
Learning from the Enemy: The Gunman Project (2007) [pdf] - grouchysmurf
https://www.nsa.gov/public_info/_files/cryptologic_histories/learning_from_the_enemy.pdf
======
unbehagen
"As a totalitarian society, the Soviet Union valued eavesdropping and thus
developed ingenious methods to accomplish it." (page 2)

~~~
phkahler
I stopped reading, copied the exact same text to post as a comment and see
it's already at the top...

~~~
biot
Just think: if everybody posted article snippets with no commentary, we could
crowdsource the entire article being redundantly posted piecemeal to HN and
nobody would need to click through to the article at all.

------
jpatokal
The article mentions the listening bug in the Great Seal in a side note, but
it's arguably an even better hack:

[https://en.wikipedia.org/wiki/The_Thing_%28listening_device%...](https://en.wikipedia.org/wiki/The_Thing_%28listening_device%29)

~~~
acqq
I was glad to learn that "The Thing" was apparently designed by Léon Theremin
who invented in 1928 (!) the famous "electronic musical instrument controlled
without physical contact by the performer."

[https://en.wikipedia.org/wiki/Theremin](https://en.wikipedia.org/wiki/Theremin)

~~~
varjag
He invented it earlier than that, as he personally demoed it to Lenin (who
died in 1924).

------
adriancooney
"Keeping track of all the various software was hard enough, but keeping track
of all of the variations [in the software] was a nightmare."

Sounds all too familiar.

------
huhtenberg
The "How it worked" part is in "Implant Characteristics" section, Page 16 of
the PDF and forward.

~~~
logfromblammo
For those too paranoid to open a .PDF from the NSA, several solid parts in the
typewriter were replaced by solid-looking parts with embedded circuits and
altered magnetic characteristics.

These circuits magnetically detected the motion of the arms that carried and
moved the character ball. So non-printing keystrokes, like space, tab, and
backspace, and the character that did not rotate the ball, '-', were not
detectable. The circuits had a tiny buffer, so would transmit the detected
characters as they were being typed. Early models used batteries. Later bugs
diverted some of the AC mains power from the typewriter.

It is likely that a relay antenna was employed to increase the detection range
of the transmitted signals, which used the same frequencies as local
television broadcasts.

That's really about it. The bugs were largely undetectable without x-raying
every single part in the typewriter, which is how they were eventually found.

------
wglb
Ah, when your adversary knows more about your stuff than you do.

------
JupiterMoon
Is there anyone else reluctant to open a pdf from the NSA?

~~~
cstross
(a) It's from their museum facility (if you ever get the chance to visit the
National Cryptologic Museum in Maryland _TAKE IT TAKE IT TAKE IT_ )[1], not
the NSA itself.

(b) It's a scan of a 30-year-old report on a completed project, redacted
heavily. Nothing more.

(c) If they want your inside leg measurement they've got better ways to find
it without feeding you a PDF they overtly created.

[1] Where else will you find a teaching exhibit for visiting schoolkids that
lets them cypher a message on a no-shit four rotor WW2 German Enigma machine,
hand it to a friend, and watch them decrypt it on another Engima machine at
the other side of the room? (Hint: valuable museum pieces.) Also, working (or
at least blinkenlights powered up) exhibits like a CM1 Connection Machine and
a Cray X-MP, and a history of their amazing linguistics branch[2] ...

[2] Who have the world's largest collection of bible translations. Want to
know why? It's worth your while to pay them a visit.

~~~
JupiterMoon
In response:

(a) I wish I could but I doubt I ever will. I've heard so much bad stuff about
US border guards being annoying and transiting through the US being slow and
painful that I won't even use a US hub anymore.

(b) Cool I guess I can't know if this is true without opening it though? This
is partly the fault of the pdf spec itself. Maybe a more transparent document
format would help (does that even exist)?.

(c) I suspect that they already have them.

Furthermore. I actually really want to read it. I'd really like to trust the
NSA. However, their record is not good on being trustworthy.

~~~
leni536
How is PDF not as transparent as any other open binary format (though PDF is
more like mixed)?

Edit:

> Maybe a more transparent document format would help (does not even exist).

I don't know if more transparent, but djvu exists for scanned documents.
Postscript also exists but I would doubt that it's safer than PDF.

~~~
JupiterMoon
I am aware that the pdf specific is open. However pdf does a lot of things and
is somewhat complex. I argue more than is needed for transmitting documents.
Can you personally verify that a given pdf does nothing malicious?

~~~
leni536
Can you personally verify that a given jpeg does nothing malicious? Same
thing, you trust (or not) your reader and its parser and hope it doesn't have
any remote code execution vulnerability. Or you stop reading PDF files and
stop viewing images.

~~~
JupiterMoon
Nope I can't. In reality how many exploits have actually been contained in
jpegs vs pdf though?

~~~
leni536
That's an other question. Parsers of multimedia formats often have nasty
vulnerabilities though. The most vulnerable part of PDF readers is the
handling of embedded javascript. It can be easily evaded by using a viewer
that doesn't implement the javascript functionalities of PDF, most files don't
use it anyway.

------
tempodox
The dates associated with this document seem confusing and contradictory. I
can only assume that's intentional.

I'll also not be surprised if it makes my computer self-destruct via
spontaneous self-combustion after reading.

