on fire, that won't work.
The heat has to escape somewhere. A system that spread the heat so
evenly that a thermal imager couldn't detect the source is far beyond
the abilities of a homeowner to construct.
This is a great science and law case.
Arnold Reinhold
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
