Scissors - the ultimate network security tool. The next time upper management asks for recommendations on keeping their data safe, tell them they should be running with scissors.
"Scissors" should be the name of the ultimate Anti-virus software.
"Scissors - Anti-virus software so good you'd think we took scissors to you network connection..."
Faraday suits. IIRC there was an MIT (where else?) study that discovered where wearing only a hat causes it to act as an antenna.
Ah, found a link: https://www.theatlantic.com/health/archive/2012/09/tin-foil-hats-actually-make-it-easier-for-the-government-to-track-your-thoughts/262998/
If they were willing to drill for an ethernet connection, why not drill to install a wifi router's antenna inside your vault? Or just use the existing ethernet to install said device inside your vault?
Somehow, thus reminded me of when I used to work for a mail-order computer reseller.
This was back in the day when just about any component was beige and black was just starting to make it's presence known.
Someone, of course, wanted a black thing. Any black thing was hard to find. I suggested to the salesperson that Krylon (a brand of spray paint) had worked for me (yes, I actually spray-painted a computer to make it black). He asked me for the SKU. At that point I realized he didn't get the joke he'd also not likely ever been in an auto parts store.
Nowadays, does anyone make any beige components? Closest I can get is custom RGB.
Well, my last computer had McAfee installed on the factory image. Whenever I had to regress it, I had to uninstall McAfee first, otherwise it would systematically lock me out of everything, until the only way to do anything was to do another factory reset.
That's all you really need.
Looks like there's a chance - the full name matches, the article author says (elsewhere) he has stepped back from computer security into arty metalworking, and the photographer seems to have Opinions.
>It really is true that the only way to keep a computer safe is to unplug the network cable.
Even that isn't good enough. Stuxnet spread via infected USB drives.
Yeah, *no*.
Even if you assume a perfectly deterministic universe, one in which the state of the cosmos at any given time T is a function of its state at a prior time T-1, if your function is not 1 to 1 then information loss may still be present. If State 1 and State 2 both produce State 3 when put through the function, then knowing that the cosmos is presently in State 3 is not sufficient to deduce its prior state. It can't be done.
Then of course, there's chaos theory. When trying to predict a system with Sensitive Dependence on Initial Conditions, you need a *perfect* measurement. ***ANY*** error, no matter how small, will eventually render the entire model hopelessly inaccurate. This means that in a universe where the Heisenberg Uncertainty Principle may in fact be so fundamental as to override the 2nd law of thermodynamics (what we call "zero-point" energy), accurate weather prediction is provably impossible.
Barring time travel, some things are demonstrably "lost".
For now? Unless you're some kind of reality-warping eldritch horror this ain't changing anytime soon.
The hidden variable hypothesis was tested...and it failed. The Heisenberg Uncertainty Principle is hardwired into the very nature of our universe, and the properties of chaotic systems, including their unpredictability, follow directly from their definitions as mathematical objects. Again, not much you can do to change it.
And that's *without* getting into the rabbithole of whether or not the universe is *actually* deterministic. Spoiler alert, it might not be! True randomness exhibits a number of interesting and useful statistical quirks, and apparently stochastic processes like radioisotope exhibit these same quirks. In other words, they sure as hell *look* random, and the most widely accepted view is that they are in fact random. However, there *do* exist strictly deterministic models of quantum mechanics, and it would mean that such seemingly random things as cosmic rays are actually nothing of the sort.
Yes, for now. You sound like you're smart and know more about this than me. I'm just not discounting the possibility that someone somewhere sometime in the future is even smarter and disagrees with you.
>Unless you're some kind of reality-warping eldritch horror
Y͘͟҉̤͕̯͔e̢̜̩̠̩á̻̞͞h͉̱̙͜.̺̘.̸̴̳͔̺̗͍.̡̲ ̖̯̻͉͕̻̦͓̜á̯̺͘͠b͙͇̗͚̥̳̼̲͞o̟̱͘͟͢ù̢̨͚̰͔̗t̸͈̭̰̞̤̼͇̯ͅ ҉͔̱̙̟̩̲ͅt͚̬̼̯͈̩̱̺h̶̵̝a͉͍͓͜͞t̼̫̕.̶̖̟̘̺͓̳͓͘.̶̨̱͍̣̗̺͍͈
̛̳͓̟͍͓̯̫̤ͅ
Many years ago i watched a TV programme in which it was suggested that with sufficiently sensitive equipment, it might be possible to "lift" sounds from a painting, thereby gaining insight into what had happened during the creation of the painting.
With each new advance in electronics and in processing power of computers, it seems to me that some day - perhaps not too distant? - we will inevitably reach the point where this becomes possible.
What should we name such a device, once it's brought into existence? Chronophone perhaps?
Remember the scene in the original 1979 Blade Runner when Deckard uses the Esper machine to 'go inside' a color polaroid photograph of a room, and see around the room in 3D, and even look around corners? It was mindblowing at the time, and we all scoffed at it as just sci-fi nonsense.
Turns out that last year researchers developed a technique of looking inside a 2D image and developing a 3D model of the scene captured in the image, allowing them to see behind objects and around corners.
AI making wild guesses about what might be behind a corner is no better than a person.
The point of that tech was cheaper production of special effects, not some kind of absurd telepathic sensing.
In the Blade Runner scene, Decker is zooming in on reflections that reflect a different part of the room. I think he ends up zooming in on a reflection within a reflection, at something like 1000x zoom, but it's an example of the insane "enhance" trope, not generating info that's not in the view of the camera.
I don't understand how this lamphone thing works. So they are reading vibrations off a lightbulb and then somehow figuring out what was being said/played in the room at an earlier time? I can't wrap my head around any of it.
Not at an earlier time. They're basically using the light bulb as a microphone.
Sounds vibrations cause the frequency off the light coming out of the light bulb to change. They then use a telescope hooked up to some optical sensors and a computer to translate the changes in light frequency back into the sounds waves that caused them.
It basically makes it so that instead of planting a hidden microphone to spy on someone, you just need to point a telescope at a light bulb in the same room as then.
Yes this makes so much more sense! Thanks!
But there's a part in that abstract that I thought talked about time...is the idea here that one day we hope to read these vibrations from the past?
I was first introduced to the theory in an Asimov story. The idea as I understand it is that with sensitive enough equipment, plus the ability to somehow read information that has been traveling away from us at the speed of light since it was created, we could "read" the past instantaneously by going far enough out from the planet and looking at the various radiation being emitted. In the story the technology is suppressed for as long as possible, as once created it destroys the concept of personal privacy. If you can read the information emitted ten thousand years ago anywhere on the planet, so can you the in formation emitted effectively in real time.
Unfortunately, the speed of light can be thought of as *definitionally* the speed of information propagation.
There is no “present time” except local time.
If, at point B, you were far enough away to read into the past of point A, you still wouldn’t be to perform an action that affected the “present” of point A: any action you performed would occur at the time on point A
that is proportionally in the future of point A, based on its distance.
Even stuff like quantum entanglement never exceeds this informational limit. It can only *retroactively appear to have been identical,* even if you ignore that the particles also need to be separated across space (at best at the speed of light) in the first place in order to be useful.
There are *many* variations on it. There’s a C S Lewis story where a scientist discovers a substance in your brain related to memory and realises that you don’t *remember* but rather look vaguely into the past.
Then he purifies it and makes a machine out of it for viewing the past, and then realises that the past could be a second ago.
And also he needs lots of braaaaaains to chop up to make his substance out of.
Look up:
> Now I claim to have isolated what I call the Z substance in the human brain. On the purely physiological side my results have been published.
It's from: The Scientifiction Novels of C.S. Lewis: Space and Time in the Ransom Stories
The abstract talks about doing the acquisition and processing in real-time, essentially meaning that the acquisition and processing happens while the conversation is happening, rather than recording data and having to process it until next week to get the actual speech data back. I didn't see anything that indicated it would be possible to recover past conversations.
They mention that its good enough that when playing music, Shazam can identify the song, and when people are talking, google text to speech is able to identify the words.
sorry, I meant how loud is the sound as it's being emitted. like how many decibels are pushing through the air to move the lightbulb in a way that's detectable? 'cause if it's 110+ then that's "understandable", if it's like 60-70 then that's impressive as fuck (and I don't mean to diminish the accomplishment either way, it's impressive, but I do think the distinction is important).
Well we can use lasers to help recording of speech from the vibrations of windows. [Laser microphone](https://en.m.wikipedia.org/wiki/Laser_microphone)
I think there was an entire research department dedicated to seeing if you could figure out what a processor was doing based on fluctuations in power consumption or frequencies emitted from inside a pc. CIA or FBI, can’t recall which. Back then they couldn’t do it, I think an Israeli lab got it to work in the last few years.
Edit: and then there is row hammer.
The only truly secure computer is inside a locked vault with no external connections at all, including power. And guarded my an armed guard and a dog, whose job is to bite the guard if he tries to open the door.
I wrote a program that was called PC Beacon. What it did was you could remote into the PC and have it do things like a blinking screen or use the PC speaker to make noise. This way if you didn't know where the PC is, you could play Marko Polo and easily find it.
> Crazy that the most secure systems are still vulnerable.
Physically secure, sure... sounds like that computer hadn't been patched in ages though.
But yes, no network, no external connectivity whatsoever, located in a SCIF, and highly vetted personnel using it is the only way... and even that's no guarantee in preventing certain types of attacks (see: Snowden).
Still able to be attacked, if you can get physical access.
Even ignoring the possibility of an attacker bringing their own interface devices and forcing the machine to boot into an environment they control, they could always just yank the drive(s).
Physical access to a machine is game over for cybersecurity.
This is why I dont get the hyped up news articles about the next usb exploit a few months back (dont recall what it was called)
Rubber duckies and other usb attacks have been a thing for many years and its inherently not patchable.
If the computer can be touched or something physically inserted its game over, only exception being stuff where physical access usually doesnt include any actual usb ports or the like (ATM's for instance)
> If the computer can be touched or something physically inserted its game over, only exception being stuff where physical access usually doesnt include any actual usb ports or the like (ATM's for instance)
I dunno anything about ATM construction, but unless whatever internal drive it has is soldered or it uses a SOC or something, it could theoretically still be attacked. Hell, possibly even then - I wouldn't be surprised if there were malicious devices that you could splice onto cabling. Course, you'd have to get into the damn thing and they probably make that *very difficult* - at least without obvious signs of tampering. Never mind the fact you'd be on camera the whole time, since they're *very firmly* mounted.
External I/O doesn't matter if you can get into the hardware itself.
>"Didn’t they know that the only unhackable computer is one that’s running a secure operating system, welded inside a steel safe, buried under a ton of concrete at the bottom of a coal mine guarded by the SAS and a couple of armoured divisions, and _switched off_?"
I meant no battery as a general turn of phrase for no juice. I think Voyager still has some life in it for the moment, but is definitely in the later half of its lifespan.
Thanks for following up on that.
Your response about returned just sparked an idea: How much (if at all) is Voyager able to be managed remotely? If that door is already completely shut, then we could consider it to be impervious to future tampering right now.
If you have the physical switchport it was connected to it should have been easy to find the PC. Just follow the cable... /s
Any time I visit one of the locations I'm responsible for I bring a notepad, and make drawings of any area I visit, and mark down every effing RJ45 port I see, and what they're marked with.
This is later compared to the patch panel in the comms room (So I know if there are still 'missing' points) and refined onto a halfway decent floorplan. Every point is also written into a spreadsheet, so I know that 3.1.15 isn't only 'floor 3, point 15 on the first panel', but also that it's Room T323.
It's a massive job, though, but doing it bit by bit, I'm not overwhelmed completely.
If there are 'leftover' points in the comms room, the numbering may give clues as to where they are. (Most cable monkeys start numbering at one wall, and work in a straight line. So a 'missing' line is probably close to one with a nearby number. Unless it was added later)
In the future, if I get a message about a virus spewer or 'illegal' PC on the network, and get the switchport, it should be just a moment's work to follow the patch cable to the panel, then glance at a poster above it to find where the offender is hiding. I hope...
I worked in a library after high school. It was a very pleasant... until one went into the extension, which was in the basement. The lighting was almost nonexistent, and they had picked a dark brown color for the walls (at least, I assume so, it was hard to see them). Being down there left one feeling quite alone and afraid. There was only one way down, via a special elevator, and no one went down there unless they had a job to do there.
And the books they kept down there. I shudder to remember them. I guess there's a reason for places like that, none of those books would be appropriate to leave in view of the public (I exaggerate a bit, but they did keep the controversial stuff down there, like an illustrated guide to historic martyrs).
I don't know. I spent as little time down there as possible, so I didn't see everything. There was no echo at all in that place, and it always felt like someone was standing right behind you.
Way back around 2000, I was in a meeting with the executive team of one of our current clients. They had an ecommerce system we designed and maintained. The president of the company demanded that we provide a system that was 100% secure. It took quite awhile to make him understand that wasn't possible.
This was only a few months after I was in a similar meeting with the same customer and our sales guy made the statement that their new server would provide them with 'infinite capacity'.
I wonder if a LiveCD based computer with no local storage would be suitably secure? Nothing would write to the CD, and as soon as the computer was rebooted, the ram would be cleared. You could access the web and not worry about any downloads since they would go away on reboot.
There is no such thing as an unhackable computer, or an unpickable lock, or an unbreachable security measure of any kind, there is only not worth the time and effort.
This was over 15 years ago and at the time our network was a hodge-podge of various depts trying to make it work. Luckily it’s all been upgraded and redone so it works much better now.
Crazy story. Even crazier that you had to do a room by room search. Were you not using managed switches? You should have been able to narrow it down to a switchport on a specific switch even if someone plugged in something unmanaged at an end device.
This was over 15 years ago in a highly non-centralized university (at the time, MUCH better now). Finding the port on the switch might have been possible but there was probably no record of where the physical jack was. This building still had 10-base half-duplex copper networking in the walls, most likely installed by Alexander Graham Bell himself.
Got a lot of stuff in my place that is not documented either. It can be an absolute nightmare. The environment you just described literally made me cringe.
We came in to our office a few months ago, and couldn't access our primary POS software. It turned out that it had been encrypted by some ransomware. We went searching, and found that the infected computer was the owner's. The owner who rarely comes into the office, and hadn't been in for weeks.
We have no idea how that PC was the one that got infected.
(fortunately, we only had to reimage that machine, and restore the backup on our server)
Why would a library have a literal vault? Also, if they hadn’t opened it in forever, so nobody should have touched it in ever, how did a virus get onto the computer? I am confuse
Scissors - the ultimate network security tool. The next time upper management asks for recommendations on keeping their data safe, tell them they should be running with scissors.
"Scissors" should be the name of the ultimate Anti-virus software. "Scissors - Anti-virus software so good you'd think we took scissors to you network connection..."
What do we do about wifi though? Tin foil hats?
Faraday cages
Ooo, Faraday hats!
Faraday suits. IIRC there was an MIT (where else?) study that discovered where wearing only a hat causes it to act as an antenna. Ah, found a link: https://www.theatlantic.com/health/archive/2012/09/tin-foil-hats-actually-make-it-easier-for-the-government-to-track-your-thoughts/262998/
Absolutely hilarious
If your PC has physical antennae, remove those
Probably keeping the computer inside a metal vault does a number on the wifi signal.
If they were willing to drill for an ethernet connection, why not drill to install a wifi router's antenna inside your vault? Or just use the existing ethernet to install said device inside your vault?
Computer viruses are not spread by air so it's actually safer with wifi.
Just put a mask over the antenna
According to the CDC you would want double or triple masks.
BUT WHAT IF IT'S TRANSMITTING FIVE GEE?!?!?!?!?
We have to move to N95 masks only in that case. It's the only way to be safe.
THEY STILL HAVE THE FIVE GEEZEZ
Just don't get vaccinated... If they can't get the chip implanted, the 5G can't be used to infect you with the virus.
Nuke it from space?
Next time you're buying new desktops, intentionally choose ones without wifi as part of the mainboard, and remove the Wifi card if it came with one.
Take the scissors to the router cable
Thermite on the PCI-E slots. The slag leftovers will also force every pin to be normally-closed
Is WiFi NOT a network connection? Would you have preferred "network adapter?"
Somehow, thus reminded me of when I used to work for a mail-order computer reseller. This was back in the day when just about any component was beige and black was just starting to make it's presence known. Someone, of course, wanted a black thing. Any black thing was hard to find. I suggested to the salesperson that Krylon (a brand of spray paint) had worked for me (yes, I actually spray-painted a computer to make it black). He asked me for the SKU. At that point I realized he didn't get the joke he'd also not likely ever been in an auto parts store. Nowadays, does anyone make any beige components? Closest I can get is custom RGB.
Noctua's ugly ass fans come to mind.
Ok I'm about to write an antivirus that just deletes your network drivers.
Well, my last computer had McAfee installed on the factory image. Whenever I had to regress it, I had to uninstall McAfee first, otherwise it would systematically lock me out of everything, until the only way to do anything was to do another factory reset. That's all you really need.
That'd be a norton uninstall that trashes the network stack. Norton - nothing works without our software!
Step 1. Get scissors Step 2. Cut network cable Step 3. ??? Step 4. Profit
[The Ultimate Firewall!](http://www.ranum.com/security/computer_security/papers/a1-firewall/)
Jeff Richards' Laws of Data Security (from sometime around 1990): 1) Don't buy a computer. 2) If you do buy a computer, don't turn it on.
Wait a second... is this the same Ranum as the MJ who does photography on deviantArt?
Looks like there's a chance - the full name matches, the article author says (elsewhere) he has stepped back from computer security into arty metalworking, and the photographer seems to have Opinions.
Sorry, no clue.
> they should be running with scissors I distinctly remember that being advised against by almost everyone.
Or chewing gum up the network jack on the PC.
Emergency firewall.
>It really is true that the only way to keep a computer safe is to unplug the network cable. Even that isn't good enough. Stuxnet spread via infected USB drives.
Let me introduce lamphone https://www.nassiben.com/lamphone
This truly makes me wonder if any of the Earth's history is truly lost. Someday maybe even the sound of dinosaur footsteps can be retrieved.
That’s scientific poetry.
Yeah, *no*. Even if you assume a perfectly deterministic universe, one in which the state of the cosmos at any given time T is a function of its state at a prior time T-1, if your function is not 1 to 1 then information loss may still be present. If State 1 and State 2 both produce State 3 when put through the function, then knowing that the cosmos is presently in State 3 is not sufficient to deduce its prior state. It can't be done. Then of course, there's chaos theory. When trying to predict a system with Sensitive Dependence on Initial Conditions, you need a *perfect* measurement. ***ANY*** error, no matter how small, will eventually render the entire model hopelessly inaccurate. This means that in a universe where the Heisenberg Uncertainty Principle may in fact be so fundamental as to override the 2nd law of thermodynamics (what we call "zero-point" energy), accurate weather prediction is provably impossible. Barring time travel, some things are demonstrably "lost".
I will accept this answer, for now
For now? Unless you're some kind of reality-warping eldritch horror this ain't changing anytime soon. The hidden variable hypothesis was tested...and it failed. The Heisenberg Uncertainty Principle is hardwired into the very nature of our universe, and the properties of chaotic systems, including their unpredictability, follow directly from their definitions as mathematical objects. Again, not much you can do to change it. And that's *without* getting into the rabbithole of whether or not the universe is *actually* deterministic. Spoiler alert, it might not be! True randomness exhibits a number of interesting and useful statistical quirks, and apparently stochastic processes like radioisotope exhibit these same quirks. In other words, they sure as hell *look* random, and the most widely accepted view is that they are in fact random. However, there *do* exist strictly deterministic models of quantum mechanics, and it would mean that such seemingly random things as cosmic rays are actually nothing of the sort.
Yes, for now. You sound like you're smart and know more about this than me. I'm just not discounting the possibility that someone somewhere sometime in the future is even smarter and disagrees with you. >Unless you're some kind of reality-warping eldritch horror Y͘͟҉̤͕̯͔e̢̜̩̠̩á̻̞͞h͉̱̙͜.̺̘.̸̴̳͔̺̗͍.̡̲ ̖̯̻͉͕̻̦͓̜á̯̺͘͠b͙͇̗͚̥̳̼̲͞o̟̱͘͟͢ù̢̨͚̰͔̗t̸͈̭̰̞̤̼͇̯ͅ ҉͔̱̙̟̩̲ͅt͚̬̼̯͈̩̱̺h̶̵̝a͉͍͓͜͞t̼̫̕.̶̖̟̘̺͓̳͓͘.̶̨̱͍̣̗̺͍͈ ̛̳͓̟͍͓̯̫̤ͅ
Many years ago i watched a TV programme in which it was suggested that with sufficiently sensitive equipment, it might be possible to "lift" sounds from a painting, thereby gaining insight into what had happened during the creation of the painting. With each new advance in electronics and in processing power of computers, it seems to me that some day - perhaps not too distant? - we will inevitably reach the point where this becomes possible. What should we name such a device, once it's brought into existence? Chronophone perhaps?
There was an episode of Mythbusters where they tried getting sound off a painting and also off a ceramic pot without any success.
Remember the scene in the original 1979 Blade Runner when Deckard uses the Esper machine to 'go inside' a color polaroid photograph of a room, and see around the room in 3D, and even look around corners? It was mindblowing at the time, and we all scoffed at it as just sci-fi nonsense. Turns out that last year researchers developed a technique of looking inside a 2D image and developing a 3D model of the scene captured in the image, allowing them to see behind objects and around corners.
AI making wild guesses about what might be behind a corner is no better than a person. The point of that tech was cheaper production of special effects, not some kind of absurd telepathic sensing.
In the Blade Runner scene, Decker is zooming in on reflections that reflect a different part of the room. I think he ends up zooming in on a reflection within a reflection, at something like 1000x zoom, but it's an example of the insane "enhance" trope, not generating info that's not in the view of the camera.
I don't understand how this lamphone thing works. So they are reading vibrations off a lightbulb and then somehow figuring out what was being said/played in the room at an earlier time? I can't wrap my head around any of it.
Not at an earlier time. They're basically using the light bulb as a microphone. Sounds vibrations cause the frequency off the light coming out of the light bulb to change. They then use a telescope hooked up to some optical sensors and a computer to translate the changes in light frequency back into the sounds waves that caused them. It basically makes it so that instead of planting a hidden microphone to spy on someone, you just need to point a telescope at a light bulb in the same room as then.
Yes this makes so much more sense! Thanks! But there's a part in that abstract that I thought talked about time...is the idea here that one day we hope to read these vibrations from the past?
I was first introduced to the theory in an Asimov story. The idea as I understand it is that with sensitive enough equipment, plus the ability to somehow read information that has been traveling away from us at the speed of light since it was created, we could "read" the past instantaneously by going far enough out from the planet and looking at the various radiation being emitted. In the story the technology is suppressed for as long as possible, as once created it destroys the concept of personal privacy. If you can read the information emitted ten thousand years ago anywhere on the planet, so can you the in formation emitted effectively in real time.
The Dead Past, by Asimov. https://en.wikipedia.org/wiki/The_Dead_Past?wprov=sfla1
Unfortunately, the speed of light can be thought of as *definitionally* the speed of information propagation. There is no “present time” except local time. If, at point B, you were far enough away to read into the past of point A, you still wouldn’t be to perform an action that affected the “present” of point A: any action you performed would occur at the time on point A that is proportionally in the future of point A, based on its distance. Even stuff like quantum entanglement never exceeds this informational limit. It can only *retroactively appear to have been identical,* even if you ignore that the particles also need to be separated across space (at best at the speed of light) in the first place in order to be useful.
They use that idea in Battlefield Earth as well, teleporting a recording device to the appropriate distance. Now all we need is teleportation...
There are *many* variations on it. There’s a C S Lewis story where a scientist discovers a substance in your brain related to memory and realises that you don’t *remember* but rather look vaguely into the past. Then he purifies it and makes a machine out of it for viewing the past, and then realises that the past could be a second ago. And also he needs lots of braaaaaains to chop up to make his substance out of.
Do you know what it's called? I can't find it in a quick bibliography search.
Look up: > Now I claim to have isolated what I call the Z substance in the human brain. On the purely physiological side my results have been published. It's from: The Scientifiction Novels of C.S. Lewis: Space and Time in the Ransom Stories
Interesting!
The abstract talks about doing the acquisition and processing in real-time, essentially meaning that the acquisition and processing happens while the conversation is happening, rather than recording data and having to process it until next week to get the actual speech data back. I didn't see anything that indicated it would be possible to recover past conversations.
Nothing in there talks about time, I'm not sure what you saw.
Probably just stoned and dreamed it. lol
i didn't read the publication but do they talk about how loud the original audio is?
They mention that its good enough that when playing music, Shazam can identify the song, and when people are talking, google text to speech is able to identify the words.
sorry, I meant how loud is the sound as it's being emitted. like how many decibels are pushing through the air to move the lightbulb in a way that's detectable? 'cause if it's 110+ then that's "understandable", if it's like 60-70 then that's impressive as fuck (and I don't mean to diminish the accomplishment either way, it's impressive, but I do think the distinction is important).
[удалено]
Dang, then that's super impressive
It's like the second episode of *Picard*.
Oh yes, that explains it. The ol' second episode of Picard.
That is very impressive; the three sounds bites at the end are quite intelligible indeed.
Wow, I hate this. I mean it's impressive as fuck but I hate it.
A clear case of just because we can, doesn’t mean we should.
Well we can use lasers to help recording of speech from the vibrations of windows. [Laser microphone](https://en.m.wikipedia.org/wiki/Laser_microphone)
Unshielded video cables can let enough is a singal.thriugh that people can watch your screen remotely.
I think there was an entire research department dedicated to seeing if you could figure out what a processor was doing based on fluctuations in power consumption or frequencies emitted from inside a pc. CIA or FBI, can’t recall which. Back then they couldn’t do it, I think an Israeli lab got it to work in the last few years. Edit: and then there is row hammer.
The only truly secure computer is inside a locked vault with no external connections at all, including power. And guarded my an armed guard and a dog, whose job is to bite the guard if he tries to open the door.
Until the guard brings in a steak to keep the dog busy while he opens the door.
That is where the second guard comes in.
And the second dog in case the second guard gets any ideas.
Don’t forget the second steak for the second guard to distract the second dog
True, the only truly secure computer is the one that is switched off.
Next you're gonna tell me Nicholas Cage has to get into that computer to find a national treasure...
Alas there was the new library on the computer and no backups... XD
The computer IS the national treasure...
I wrote a program that was called PC Beacon. What it did was you could remote into the PC and have it do things like a blinking screen or use the PC speaker to make noise. This way if you didn't know where the PC is, you could play Marko Polo and easily find it.
Imagine the scare when you send out the Marko command to an infected station, and your own computers yells Polo at you.
That would be funny. Here is the post where I released pc becon. https://www.autoitscript.com/forum/topic/77180-pc-beacon/
> Crazy that the most secure systems are still vulnerable. Physically secure, sure... sounds like that computer hadn't been patched in ages though. But yes, no network, no external connectivity whatsoever, located in a SCIF, and highly vetted personnel using it is the only way... and even that's no guarantee in preventing certain types of attacks (see: Snowden).
Don't forget to remove the mouse/keyboard, floppy/cd/dvd drive and disable bluetooth and the usb ports.
Still able to be attacked, if you can get physical access. Even ignoring the possibility of an attacker bringing their own interface devices and forcing the machine to boot into an environment they control, they could always just yank the drive(s). Physical access to a machine is game over for cybersecurity.
This is why I dont get the hyped up news articles about the next usb exploit a few months back (dont recall what it was called) Rubber duckies and other usb attacks have been a thing for many years and its inherently not patchable. If the computer can be touched or something physically inserted its game over, only exception being stuff where physical access usually doesnt include any actual usb ports or the like (ATM's for instance)
> If the computer can be touched or something physically inserted its game over, only exception being stuff where physical access usually doesnt include any actual usb ports or the like (ATM's for instance) I dunno anything about ATM construction, but unless whatever internal drive it has is soldered or it uses a SOC or something, it could theoretically still be attacked. Hell, possibly even then - I wouldn't be surprised if there were malicious devices that you could splice onto cabling. Course, you'd have to get into the damn thing and they probably make that *very difficult* - at least without obvious signs of tampering. Never mind the fact you'd be on camera the whole time, since they're *very firmly* mounted. External I/O doesn't matter if you can get into the hardware itself.
True, that.
>"Didn’t they know that the only unhackable computer is one that’s running a secure operating system, welded inside a steel safe, buried under a ton of concrete at the bottom of a coal mine guarded by the SAS and a couple of armoured divisions, and _switched off_?"
I think that a computer on a distant space probe with no battery would be a strong contender.
I was going to mention software updates to Voyager until you got to No Battery.
I mean... technically, the Voyager probes don't actually have a battery, I don't think. Unless you consider an RTG a battery.
I meant no battery as a general turn of phrase for no juice. I think Voyager still has some life in it for the moment, but is definitely in the later half of its lifespan.
Science data should be returned until 2025. Engineering data (space craft health, telemetry, etc) should be returned until 2035 or so.
Thanks for following up on that. Your response about returned just sparked an idea: How much (if at all) is Voyager able to be managed remotely? If that door is already completely shut, then we could consider it to be impervious to future tampering right now.
So... Voyager?
If you have the physical switchport it was connected to it should have been easy to find the PC. Just follow the cable... /s Any time I visit one of the locations I'm responsible for I bring a notepad, and make drawings of any area I visit, and mark down every effing RJ45 port I see, and what they're marked with. This is later compared to the patch panel in the comms room (So I know if there are still 'missing' points) and refined onto a halfway decent floorplan. Every point is also written into a spreadsheet, so I know that 3.1.15 isn't only 'floor 3, point 15 on the first panel', but also that it's Room T323. It's a massive job, though, but doing it bit by bit, I'm not overwhelmed completely. If there are 'leftover' points in the comms room, the numbering may give clues as to where they are. (Most cable monkeys start numbering at one wall, and work in a straight line. So a 'missing' line is probably close to one with a nearby number. Unless it was added later) In the future, if I get a message about a virus spewer or 'illegal' PC on the network, and get the switchport, it should be just a moment's work to follow the patch cable to the panel, then glance at a poster above it to find where the offender is hiding. I hope...
> It really is true that the only way to keep a computer safe is to unplug the network cable. You spelled "power source" wrong.
what if the device is POE?
You're still disconnecting the power source then, aren't you?
Touché
I worked in a library after high school. It was a very pleasant... until one went into the extension, which was in the basement. The lighting was almost nonexistent, and they had picked a dark brown color for the walls (at least, I assume so, it was hard to see them). Being down there left one feeling quite alone and afraid. There was only one way down, via a special elevator, and no one went down there unless they had a job to do there. And the books they kept down there. I shudder to remember them. I guess there's a reason for places like that, none of those books would be appropriate to leave in view of the public (I exaggerate a bit, but they did keep the controversial stuff down there, like an illustrated guide to historic martyrs).
Did you have a copy of the book with the human skin leather cover?
I don't know. I spent as little time down there as possible, so I didn't see everything. There was no echo at all in that place, and it always felt like someone was standing right behind you.
Way back around 2000, I was in a meeting with the executive team of one of our current clients. They had an ecommerce system we designed and maintained. The president of the company demanded that we provide a system that was 100% secure. It took quite awhile to make him understand that wasn't possible. This was only a few months after I was in a similar meeting with the same customer and our sales guy made the statement that their new server would provide them with 'infinite capacity'.
I wonder if a LiveCD based computer with no local storage would be suitably secure? Nothing would write to the CD, and as soon as the computer was rebooted, the ram would be cleared. You could access the web and not worry about any downloads since they would go away on reboot.
There is no such thing as an unhackable computer, or an unpickable lock, or an unbreachable security measure of any kind, there is only not worth the time and effort.
Wait... how does your network department NOT have a drop-map?
This was over 15 years ago and at the time our network was a hodge-podge of various depts trying to make it work. Luckily it’s all been upgraded and redone so it works much better now.
Crazy story. Even crazier that you had to do a room by room search. Were you not using managed switches? You should have been able to narrow it down to a switchport on a specific switch even if someone plugged in something unmanaged at an end device.
This was over 15 years ago in a highly non-centralized university (at the time, MUCH better now). Finding the port on the switch might have been possible but there was probably no record of where the physical jack was. This building still had 10-base half-duplex copper networking in the walls, most likely installed by Alexander Graham Bell himself.
> installed by Alexander Graham Bell himself LOL, that made me laugh
Got a lot of stuff in my place that is not documented either. It can be an absolute nightmare. The environment you just described literally made me cringe.
Was this at a large University in Pittsburgh? Because I was told this story over 20 years ago at a large University in Pittsburgh.
Large university in SC, not PA. Sorry.
It’s all a lost cause - look at the work of Mordechai Guri - even air gapped computers are not safe.
My security professor in college once said the only perfectly secure system is one that's never powered on.
The only way to truly secure ANY computer, is to wipe the hard drive, disconnect it completely and put it back in the box.
We came in to our office a few months ago, and couldn't access our primary POS software. It turned out that it had been encrypted by some ransomware. We went searching, and found that the infected computer was the owner's. The owner who rarely comes into the office, and hadn't been in for weeks. We have no idea how that PC was the one that got infected. (fortunately, we only had to reimage that machine, and restore the backup on our server)
This makes me think of the Stuxnet virus. They managed to get that over an air gap onto the Iranian computers that were running their centrifuges.
I'll bet it was some kind of Pentium II-based machine that ran who-knows-what back in its day....
It's all about the Pentiums, baby.
Why would a library have a literal vault? Also, if they hadn’t opened it in forever, so nobody should have touched it in ever, how did a virus get onto the computer? I am confuse
1) to store things securely. 2) over the network. A very common malware infection vector now.