Log in ....Tribune--Feature article

Monday, March 11, 2002		Article

Eavesdropping on computer data through LEDs
Elinor Mills Abreu

BY monitoring the flashes of LED lights on electronics equipment and the indirect glow from monitors, scientists in the USA and the UK have discovered ways to remotely eavesdrop on computer data.

Optical signals from the little flashing LED (light-emitting diode) lights, usually red and dotting everything from modems to keyboards and routers, can be captured with a telescope and processed to reveal all the data passing through the device, Joe Loughry, a computer programmer at Lockheed Martin Space Systems in Denver, told Reuters on Wednesday.

"It requires little apparatus, can be done at a considerable distance, and is completely undetectable," he writes in his paper, "Information Leakage from Optical Emanations." "In effect, LED indicators act as little free-space optical data transmitters, like fiber optics but without the fiber."

Not every LED-enabled device is at risk, though. Affected is equipment used in low-speed, long-distance networks typically found in proprietary networks, such as ATM (automated teller machines) at banks, as opposed to corporate local area networks or home Internet connections, Loughry said.

He said he was able to collect a strong optical signal from about 22 yards (20 meters), using optical sensor equipment.

"It is interesting to walk around downtown at night in a large city and look up at the glass windows and you see a lot of computers," Loughry said. "I've seen racks of equipment with LEDs on them visible from the street. That's kind of what got me to pursue this."

Loughry began his research on LEDs in 1994 when he was a graduate student at Seattle University. Asked how computer researchers could have overlooked for so long something that literally stares them in the face, he said: "I guess nobody ever looked at it before.

"I was working very late one night and waiting for a long file transfer to complete and I was just staring at these lights on the front of the modem and started to wonder if there was anything there," said Loughry.

The solutions are easy -- locate equipment away from windows, put black tape over LEDs or de-activate them when not in use. Equipment manufacturers also can modify the devices.

The paper is scheduled to be published later this year in the scientific journal for the Association for Computing Machinery, called "ACM Transaction on Information and System Security."

His co-author is his former professor, David Umphress, now a software engineering professor at Alabama's Auburn University.