Secure Computing?

Discussion in 'Computing and Networks' started by BR-549, Feb 11, 2018.

  1. BR-549

    Thread Starter Distinguished Member

    Sep 22, 2013
    3,391
    838
  2. eetech00

    Active Member

    Jun 8, 2013
    920
    178
    Good docs.

    But It depends...

    eT..
     
  3. nsaspook

    AAC Fanatic!

    Aug 27, 2009
    4,099
    4,307
  4. WBahn

    Moderator

    Mar 31, 2012
    21,555
    6,220
    Depends on what you define as "secured" and how much you are willing to spend to achieve it.

    But at the end of the day a computer has to be interacted with in order to be useful.

    So you might put your computer in a mile-deep hole on the far side of the moon with twenty layers of guards and twelve-factor authentication, MRI and CAT scans, plus full-body cavity searches both on the way in and the way out in order to gain access, and you still have the potential for someone with access to simply remember enough highly-sensitive information in order to sell/disclose it and cause a compromise.
     
  5. BR-549

    Thread Starter Distinguished Member

    Sep 22, 2013
    3,391
    838
    Would they admit it if they couldn't?
     
  6. WBahn

    Moderator

    Mar 31, 2012
    21,555
    6,220
    Would they admit what if they couldn't what?
     
  7. atferrari

    AAC Fanatic!

    Jan 6, 2004
    2,905
    1,022
    Definitely interested in the answer.
     
  8. BR-549

    Thread Starter Distinguished Member

    Sep 22, 2013
    3,391
    838
    Would they admit that they could not secure a machine? If my system had an unshieldable flaw/weakness that no one had noticed...I wouldn't want to admit it.
     
  9. nsaspook

    AAC Fanatic!

    Aug 27, 2009
    4,099
    4,307
    The low frequency magnetic fields can be easily stopped with magnetic shielding that's required in the TEMPEST spec. You use very high permeability metals ( MuMETAL) to shunt magnetic field in the ranges that a Faraday cage is ineffective.
    http://www.magnetic-shield.com/faqs-all-about-shielding.html

    Almost every catastrophic security breach has been caused by a AN/Human MK-1. Hardware security is only part of a total solution.
     
  10. WBahn

    Moderator

    Mar 31, 2012
    21,555
    6,220
    That's a completely different question from what you asked originally. And now we need to know whose "they" is.

    All kinds of weaknesses and flaws have been disclosed by all kinds of "theys".
     
  11. BR-549

    Thread Starter Distinguished Member

    Sep 22, 2013
    3,391
    838
    My questioned asked if a computer could be secured. "They" would be the people responsible for securing it. Not being of a network background or involvement...I have only heard of discovering fault by successful attacks or breaches.

    I would assume that contracted analytic security results would be kept private.....even tho corrected. That does not infer that it would not be libraried for others.

    Written secure files had breaches of course...but I don't think it compares to the electronic level of breach.
     
  12. BR-549

    Thread Starter Distinguished Member

    Sep 22, 2013
    3,391
    838
    It just occurred to me that some of these attacks probably have given programmers new algorithms for other problems....no?

    I especially liked the idea of using the accelerometer for keystrokes.
     
  13. WBahn

    Moderator

    Mar 31, 2012
    21,555
    6,220
    To some degree this is true by definition. But the attacks are often discovered by non-malicious actors, frequently the people that designed the system in the first place. Often the existence of attack strategies are known long before anyone, on either side, figures out a way to implement a practical attack using that strategy.

    While security analyses could be kept private, they often (usually?) aren't. Most things WILL get out, if only because a third party discovers/reinvents the attack and publishes it. Then the original company gets caught with egg on their face when, invariably, it becomes known that they knew about the risk and did not inform their customers in a reasonable amount of time.
     
Loading...