From: WTShaw on 14 Jul 2010 04:11 On Jul 13, 2:34 am, gordonb.k6...(a)burditt.org (Gordon Burditt) wrote: > >This topic is outside of my remit and indeed my knowledge in the > >context of mutual database cryptography - however, I have in mind a > >free standing computer at Bob's end i.e. not connected to the internet > >- the ciphertext is transmitted via a properly connected computer and > >then relayed internally by Bob to this freestanding computer where it > >is decrypted - a cyber attack on the freestanding computer is > >impossible ? - adacrypt > > Viruses being transmitted by "sneakernet" (hand-carried media such > as floppy disks) were pretty well known in the old days of MS-DOS. > Nowadays, USB memory sticks can also transmit viruses. > > If you really want a ("freestanding") system secure, maintain a > good air gap (say, 10 feet) between the system and any outside > connections > - Ethernet, phone, or wireless connections > - Any radio or infrared communication links such as Wi-Fi, > Bluetooth, wireless keyboards, cell phones, etc. > - Commercial power. Use batteries and solar cells or > muscle power of the guy operating it. > - Any media that's been touched by an outside computer > (includes floppies, USB memory sticks, CD/DVD disks, > recordable or not, tape, paper tape, punch cards, etc.. > I guess this means you pretty much have to build these > yourself or do without, although you could perhaps risk > bulk-erasing floppies, then formatting them and using > them on the secure system.) > - Preferably you put the whole thing inside a Faraday cage > to limit electromagnetic radition from sending info in or out. > > I am not sure whether it is safe to use a digital camera inside > your locked room to take a picture of the screen of the internet-connected > computer 10 feet away, then have the inside computer OCR it. I > doubt it. Quickly, advantages of hand written courier delivered dispatches seem to have returned, if you can trust the courier. Older computers can still have use if maintained as their RF profiles are easier to shield, and as obsolete as above, hand entered data seems to fly well in these obscure scenarios...Remember Rosie?
From: Mok-Kong Shen on 15 Jul 2010 13:20 Mok-Kong Shen wrote: [snip] > BTW, a recent article on cyber warfare could serve also for looking at > the matter from a different standpoint: > > http://www.economist.com/node/16478792 Schneier has in his CRYPTO-GRAM, July 15, an article entitled "The Threat of Cyberwar Has Been Grossly Exaggerated". Of course, there are naturally different opinions on the same issue. For common owners of PC anyway I think that it does well to be 'constantly' conscious of the insecurity of his computer. M. K. Shen
From: Mok-Kong Shen on 17 Jul 2010 03:52 Another article about cyber warfare is: http://online.wsj.com/article/SB10001424052748704545004575352983850463108.html I personally find the project name 'Perfect Citizen' quite interesting. Yes, we citizens all over the world will soon be entirely 'perfect'! M. K. Shen --------------------------------------------------------------- For unto every one that hath shall be given, and he shall have abundance: but from him that hath not shall be taken away even that which he hath. St. Matthew 25/29
From: Mok-Kong Shen on 17 Jul 2010 04:45 Yet another URL: http://www.computerworld.com/s/article/9179215/Some_experts_question_efforts_to_identify_cyberattackers?taxonomyId=17&pageNumber=2 BTW, what is the current status of countering the botnet? Has that serious problem been satisfactorily solved? M. K. Shen
From: Mok-Kong Shen on 19 Jul 2010 15:46
Yet another article concerning cyber warfare and cyber peace: http://www.washingtonpost.com/wp-dyn/content/article/2010/07/16/AR2010071605882.html?sub=AR I wonder how could the officials involved be ignorant of the trivial fact that malware could be done by single hackers requiring no government-'control-able' resources besides paper and pencils. M. K. Shen |