Thread: Idle fun for net hackers..
View Single Post
  #80   Report Post  
Posted to uk.d-i-y
Tim Watts[_2_] Tim Watts[_2_] is offline
external usenet poster
  
Posts: 4,453
Default Idle fun for net hackers..
Rod Speed wrote:

David WE Roberts wrote
The Natural Philosopher wrote
David WE Roberts wrote
Bernard Peek wrote
The Natural Philosopher wrote
Bernard Peek wrote
The Natural Philosopher wrote

Well thats uyouir knowelege limits and I have mine.

I know.

Let's say that if anyone has broken in they have left no trace
and altered nothing. Or I would *know*. Which makes it 'not
compromised'

Absence of evidence is not evidence of absence.

Hint: there is no such thing as an undetectable change.

I'd like to see evidence for that assertion.

Are you really stupid?

I'm a philosopher. I was hoping that you knew something that I
didn't and I could learn something. It seemed improbable given the
ignorance that you appeared to be displaying but hope springs eternal.

If a change makes no difference to anything, ipso facto, it is
not a change. All changes therefore must make a difference, and
are therefore detectable.

Yes, but as I pointed out in the post to which you replied absence
of evidence is not evidence of absence. You can know that you
haven't detected a change, but you can't know that there is no
change. Absence of a change is not detectable.

Why don't we ask Schr�dinger's cat?
Damn - it's hiding in its box.

Best you can do is affirm that you have been unable to detect a
significant change in the items you are measuring and this meets
your requirements for assurance and security.

exactly, An undetectable change that results in no detectable
activity by anyone in the whole universe is not a security risk.

Come on, sense of balance ;-)
You are not everyone in the Universe.
There might be someone out there who knows a way to change a system
which is not detectable by the currently publicly available tools.

Nope, not with hashes over the entire storage system there isnt.

What's protecting the hashes?

More hashes... And what protects them?

It's a parallel problem to the old: who watches the watchers...

And the other obvious way to completely protect a system is
to just restore it entirely periodically so what any change that
ever did happen just gets wiped out.

Did they hack your install media?

Corse that last is only practical for some situations, but would
work fine if say you want a completely secure web browser and
dont want to keep any local record of what you have browsed etc.

One loon I communicate with ocassionally is so mindlessly oaranoid
that he quite literally uses a DOS machine with some utterly obscure
approach to net access to usenet from, so he cant actually use any
links in usenet posts. It would make a hell of a lot more sense to just
restore that machine from an image after every usenet session instead
and do whatever looks useful links wise in that session with no risk
whatever.

I still maintain ZERO risk is impossible and I am confident that I am right.

However, what matters in the real world is whether that risk is
acceptable... For most people, reasonable precautions are sufficient.

For me, if "they" hack my home servers, they might delete my data or use it
as a staging post to hack someone else. It would be a pain, but I have many
backups in different places and "they" would have to be targetting me
personally to locate, attack and damage all of them. In reality, my box
*might* be attractive as a bot or a proxy but I doubt anyone would bother to
damage it. So I class my risk factor as quite low and generally stick with
auto patching stuff.

Work is different - with 2GBit/sec connectivity, we are a more useful target
so the risk is higher. Work is also more visible.

If the computer however is in the final loop of a nuclear missile lauch
chain, then (barring more primite interlocks in its way), a small risk is
highly unacceptable.

Getting back to reality again - there was a problem in the US where someone
got control of some big water pumps which may, or could have cause pump
damage:

http://www.itproportal.com/2011/11/1...outh-houstons-
water-supply-network/

http://www.huffingtonpost.com/2011/1...is-water-pump-
failu_n_1103498.html

The likelihood of this, and also the added likelihood of this person
choosing to attack your system instead of any other, is part of your
risk assessment.
--
Tim Watts
Reply With QuoteReply With Quote