The New Code War

[Realitycheck]

The latest round of cyber invasions is really starting to shape up like a real life cyberpunk novel. If the original design of the internet was flawed, is this one of the reasons why protected systems can still be thwarted and manipulated? If the majority of the world used Unix-based systems, would we be much better off security-wise, or would the level of malware be just as equally advanced? I'm starting to see how perhaps some of these big corporation's hacked computers are not necessarily backroom computers running Windows 98 or the like. What will happen to make things more secure, when a full deck of security software and a router just isn't enough?

[Realitycheck]

Please delete duplicate thread.

[Hal.]

What will happen to make things more secure, when a full deck of security software and a router just isn't enough?

 

nbfvjfj u[9u4g89gyCJ#BLURFFHRLIVNC,KVSNVLHG4R[FUYEIOU.tw..EsOISMXLKMLKMVKJFRH]IURUOIaYRUHVKJVBLHJ=;I=EIBVKJvxklmvvf0;'.v'.'.v][plrfjoijevi1ugriyvnm;lc;v,.vc'/.v;lejliwkj1xhkjsbksxwkureiorofyp5irpo90,340984789832409jvrflnv ,./knkjfvhgbvbfvphphg8p95t2ut009g8uhy827p588gi]g-ogbvkbmkhuhilvthutn;oi4j2ig8y5go8p8y509

 

Something like that !

[Realitycheck]

Are you trying to say that all exploits are really just the result of weak spots in discipline, like the back office computer that is missing firewall software? When the article states that virtually any system can be hacked, that has a pretty powerful sound to it. It's odd though, that I've never really read that before.

Edited August 8, 2011 by Realitycheck

[CaptainPanic]

Are you trying to say that all exploits are really just the result of weak spots in discipline, like the back office computer that is missing firewall software? When the article states that virtually any system can be hacked, that has a pretty powerful sound to it. It's odd though, that I've never really read that before.

Like with a safe: the quality of a safe is expressed in how long it would take someone to break into it (using a plasma torch or whatever)... not IF it's possible (it always is).

If the effort it takes to hack into a system is more costly than the possible reward, then your system is safe enough.

 

I agree that any system can be hacked, if you note that you just need enough information about the security to breach it. You can just infiltrate (even in a physical way) the less secure systems, and build from there. You just need enough information about the security protocols to avoid them. If you cannot hack the technology from the outside, then you just have to disable it from the inside. And you can get on the inside by applying for a job. Sure, it's a big effort to break in, but it can be done.

[Hal.]

Realitycheck , it looks like post #4 is a question to me , at the time it was made nobody else had replied , there are duplicate threads so I don't know if a post or two has gone missing . In post #3 , I only mean that good coders are what is needed .

 

Take a walk in the town near you . See the streetlights at night , camera's on buildings , locked doors , thick windows , security guards , high walls , steel spikes + railings , keep out signs , patrols + dogs , police , all to stop people getting into offices , banks , etc to have a look around . I don't know if you are old enough to recall what businesses were like 25 years ago , they all had a little room with paper records in it looking like a little library . They put that on a computer disk now , if ever it would be accessed I'd hope the perpetrator will find ,

 

ufhg7yb"bc7yc?7to5278ygtflknq;wj3298757g8ggghbvljlhde2hh287568972pgyyt7lbljd ,

 

and not know what it means and have no chance of ever knowing what it means .

[Marqq]

Isn't it possible for a system to be unhackable (from the outside, at least)? And I don't mean just by way of disconnection from outside sources... Sandboxes seem to work well for maintaining security; could separating programs' work environments be the answer? With the advances in data storage these days, shared files and libraries could be easily duplicated for each program that uses them....though this could lead to the necessity of longer periods between updates (months, even!!). All this would, of course, require some new OS (does one exist already that works like this?), and years upon years of extra development, and that's just the first step! Managing a program's access to files and locations, it seems, would also be key...

 

Just gotta point out, I'm no computer professional or anything, but it seems that if we take out many of the 'bells and whistles' of modern operating systems, all data could be considered innocuous. All the multitasking stuff, especially...running hundreds of processes in the background with cryptic names and associations...I just don't trust that stuff! IMHO, only a few things should be allowed to run automatically, outside of being explicitly set by the user. One of the main things (in windows vista, at least) is that programs can run without showing in the task manager, except as 'processes and services'. I think hiding the information from the user, and functions like it, are the source from many of the loopholes malware exploit. Once again, not a professional, talking out my rear, all that good stuff...but really, these things don't do anything we don't tell them to do, so to avoid confusion, [acr=Keep It Simple Stupid]K.I.S.S.[/acr]!!

[khaled]

Cryptography, Keys Distribution, Hashing, and Integrity Check ...

 

But the question that Security people fear most is: is the system designed to steal your information ?

 

Because if it's true, then no security can work,

Edited August 9, 2011 by khaled

[CaptainPanic]

Mandatory XKCD reference.

 

 

Seems (remotely) relevant.