"rbowman" wrote in message
On 10/09/2015 11:08 AM, Robert Green wrote:

stuff snipped

It took the entire Federal data world a long time to realize
that you not only have to order diskless workstations, you have to order
ones without USB, network or serial ports, either. Chelsea Manning and
Edward Snowden explained it to them.

Back then if the IBM CE had to have access to the secure area we had to
remove the printer ribbons just in case he was a Russkie spy with a lot
of time on his hands to try to patch together the ribbon strikes.

As I recall the Sovs built a device that allowed them to drop a used IBM
Selectric ribbon in the machine and get a printout of everything that had
been typed. The only problem is that spaces weren't recorded on the ribbon
and had to be guessed at.

Soinalineoftypelikethisyouhadtofigureoutwheretoput thespaces.

iirc, the Iranians learned if you let people with thumb drives near your
air-gapped system your centrifuges tend to rev up to 9 million rpm and
go boom.

The Sovs learned something like that when one of their oil refineries
exploded after they had stolen refinery control software that had been
specially modified by the CIA to allow one of the holding tanks to be stoked
to an 'impossible to contain' pressure. It was a huge explosion.

I saw a piece about how easy it is to get a company employee to insert a
compromised CD or USB stick into the company's network. The people running
the test just left them in sealed envelopes around the building at tables
and in the restrooms that were marked: "Salary information for Company X
executives."

Nearly ALL CDs and USB sticks so marked found their way to the company's
network. It was well above 90%. Such information was apparently just too
much for curious minds to ignore given the way some companies treat their
exec salaries like State Secrets. My wife has to take classes every year
now about how to recognize social engineering attacks because they have been
used so successfully. It's thought the recent huge breach that exposed the
personal data of so many Federal workers began as a social engineering
attack.

The game just keeps goingm, though. It turns out that when they closed off
the USB ports, snoopers just inserted keystroke recorders and picked them up
later.

I'm always amazed at how many PCs I come across in the business and medical
world that are incredible insecure and vulnerable to all sorts of attack
vectors. I have to overcome my temptation to unplug card readers, printer
ports, network ports, etc. Most PCs are not designed to offer any way to
lock down input and output cables. I suspect somewhere in the country at
any given time, a lot of information is being siphoned off by skimmers,
recorders and various forms of vampire taps.

Speaking of recovering things from carbon ribbons, my Brother Fax uses a
huge, page-wide roll of carbon film upon which every fax ever sent or
received is immortalized in negative form on the ribbon. No (not very)
complex reconstruction of keystrokes is required. Just holding the ribbon
to the light will do.

--
Bobby G.