We Make eCommerce Simple for Small Businesses
  SEOsamraat
  • SEO Home
    • SEO for Corporates >
      • Beat Your Competition With SEO
    • Power Searching
    • Keyword Research
    • SEO Best Practices
    • Types of SEO
    • SEO for Images
    • Optimized Content
    • SEO Tools
    • Webmaster Tools
    • SEO History
    • Future of SEO
    • SEO Basic Consulting
  • Workspace Home
    • Store It All on Drive
    • Move Write with Docs
    • Work with Sheets
    • Collaborate with Slides
    • Win Big Thru Sites
    • Sync Calendars to Meet
    • Get Secure with Vault
    • Get a Quote
  • Online Reputation Home
    • ORM Security
    • ORM Keywords
    • ORM Hiring and Training
    • ORM Legal Landscape
    • ORM Social Media Policy
    • ORM Tools
    • ORM Branding
    • ORM Goals
    • ORM Strategy
  • Blog
  • Digital Products
    • Password Creation Checklist
    • Glossary of ORM Terms

the fantasy of airgapping for safety 

8/10/2014

2 Comments

 
Picture
Recently while researching the topic of security breaches at corporates, I came across this interesting nugget from the Wall Street Journal that Kellogg’s, the storied American cookie- and cereal bar-maker, is so obsessed about cyber spies ferreting away its trade secrets that it makes sure they are stored in a computer that is not connected to the internet.

“Kellogg's management is especially worried that cyberattackers might try to steal the company's know-how, like the way it puts the ‘Snap, Crackle and Pop’ in Rice Krispies or  the curve in Pringles potato chips, according to two people briefed on its computer defences,” wrote the WSJ. “Information on our recipes, including where they are stored, is proprietary,” said Kris Charles, a Kellogg spokeswoman. In a February 2014 securities filing, Kellogg said, “To date, we have not experienced a material breach of cybersecurity.” Looks like Kellogg’s is very happy with its tactic.

But is this approach hackproof? I turned to authors Richard Torrenzano and Mark Davis for insights from their book Digital Assassination. They let us know that cybersecurity experts have a name for the process of sealing a computer by taking it off from the internet — airgapping. It refers to the belief by certain ccybersecurity experts that “a computer system that is not connected to any other computer or to the Internet is safe”. But Torrenzano and Davis are not very impressed by airgapping. They say, “If evolution teaches us anything, it is that intelligent systems like to network. Of course no computer is going to extend its own cable and plug itself in. But a computer doesn’t have to network itself, because every computer comes complete with a parasite called a human, a creature with an irrepressible desire to network.”

RISKS OF A MERE NET CONNECTION

So airgapped computers may not be very safe because they are handled by humans, who have a tendency to network. But what happens if a computer is plugged into the internet and allowed to run without any human intervention? Torrenzano and Davis tell us that just such an experiment was conducted by a leading IT company. In step 1, “the company’s engineers purchased a garden-variety PC from a chain retailer”.

In step 2, “they installed in it the best off-the-shelf antivirus, anti-spyware protection, and firewall software packages available”. In step 3, “they connected this PC to the Internet. They did not use it for anything. They just tracked the flow of code into and out of the machine”. Any guesses on what happened next?

The authors wrote, “Within four hours the engineers detected the first ping by a potential hacker. In two weeks more sophisticated software from a computer in Canada slowly embedded itself in the PC and started running its own software. The Canadian computer soon set up links between the enslaved zombie PC and a computer in Singapore, which used the PC to attack a network in Poland.”
So despite the precautions taken, most computers invite security vulnerabilities merely by being connected to the internet. Imagine then the risks involved in the careless approach to security of most users?
Airgapping may have its benefits in certain circumstances. Here too, a lot depends on the discipline of the human handlers. No wonder many hackers stay invested in social engineering. For most ordinary people, however, nothing much can be accomplished at work or leisure without an internet connection, especially in these days when Cloud Computing is all the rage.

e.o.m


2 Comments

    Archives

    December 2014
    November 2014
    October 2014
    September 2014
    August 2014
    July 2014
    June 2014
    May 2014
    April 2014
    March 2014
    February 2014
    January 2014
    September 2013
    August 2013
    April 2013

    Author

    I'm Georgy S. Thomas, the chief SEO architect of SEOsamraat. The Searchable site will track interesting developments in the world of Search Engine Optimization, both in India as well as abroad.

    Categories

    All
    30th Annual TED Conference
    A/B Testing
    Adsense
    Adwords
    Aggregation
    Airgapped Computers
    Alex Gawley
    Algorithms
    Amazon
    Andreessen Horowitz
    Andy Conrad
    Astro Teller
    Ben Horowitz
    Bill Gross
    Bing
    Bitcoin
    Boston Dynamics
    Brand Management
    Brin
    Buchheit
    Business Insider
    Cailliau
    Charlie Rose
    Code Messages
    Coders
    Competitive Analysis
    Credit Card
    Crown Jewels
    CSAT
    Cutomers
    Cyberattackers
    Cyber Criminals
    Cybersecurity
    Cyber Security
    Cyber Siberia
    DATA PROTECTION
    David Krane
    DeepMind
    Digital Assassination
    Digital Innovation
    Diversity
    Donkey Kong
    Douglas
    Douglas Edwards
    Doxing
    Driverless Car
    Dunbar Number
    EBook
    Ebooksearch
    Ebookseller
    Ebooksellers
    Ecommerce
    English Auction
    Facebook
    Facebook Page
    Fetch As Google Tool
    Financial Times
    Flat Organization
    Flicker
    Fortune
    Fraudulent Activity
    Generic Names
    Giant Target Corp
    Gmail
    Google
    Google Analytics Tool
    Google Apps
    Google Chauffeur
    Google Maps
    Google Search
    Google Story
    Google X
    GoTo.com
    Greg Boser
    Gregg Steinhafel.
    Guruji.com
    Hackers
    How To Queries
    Huffington Post
    Human Flesh Search Engines
    IBM
    I'm Feeling Lucky
    Incentives
    Internet
    IP Addresses
    Japanese Auction
    Jeff Bezos
    Jeffrey Brewer
    Jill Abramson
    Kellogg’s
    Keyword Research
    Kindle
    Larry
    Larry Page
    Lidar
    LinkedIn
    Links
    Lori Randall Stradtman
    Luck
    Mail
    Malware
    Mark Davis
    Mauboussin
    Michael Mauboussin
    Microsoft
    Microsoft Stable
    Moonshot
    More Than You Know
    Neocortex
    NeXT Computer
    Nicole Perlroth
    NYT
    Nytimes.com
    Online Reputation Management
    Passwords
    Paul Buchheit
    Phishers
    Phrasal Searches
    Planet Google
    Project Loon
    PROPUBLICA
    Puzzles
    QWERTY
    QWERTY VS. DVORAK
    Recommend
    Reconsideration Tool
    Reid Hoffman
    Richard Torrenzano
    Robert Cailliau
    Robin Dunbar
    Satya Nadella
    Scams
    Schaft
    Scoop
    SEARCH ADVERTISING
    Search Engines
    Search Patterns
    Search Queries
    SEO
    Seo Agency
    SEO Analysts
    SERENDIPITY
    Sergey Brin
    Shari Fujii
    Silk Road
    Skill
    Social Networking Sites
    Spam
    Spammy
    Steve Jobs
    STORY MARKETING
    Streetview
    Stross
    Success Equation
    Suspicious Activity
    Systran
    Tell-Tale
    The 20% Doctrine
    The Age Of The Unthinkable
    The Art Of Strategy
    The Atlantic
    THE BANDWAGON EFFECT
    THE DUTCH AUCTION
    The Guardian
    The Legend Of Zelda
    The New York Times
    Think Twice
    Tim Berners-Lee
    Trivia
    Union Public Service Commission
    Uper Mario Bros
    URL
    Venture Capitalist
    Vigilantes
    Webmaster
    Webmaster Tools
    Website Traffic
    Wii
    William Vickery
    Wired Article
    World Wide Web
    WYSIWYG
    Yahoo

    RSS Feed

    View my profile on LinkedIn

About Us
Contact Us
Consult Us Now
Write to Us 
Terms of Use
Privacy Policy
Copyright © 2022 Proseperity
Photos used under Creative Commons from futureshape, a4gpa, taymtaym, Esparta