Month: April 2008

Declassified NSA Document Which Reveals the Story Behind the Discovery of TEMPEST

The NSA recently declassified a document which revels the story behind how the United States first discovered the security threat of TEMPEST. TEMPEST is defined in Wikipedia as:

TEMPEST is a codename referring to investigations and studies of compromising emanations (CE). Compromising emanations are defined as unintentional intelligence-bearing signals which, if intercepted and analyzed, disclose the information transmitted, received, handled, or otherwise processed by any information-processing equipment.

The concept of TEMPEST is fairly simple. Basically every electronic device emits an electrical transmission while in use. These electrical transmissions are similar to radio waves in that you can build something that can receive and process these transmissions like how a car radio receives a radio station’s broadcast. Every electronic device due to the way the electronic components are laid out in the device emit unique signals. So if you can find a similar electornic device you could map out what signal a device emits for any action performed on that device. For example, say when you press the “W” key on your keyboard it sends a signal through your keyboard wire to your computer and this signal has a frequency of 1Hz. Then when you press the “Y” key on your keyboard the signal sent though the keyboard wire is 2Hz.  Then someone in theory who already knows that the particular model of keyboard that you are using has this signal behavior could stand somewhere near your desk and determine what you are typing on your keyboard based on the electrical signals traveling through the air which are being emitted from the wire going from your keyboard to your computer. Now these electrical signals being given off by devices are usually VERY weak and a person would have to be standing very close to receive and decode them so you are relatively safe in this regard but it is something to consider if you are processing extremely sensitive information. Supposivly there are techniques to pull these electrical signals from power lines since in theory if your computer is plugged into the power outlet in your wall then the electrical signals from your computer are being leaked into the power line.

Here is a direct link to the NSA TEMPEST document: http://www.nsa.gov/public/pdf/tempest.pdf

A copy of the NSA document is also available on this web server at this link: nsa_tempest_a_signal_problem

How to Check if an Apache Module Has Been Loaded

Sometimes it is useful in the Apache configuration httpd.conf file to only apply configuration settings if a particular module has already been loaded. Or it is useful to load settings in the event an Apache module has not been loaded. Here is how to handle both cases:

<IfModule module_identifier>
  # do these Apache settings if the module has already been loaded
</IfModule>
<IfModule !module_identifier>
  # do these Apache settings if the module has NOT already been loaded
</IfModule>

Here are some examples:

<IfModule !php5_module>
  # If the PHP5 module has NOT already been loaded, load it
  LoadModule php5_module modules/libphp5.so
</IfModule>
<IfModule php5_module>
  # If the PHP5 module has already been loaded, then do these settings
  AddHandler php5-script .php
  AddType text/html .php
  DirectoryIndex index.php
</IfModule>

The module_identifier argument can be either the module identifier or the file name of the module, at the time it was compiled. For example, rewrite_module is the identifier and mod_rewrite.c is the file name. If a module consists of several source files, use the name of the file containing the string STANDARD20_MODULE_STUFF. You can read more about the <IfModule> Apache directive in the Apache documentation.

When You Will Receive Your Economic Stimulus (Tax Rebate) Checks

U.S. tax payers will be receiving economic stimulus checks a.k.a. tax rebate checks starting today. You are supposed to take this money and blow it on something like cool computer gadgets. This in theory will help bolster the U.S. economy. The money will be paid out on a schedule which will be determined by the last two digits of your social security number and whether or not you filed your 2007 tax return electronically or by paper. You must have filed your 2007 tax return by April 15th otherwise you will be paid last after everyone else that filed on time. Here is the schedule of when money will be paid out (the U.S. government recently moved up the schedule 1 week from what is listed in the schedule below):

Direct deposit payment
If last 2 digits of your SS# are: Your rebate should be sent by:
00-20 May 2
21-75 May 9
76-99 May 16
Paper check
If last 2 digits of your SS# are: Your rebate should be sent by:
00-09 May 16
10-18 May 23
19-25 May 30
26-38 June 6
39-51 June 13
52-63 June 20
64-75 June 27
76-87 July 4
88-99 July 11

Official IRS notice of the tax rebate payment schedule is available here.

“Internal Error 2739” When Trying to Install Adobe Photoshop CS3 in Windows Vista

When trying to install Adobe Creative Suite 3 ( CS3 ) you may encounter the following error message:

Internal Error 2739

This error message occurs right after you run the setup program to install CS3. The problem is that a DLL file needs to be reregistered with Vista. To fix this error perform the following steps:

1. Open a command prompt but do so with administrative privileges. See this link on how to do this.

2. If you are running Windows Vista 32-bit, then ensure the command prompt is currently in the directory “C:\Windows\System32\” which should be the default starting location when you open the command prompt. If you are running Vista 64-bit, then run the following command to get to the correct directory:

cd ..\SysWow64

3. Type the following command in the command prompt window and then press ENTER:

regsvr32 jscript.dll
  • If the problem persists, then additionally run the command :
regsvr32 vbscript.dll

4. Try running the CS3 installer again. It should now work.