-=-=-=-=-=-=-=-=-=-=-=-=-=- Surveillance & Security Terminology and Definitions Reference File -=-=-=-=-=-=-=-=-=-=-=-=-=- by Alan Hoffman a.k.a -Q- =========================
6f8a4e7f976017dfa73f8d803bcf1cd6bc268f6b7fe68776bd39cf598ec5dbf3
-=-=-=-=-=-=-=-=-=-=-=-=-=-
Surveillance & Security
Terminology and Definitions
Reference File
-=-=-=-=-=-=-=-=-=-=-=-=-=-
by Alan Hoffman a.k.a -Q-
=========================
FOREWORD:
The definitions listed herein were extracted from another article by the
author entitled "Professional Installation of Clandestine Listening Devices".
Because of the usefulness of the terminology I decided it would be beneficial
to create a seperate text tutorial explaining the terms.
-------------
TERMINOLOGY:
-------------
Acoustic(s) - Aside from its scientific meaning, the term generally
is used by eavesdroppers in context to refer to the process
installing listening devices so that the intercepted audio
is of sufficient clarity. When installing clandestine
devices, care must be taken to place the microphones in
good locations where the device will not be subject to
EMI, RFI interferences and audio background noises.
Audio - This is a generic 'catch-all' term used in the surveillance
and security field. It primarily refers to intercepting
audio through use of hardwired microphones and transmitters.
The intercepted audio does not necessarily have to be
a spoken conversation, however, that is usually the case.
Body Wire - Also referred to as a 'body transmitter'. The device is
worn on the body and picks up sound within a 20 foot
range, and transmits it to a listening post. The device
is mainly used to intercept oral coversations of which
the wearer of the body wire is most likely an active
participant. The purpose of which is to either gain
intelligence for espionage purposes or to gain evidence
of criminal or immoral activity.
Bug - This is a generic vernacular used in the surveillance
and security field. The term is actually used quite a bit
more by amateurs and the media, than it is by professionals
themselves who usually prefer to be more precise and use
the word transmitter, or also 'microphone'.
A 'bug' is a covert transmitter usually designed to
intercept audio from a target and transmit it back to
a listening post by either means of radio frequency or
infrared light beam.
Buggist - This is primarily a british term, which refers to those
who specialize in performing electronic surveillance
operations. [See: "Wireman" for further definition]
CC - Carrier Current. Refers to the process of modulating an
audio signal onto a wireline using a VLF (Very Low
Frequency) radio wave in the kHz range. For example
a CC transmitter can intercept voices and send them
down a powerline where they can be demodulated and
listened to at another location.
Clandestine - This term is simply another word for 'secret' or 'covert'
and is used primarily in the intelligence community
and by those specilizing in surveillance & security.
COMINT - COMmunications INTelligence. Refers to intercepting
communications sent out via radio waves or laser/IR
transmission, etc..
COMSEC - COMmunications SECurity. This is the process of protecting
ones communications from eavesdroppers.
CounterMeasures- This term refers to maintaining both passive and active
measures to defeat eavsdroppers. This can include the
implementation of security policies and guidelines as
well as use of equipment to defeat eavesdroopers or to
find clandestine eavesdropping devices.
Eavesdropping - Is the process of gaining intelligence through intercepting
a targets communications. The term does not mutually
exclusively refer to intercepting audio, but also may
refer to capturing visual images, as well as data signals
from computers, radars, or other electronic devices of
any sort.
EMI - Electro Magnetic Interference. When placing transmitters
care should be taken to avoid interference due to EMI.
Gain - Most often refers to the amount of amplification power
of an amplifier system. The more 'gain' an amplifier has,
the better (so long as the clarity and Signal to Noise(S/N)
ratio is kept high and the distortion is kept to a low level.
GP-Amp - General Purpose Amplifier. A microphone of some sort is
usually inputted into the amplifier which then amplifies
and demodulates the signal so that the eavesdropper
can monitor it.
Hardwire(d) - Hardwiring is a technique of using a microphone with a
wireline that extends back to the listening post. One
does not necessarily have to install a wireline system,
a pre-existing set of wires could be used to transmit the
intercepted signal. Examples of pre-existing wirelines are
thermostat wires, electrical wiring, burgular alarm or
intercom and paging system wires, computer network cabling,
telephone wires, or coaxial cable television wires, etc..
Hot - In electronics, the term has a variety of uses which are
used in all different situations. It is a sort of catch-all
term which can be used informally. It can either mean that
a wire has electricity flowing through it, or can also
mean that a room is 'wired' with clandestine listening
devices, or that a telephone is being tapped.
Hot-Mic - Hot-mike'ing is an age-old technique of intercepting room
audio by utilizing a pre-existing microphone within the
room as a listening device. Examples of such may be an
intercom/paging system, or a telephone.
Hot-On-Hook - Synonymous with hot-mic, however this term specifically
refers to the use of a telephone as the listening device.
A simple modification of the telephone may be necessary to
allow the telephones microphone to remain in a state of
constant activity, however 'electronic' telephones used
in PBX systems are very often 'hot-on-hook'and can be
readily monitored.
HUMINT - HUMan INTelligence is the process of gaining information
necessary for intelligence activities through the use
of human interaction and conversation as opposed to
electronic means.
IR - InfraRed. In scientific terms, infrared is a band of
the electromagnetic spectrum just below visible light
and above radio waves. In surveillance lingo, IR often
refers to the process of modulating audio onto a beam of
InfraRed light (as opposed to ordinary radio waves) where
it is then demodulated at the listening post.
LP - Listening Post. In surveillance lingo, the LP is a place
where the eavesdroppers can monitor the intercepted
audio, video, or data signals.
Mic - Also abbreviated as "Mike". A microphone is a component
that converts sound pressure waves or vibration from
solid objects into an electric current. This electric
current is usually fed into an amplifier system which
demodulates the electric signal and converts it back into
audio but at a much greater amplitude (volume).
In surveillance terminology, the term mic/mike very often
refers to either a hardwired microphone or a wireless
transmitter such as a 'body wire' or 'bug'.
NLJD - Non-Linear Junction Detector. An NLJD is a device which
Countermeasures technicians use to find electronic
devices that may be hidden in places that cannot be
visually inspected such as behind walls or in furniture.
The NLJD sends out a GHz band signal (in the U.S.A., FCC
approved NLJD's are only allowed to operate in the
954MHz range (+/- 50MHz); and the radio wave enters any
electronic component and is "reflected" off of any
electronic component with a non-linear junction (which is
2 dissimilar metals joined together) such as a diode or
transistor. The non-linear component then generates
current within itself and releases energy which is picked
up by a receiver in the NLJD. A clandestine listening
device does not have to be active or have power to be
detected by this device.
Ops - A commonly used law enforcement and intelligence
abbreviation for the word 'operation' which pertains
to any type of mission, be it physical, electronic,
and either of a passive or active nature.
Path Loss(es) - Refers to the amount of radio freqnecy signal power that is
lost as an RF wave passes through various common barriers
such as walls, floors, air, metal, wood, concerete, etc..
Path losses are often measured dB (Decibals).
Penetration - Penetration is a term used in the espionage, intelligence,
law enforcement and security industry as a whole.
Their are 2 general types of 'penetrations':
(1) Technical Penetration- This usually involves B&E
(Breaking & Entering) into a target, with the
intent of installing some sort of clandestine
monitoring device of the audio, visual or data type.
B&E is not always an absolute necessity, as it may
be possible to monitor the target from an adjacent
area which is controlled by the eavesdroppers such
as the other side of an office, apartment or hotel wall.
(2) Electronic Penetration- An electronic penetration has
similar goals to a technical penetration, however
breaking & entering is rarely needed to accomplish
the mission of intercepting intelligence from the
target. This type of monitoring usually involves
SIGINT or COMINT; which is the passive monitoring of
transmitted signals which may be emmenating from
the target.
Quick Plant - Refers to the process of quickly planting some sort of
clandestine monitoring device. The quick plant is usually
a device which is only for temporary use and can possibly
be installed and removed easily on a routine basis. Also
it is usually installed by someone who may be authorized
to have access to the target area for a short period of
time such as a cleaning/maintenance person, guard, or
secretary who acts as an inside agent on behalf of the
eavesdroppers. As a general reference guide, a quick plant
device should ideally be able to be installed and removed
in less than 120 seconds, possibly even less than 30
seconds. In addition, breaking and entering is usually not
necessary when installing a quick plant device.
RDF - Radio Direction Find(ing)(er). The process of finding the
direction from which a radio or InfraRed signal is
emmenating to locate a transmitter of any type, not
necessarily a covert device. Often used in the cellular
and telecommunications industry as a means to locate
illegally operating transmitters. Also a means of tracking
the wherabouts of people by installing a covert transmitter
on the subjects car (or persons) and tracking them from
a distance to see where the target goes.
RF - Radio frequency. In surveillance, the term RF is used alot
and usually comes about when you are having a discussion
about 'bugs', 'body wires' or other transmitting devices
which send out a radio frequency signal to the eavesdroppers
listening post. RF transmitters are far more common than
are lightwave transmitters. One could also use the term RF
when one is having a very technical discussion about
radio waves, path losses, etc..
RFI - Radio Frequency Interference. One should always try to
avoid RFI if possible when placing clandesting RF devices.
A few brief examples are to not place transmitters in
close proximity to flourescent lights (especially ones
with faulty ballasts, which is indicated by a constant
flickering of the flourescent light) as well as not
placing the device to close to a cieling fan. It also is
a good idea not to place a "mains" powered RF transmitter
on the same circuit where kitchen appliances such as
blenders, or refrigerators (especially old ones with
worn out compressors) exist.
SIGINT - Signals Intelligence. The process of intercepting,
collecting and interpreting data signals for intelligence
purposes.
Sweep(er) - A 'sweeper' is another word for a TSCM or CounterMeasures
technician. The term is used in an 'informal' fashion,
such as when engaged in a conversation where the person your
conversing with already is familiar with your line of work.
Spec-An - Spectrum Analyzer. A spectrum analyzer is similar to
an oscilliscope, however the main difference lies in the
fact that a Spec-An receives its input from a radio
frequency signal as opposed to a hardwired electrical
input. In addition, a spectrum analyzer has the capability
to 'demodulate' various standards of audio RF communications
such as WFM, NFM, SSB, CW, Sub-Carrier Signals as well as
television standards such as NTSC, PAL and SECAM.
Spectrum Analyzers are one of the most basic tools of
any countermeasures technician. It usually provides the
highest degree of accuracy for the cheapest price.
Spill - A multi-faceted term sometimes used in the espionage and
intelligence field which refers to the phrase:
"to spill the beans" which roughly means, to give out
confidential information to unauthorized personell either
intentionally or inadvertently, which could jeapordize or
compromise a situation or operation.
Tap - A "tap" usually refers to a covert/clandestine means of
monitoring wireline communications; especially pertaining
to telephones, but is applicable to all forms of wirelines.
A tap can simply consist of a splice onto the targets
line wheras the splice goes to the listening post, or
the eavesdropper can use a monitoring device which
clips directly onto the line via alligator clips,
or uses an inductively coupled pick-up coil. Another
form of tapping is known as "backstrapping" which is
when the eavesdropper connects that targets telephone
wires (or any other wires) and splices them onto the
eavesdroppers own wires at a junction box or any terminal
strip which is readily accessible for modification.
TDR - Time Domain Refectometer. With a TDR device one performs
an operation known as Time Domain Reflectometry. The device
is intended to find 'faults' as well as 'interruptions' on
various types of wirelines. The term 'fault' and
'interruption'can consist of various problems such as
'splices' or 'taps' onto the main wireline, bridging
between 2 lines, as well as amplifiers or splitters or
junction boxes or terminal strips or jacks, etc..
A countermeasures technician uses the TDR to trace wires
when doing an electronic inspection of wires as well as a
physical inspection. Using the device may lead to the
discovery of various clandestine devices which may have
been placed upon the wireline by the eavesdropper.
The TDR works very similar to a RADAR. The unit emits a
medium to high powered signal that gets sent down a
wireline. If any faults or interruptions are present on
the line a small fraction of the signal gets reflected off
of the anomoly and sent back to the TDR. The TDR receives
the reflected signal and also times how long the reflection
took to occur in reference to the transmitted signal.
By using that timing, the TDR can determine exactly how
far the fault or interruption is down the wireline with
a resolution of several millimiters. The resultant
distance and other information then gets sent to a user
interface screen on the TDR. The technician then knows
exactly how far to trace a wire to find the anomoly.
An example of a primitive TDR is a telephone test
instrument known as a "points meter".
Transmitter - In the generic sense, a transmitter is any device which
sends information over a distance. However, in surveillance
the term is somewhat more limited, although not necessarily
so. A transmitter usually intercepts audio (although it
could also intercept video signals as well as data signals
from a computer, fax, etc..) and transmits the modulated
signal over a distance using either a radio frequency wave
(RF) or a light wave such as a LASER or an (Infrared) IR
illuminator.
TSCM - Technical Surveillance Counter Measures. A TSCM technician
is synonymous with a "countermeasures technician" or
a "sweeper". [See bothe aforementioned terms for a more
detailed description.] The term TSCM Technician is used
in the formal sense as opposed to the other terms.
For instance, when asked by a friend what ones job is,
the individual might reply that he is a TSCM technician.
Once you have explained what exactly a TSCM Technician does
(since most people outside the surveillance field simply
do not known) then you may use the informal term, and
simply call yourself a "technician" or "sweeper", or maybe
even "countermeasures technician" although the latter term
is still very formal not to mention you would get tired of
calling yourself that every five minutes as it is a rather
"big" word. The term "TSCM" by itself is synonymous with
"countermeasures" and "sweeping".
TradeCraft - Also reffered to as "Kraft" or "Craft", refers to the
various trade secrets and personal secrets, that one learns
and develops over the many years that one is engaged in
this field. Both Countermeasures technicians and wireman
have their own little secrets that they try to keep from
each other, as they are in a sense rivals. These secrets
are sometimes guarded closely by persons in the field
for whatever reason. To give an example of such a secret
would be pointless since these tradecraft tricks I am
referring to, cover such a wide topic; that even giving
one example would not give you a sufficient idea as to
what I am referring to.
Wired - Generic term meaning that a target has some sort of
clandestine device installed within to intercept either
audio, video, or data signals.
Wireline - Refers to a system of wires. Term is used in conjunction
with hardwired microphones. [See: "Hardwired"]
Wireman - This is a term occasionally used to refer to professional
independant (ie: non-government) freelance eavesdroppers
who specialize in electronic surveillance installations
and monitoring, and operations planning. This term is
somewhat dated by todays standards, but was fairly popular
in the 1960's and 1970's. However, today most professionals
in this field prefer to refer to themselves as
"security consultants" so as to add a degree of legitimacy
to their work. Most persons who do this type of work,
do not usually do it full-time, but rather usually run
a "front company" that does legitimate security work such
as computer, communications or physical security or
investigations.
=============================
Alan Hoffman
sahoffman@dockmaster.ncsc.mil
=============================