Technology risk without safeguards
Alain Hebert
ahebert at pubnix.net
Thu Nov 5 16:30:26 UTC 2020
Well,
I'm just saying...
Speculating about "how to/was harm", on an open forum, is a
good way to help design "scenarios" that can be abused by bad actors.
It would be better to address it in an academia setting.
*Now* if you're looking for worker safety, surely your local
jurisdiction have a compliance body able to provide best practices to
protect the workers. I hate to bring RFC1149 again, but those high
power microwave antenna are hell on packet drops on that medium.
PS: From my experiences with 2 .com about a FPGA Based Firewall and
a FIPS-140 Encryption Network Card. And my associate ~15y in the RF
radio industry.
-----
Alain Hebert ahebert at pubnix.net
PubNIX Inc.
50 boul. St-Charles
P.O. Box 26770 Beaconsfield, Quebec H9W 6G7
Tel: 514-990-5911 http://www.pubnix.net Fax: 514-990-9443
On 11/5/20 10:22 AM, Suresh Kalkunte wrote:
> > Can you provide a case where this may
> > have happened?
> >
> As you mention, a normal operational scenario finds powerful RF on the
> rooftop. My concern is an abnormal scenario where powerful RF is used
> to sabotage an electronic equipment or human. Magnetron + horn antenna
> (forgive me for using this as an example a few times so far) for
> instance is capable of significant harm. If I mention, I have been
> victimized, at present we do not have the diagnostic/forensic tests
> (forensic DNA scientists at the NIST can be contacted to verify) to
> prove intentional harm from powerful EMF has occurred.
>
> My motivation to bring this topic for discussion is to make aware of
> the unlimited risk _if_ someone chooses to use powerful EMF as a
> method of sabotage. I do not relish to discuss this, but I remember
> reading on NANOG some 20-25 years ago, I paraphrase 'those with
> anti-social intentions do not publish papers'.
>
> Regards,
> Suresh
>
>
> On Thursday, November 5, 2020, <nathanb at sswireless.net
> <mailto:nathanb at sswireless.net>> wrote:
>
> To that end, anyone working around RF should be properly trained
> and use the safety tools provided them, they should be fine. If
> an untrained individual does something and gets hurt with high
> power RF, it is unfortunate and happens all too often because of
> people thinking that the worst case things don’t happen to them…
>
> Can you provide a case where this may have happened? Any RF in a
> Data Center should be on the roof, and isolated from the room at
> all times. This is standard practice in every RF data room we’ve
> ever been in, whether it be commercial or Government.
>
>
> Regards,
>
> Nathan Babcock
>
> *From:* NANOG <nanog-bounces+nathanb=sswireless.net at nanog.org
> <mailto:sswireless.net at nanog.org>> *On Behalf Of *Alain Hebert
> *Sent:* Wednesday, November 4, 2020 10:32 AM
> *To:* nanog at nanog.org <mailto:nanog at nanog.org>
> *Subject:* Re: Technology risk without safeguards
>
> Maybe someone is just looking for "inspiration".
>
> There is other venues to work this out "safely", IMHO.
>
> -----
>
> Alain Hebert ahebert at pubnix.net <mailto:ahebert at pubnix.net>
>
> PubNIX Inc.
>
> 50 boul. St-Charles <https://www.google.com/maps/search/50+boul.+St-Charles?entry=gmail&source=g>
>
> P.O. Box 26770 Beaconsfield, Quebec H9W 6G7
>
> Tel: 514-990-5911http://www.pubnix.net <http://www.pubnix.net> Fax: 514-990-9443
>
> On 11/4/20 12:24 PM, Matt Harris wrote:
>
>
>
> Matt Harris
>
>
>
> |
>
>
>
> Infrastructure Lead Engineer
>
> 816‑256‑5446
>
>
>
> |
>
>
>
> Direct
>
> *Looking for something?*
>
> _*Helpdesk Portal* <https://help.netfire.net/>_
>
>
>
> |
>
>
>
> _*Email Support* <mailto:help at netfire.net>_
>
>
>
> |
>
>
>
> _*Billing Portal* <https://my.netfire.net/>_
>
>
>
> We build and deliver end‑to‑end IT solutions.
>
> On Wed, Nov 4, 2020 at 10:48 AM Suresh Kalkunte
> <sskalkunte at gmail.com <mailto:sskalkunte at gmail.com>> wrote:
>
> Hello,
>
> I believe the below described method of causing
> intentional (1) damage to equipment in data centers and
> (2) physical injury to a person at the workplace is
> on-topic for the NANOG community, if not, I look forward
> to your feedback. As a software developer who has
> subscribed to the NANOG mailing list for a number of
> years, I post this note relying on intellectual honesty
> that I have had the opportunity to observe since 1996-97.
>
> The below described technology risk is applicable to
> computing/communication equipment rendered vulnerable by
> Intentional Electromagnetic Interference (jamming an
> electronic device) and the risk of health sabotage
> affecting people (jamming a human) managing the Internet
> infrastructure enabled by intentional application of
> powerful radiofrequency fields (RF) emitted by re-purposed
> components salvaged from a kitchen heating appliance
> (Magnetron) or from an outdoor high gain/power Line of
> sight transceiver (unidirectional microwave radio) which
> has a harm causing range up to 25 meters (estimated using
> a Spectral Power Density calculator like
> www.hintlink.com/power_density.htm
> <http://www.hintlink.com/power_density.htm>).
>
> This risk from mis-application of powerful RF is from
> human operated or IoT apparatus** with an avenue of
> approch from (a) subterrain placement aided by a
> compact/mini directional horizontal drilling machine (eg.
> principle of placing a stent in the heart) and/or (b)
> strategic placement in an obscure over-surface location to
> maximize negative impact on the target of opportunity.
>
> With building materials or ground offer insufficient*
> protection to block the passage of powerful RF and the
> absence of diagnostic/forensic tests to detect biomarkers
> expressed post-overexposure to harmful RF (combination of
> RF frequency, Spectral Power Density/Specific Absorption
> Rate incident on a person and duration of exposure),
> intentional damage to electronic equipment and people is
> at present unrestricted.
>
> The purpose of bringing this method of exploting
> technology to your attention is with an interest to build
> the momentum for ushering in the much needed safeguards in
> this context.
>
> While I'm a bit confused as to what this message is trying to
> ultimately get at, it should be noted that folks who work with
> RF communications equipment and other EM emitters which are
> strong enough to cause harm to a person are generally well
> aware of the necessary precautions and take them on a day to
> day basis when working with this equipment. If there's
> evidence that some part of our industry is ignoring or failing
> to train their team members on safety best practices, then
> let's hear that out specifically and I'm all for working to
> rectify that.
>
> On the other hand, the post seems to hint at intentionally
> using high powered RF to inflict intentional harm on a person
> or to jam communications signals. The former is relatively
> difficult to do by virtue of the amount of power necessary.
> Quite basically, there are much easier ways to go about
> injuring someone if that's what you want to do. Of course,
> intentionally injuring another person is a criminal act in
> just about every jurisdiction. As far as the latter goes, the
> ability to jam RF communications has existed for as long as RF
> communication has, and the knowledge of how to accomplish it
> is relatively widespread. It is also illegal in the US and
> most likely many other jurisdictions as well, and in the US
> the FCC has enforcement power with the ability to levy some
> pretty hefty fines on anyone who does so, even inadvertently
> though negligent practices.
>
> The post states that their intention is to "build the momentum
> for ushering in the much needed safeguards in this context."
> but lacks specificity with regard to what safeguards
> they propose beyond the legal/regulatory ones that already
> exist, so I'm not sure what more can really be said here.
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20201105/5b029571/attachment.html>
More information about the NANOG
mailing list