Reprinted from - Sources eJournal

Nowhere to run...Nowhere to hide...
The vulnerability of CRT's, CPU's and peripherals
to TEMPEST monitoring in the real world..

Copyright 1996, All Rights Reserved
Frank Jones CEO


George Orwell wrote the classic "1984" in 1949. He depicted a world in which the government controlled it's citizens and a world devoid of privacy. Many of the things Orwell wrote almost fifty years ago have come to pass.

Surveillance technology has progressed to the point that is possible to identify individuals walking city streets from satellites in orbit. Telephone, fax and e-mail communications can routinely be monitored. Personal information files are kept on citizens from cradle to grave. There is nowhere to run...nowhere to hide...

The advent of the personal computer has revolutionized the way we do business, keep records, communicate and entertain ourselves. Computers have taken the place of typewriters, telephones, fax and telex machines.

The Internet has opened up a new world of high speed and inexpensive communications. How secure and private is it? There are many encryption programs and hardware devices available for security purposes but what about the computer terminal itself? How safe is it? What are it's vulnerabilities? Hackers have been known to cause mischief from time to time...Is it possible for an adversary to snoop on your private data? Can Big Brother?

Suppose it was possible to aim a device or an antenna at your apartment or home from across the street or down the block. Suppose you were working on a confidential business project on your PC. Suppose that device down the block could read what you were typing and viewing on the CRT? Feeling uncomfortable? Suppose that device could monitor everything you do on your computer by collecting electromagnetic radiation emitted from your computer's CRT, CPU and/or peripheral equipment, reconstruct those emissions into coherent receivable signals and store them for later review? Feeling faint? Good. The technology exists...and it has for some time....

You don't have to worry about a "middle of the night" break-in by some clandestine government black-bag team to plant a bug. They never have to enter your home or office. Seedy looking private investigators or the information warrior won't be found tampering with your telephone lines in the basement's not necessary...all they have to do is point an antenna...safely, from a distance away...and collect your private data...

This surveillance technique has become known as TEMPEST monitoring. TEMPEST stands for Transient Electromagnetic Pulse Standard. It is the standard by which the government measures electromagnetic computer emissions and details what is safe (allowed to leak) from monitoring. The standards are detailed in NACSIM 5100A, a document which has been classified by the National Security Agency. Devices which conform to this standard are called TEMPEST certified.

In 1985, a Dutch scientist Wim van Eck published a paper which was written about in the prestigious "Computers & Security" journal, "Electromagnetic Radiation from Video Display Units: An Eavesdropping Risk?" Vol 4 (4) pp 269-286. The paper caused a panic in certain government circles and was immediately classified as is just about all TEMPEST information.

Wim van Eck's work proved that Video Display Units (CRT's) emitted electromagnetic radiation similar to radio waves and that they could be intercepted, reconstructed and viewed from a remote location. This of course compromises security of data being worked on and viewed by the computer's user. Over the years TEMPEST monitoring has also been called van Eck monitoring or van Eck eavesdropping.

In 1990, Professor Erhard Moller of Acchen University in Germany published a paper, "Protective Measures Against Compromising Electromagnetic Radiation Emitted by Video Display Terminals". Moller's paper which updated in detail van Ecks's work also caused a furor.

The government's policy of TEMPEST secrecy has created a double edged sword. By classifying TEMPEST standards, they inhibit private citizens and industry by failing to provide the means of adequately shielding PC's and/or computer facilities. There is an old saying, "You can't drive a nail without the hammer". If concerned personnel don't know the minimum standards for can they shield and protect? Shielding does exist which can prevent individuals and companies from being victims to TEMPEST monitoring. But without knowing the amount of shielding necessary...

Perhaps this is the way the government wants it... My work has focused on constructing a countermeasures device to collect and reconstruct electromagnetic emissions from CRT's, CPU's and peripherals to diagnose emission levels and give security personnel a hands-on tool with which they can safeguard their computer data.

In testing my countermeasures device I concentrated on interception and reconstruction of the three types of emitted electromagnetic radiation written about in van Eck and Moller's work.

Electromagnetic radiation emitted from CRT's - similar to radio waves 2. Shell waves on the surface of connections and cables 3. Compromising radiation conducted through the power line.

I found my greatest success (distance & quality) was in the collection of emitted radiation from the CRT although we were equally successful in our other experiments. In our opinion the greatest danger of TEMPEST monitoring comes from off premises and we decided early on to concentrate in this area. A workable countermeasures tool would give security personnel a handle on distance from which compromising electromagnetic radiation could be collected. Hopefully full countermeasures would then be implemented.

This also is a double edged sword. The device I built albeit a countermeasures tool...can be used as an offensive TEMPEST monitoring device. My concerns however are that if such a device is not made available to the private sector...then the private sector is at the mercy of the information warrior


TEMPEST monitoring is passive. It cannot be detected. The computer emits compromising radiation which can be reconstructed from a remote location. There is no need to ever come near the target. No reason ever to go back to change a faulty bug like the Watergate burglars...It can be performed from an office or a vehicle with no chance of discovery. The premise is very simple.

All electronic devices emit some low level electromagnetic radiation. Whenever an electric current changes in voltage level it generates electromagnetic pulses that radiate invisible radio waves. Similar to the ripples caused by dropping a small rock into a quite pool of water. These electromagnetic radio waves can carry a great distance.

Computer monitors like televisions contain an electron gun in the back of the picture tube which transmits a beam of electrons (electric current). When the electrons strike the screen they cause the pixels to fluoresce. This beam scans across the screen from top to bottom very rapidly in a repetitive manner, line by line, flashing on and off, making the screen light and dark, creating the viewed image. These changes in the high voltage system of the monitor, generate the incoherent signal that TEMPEST monitoring equipment receive, reconstruct and view.

We have found that most monitors emit signals in the 2 to 20 Mhz range although harmonics are fairly strong and can be intercepted. Radiated harmonics of the video signal bear a remarkable resemblance to broadcast TV signals although various forms of sync must be restored.

Associated unshielded cabling can act as an antenna and increase interception range. Emissions can be conducted down power cables and supplies. Computers attached to unshielded telephone lines are easy prey as the telephone line acts as an excellent antenna. Printers and their cables are not immune either. The average computer setup in the home or office could be compared to a base station transmitting it's signals all over the neighborhood.

Put quite simply, it is easy for someone with basic electronics knowledge to eavesdrop on you, while you are using a computer. They might not be able to steal everything from the hard disk but they can view anything you do....see anything you see...


A good commercial wide band radio receiver preferably designed for surveillance (requires a little modification) with spectrum display. Sensitivity and selectivity are paramount. Not all receivers will do the job adequately