CTX4000: NSA Exploit of the Day
Current Berkman People and Projects 2014-01-20
Today's device -- this one isn't an implant -- from the NSA's Tailored Access Operations (TAO) group implant catalog:
(TS//SI//REL TO USA,FVEY) The CTX4000 is a portable continuous wave (CW) radar unit. It can be used to illuminate a target system to recover different off net information. Primary uses include VAGRANT and DROPMIRE collection.
(TS//SI//REL TO USA,FVEY) The CTX4000 provides the means to collect signals that otherwise would not be collectable, or would be extremely difficult to collect and process. It provides the following features:
- Frequency Range: 1 - 2 GHz.
- Bandwidth: Up to 45 MHz
- Output Power: User adjustable up to 2 W using the internal amplifier; external amplifiers make it possible to go up to 1 kW.
- Phase adjustment with front panel knob
- User-selectable high- and low-pass filters.
- Remote controllable
- Transmit antenna
- I and Q video outputs
- DC bias for an external pre-amp on the Receive input connector
- External oscillator
- Receive antenna
Unit Cost: N/A
Status: unit is operational. However, it is reaching the end of its service life. It is scheduled to be replaced by PHOTOANGLO staring in September 2008.
We've already seen reference to VAGRANT and DROPMIRE. The first collects data off computer screens, the second from printers with "purely proximal access."
In the comments, feel free to discuss how the exploit works, how we might detect it, how it has probably been improved since the catalog entry in 2008, and so on.