Jump to content

Breaking up data streams.


lewmur

Recommended Posts

There seems to be a tendency to feel technology has put us in an insecure environment where we sacrifice security for convenience. I think this is selling tech short. To me the real problem is we depended on way too few companies in the development of computers and now we have billions of systems all using the same systems. Learn to hack one and you can hack billions. We depend on ONE SINGLE protocol for networking ALL computers. The WEB!!!

 

I believe that it is not only possible but necessary that companies develop their own data storage and transmission protocols. ASCII, afterall, isn't the only method for streaming data. IBM had their own for decades and Western Union did also.

 

But I believe one of the easiest methods for securing data transmissions would be to break up the data into multiple streams and using different routing for each stream. That way, only the sending and receiving portal would ever see the entire stream. And by streams, I don't mean "packets". I mean data bit one in one packet and data bit 5 in another.

 

For decades the MS crowd has been claiming for decades, that the reason Linux didn't get hacked as much was simply because not as many systems used it. What does that say about a company that has is own, private, copyrighted OS?

Edited by lewmur
  • Like 1
Link to comment
Share on other sites

securitybreach

While I agree, there needs to be open standards as the ones you describe (IBM and Western Union) were proprietary/closed systems. The problem with those type of systems is that once a vulnerability has been found, it is much more difficult and time consuming to issue a fix. Think of how many exploits are out there for closed systems versus the amount and time frame that they are fixed with open source systems.

Link to comment
Share on other sites

While I agree, there needs to be open standards as the ones you describe (IBM and Western Union) were proprietary/closed systems. The problem with those type of systems is that once a vulnerability has been found, it is much more difficult and time consuming to issue a fix. Think of how many exploits are out there for closed systems versus the amount and time frame that they are fixed with open source systems.

I disagree entirely. Why would a bug in a simpler system be harder to fix? As Spock would say, that is illogical.

 

BTW, the Western Union system was the ONLY system allowed, for a very long time, for sending International Letters of Credit because it didn't HAVE any vulnerabilities. Primarily because it WAS a "closed system". Even their transoceanic cables were private.

Link to comment
Share on other sites

securitybreach

I never mentioned simpler, I said open. Think about it....proprietary implies that only a handful of people in the company have access to code therefore only a few eyes are working on it, whereas opensource has developers all over the world looking at and improving the code.

 

Hence why bugs are fixed much faster in the open source world than in closed, proprietary systems.

 

There is a good reason that vulnerabilities and bugs in open source software gets fixed much faster than closed systems.

  • Like 1
Link to comment
Share on other sites

I never mentioned simpler, I said open. Think about it....proprietary implies that only a handful of people in the company have access to code therefore only a few eyes are working on it, whereas opensource has developers all over the world looking at and improving the code.

 

Hence why bugs are fixed much faster in the open source world than in closed, proprietary systems.

 

There is a good reason that vulnerabilities and bugs in open source software gets fixed much faster than closed systems.

Yes, please do think about it. Opensource has hackers all over the world looking at ways to invade your system. Remember, I'm not talking about replacing all of a companies computers with the private system but rather ONLY the ones handling and transmitting sensitive DATA. Linus Torvald's original Linux OS, which he wrote BY HIMSELF, could handle that task.
Link to comment
Share on other sites

Guest LilBambi

Yes, having a new more secure heavily encrypted protocol riding on the vast ocean of the Internet could help.

 

We used to have a bunch of other insecure protocols that have mostly been abandoned due to insecurity or not being needed.

 

Some VPN or specialized point to point solutions if encrypted enough could be a solution, or a totally new point to point single networking pathway could be devised.

 

Some have tried to do that with dual network cards and local and/or point to point pathways on the same computers as a network card that allows Internet access.

 

That only works so far...it is too easy to get infected with malware from the Internet that crosses into the local or point to point side of the same computer thereby nullifying the whole security.

 

They have even tried having dual computers on different 'networks' but using floppies or USB drives to take certain data between the becomes problematic.

 

I am not sure what the ultimate solution will be, but I totally agree with one of the SANS Admins when they said, and I am paraphrasing I think: "what part of NO critical systems should be on the Internet do you not get?"

Link to comment
Share on other sites

Yes, having a new more secure heavily encrypted protocol riding on the vast ocean of the Internet could help.

 

We used to have a bunch of other insecure protocols that have mostly been abandoned due to insecurity or not being needed.

 

Some VPN or specialized point to point solutions if encrypted enough could be a solution, or a totally new point to point single networking pathway could be devised.

 

Some have tried to do that with dual network cards and local and/or point to point pathways on the same computers as a network card that allows Internet access.

 

That only works so far...it is too easy to get infected with malware from the Internet that crosses into the local or point to point side of the same computer thereby nullifying the whole security.

 

They have even tried having dual computers on different 'networks' but using floppies or USB drives to take certain data between the becomes problematic.

 

I am not sure what the ultimate solution will be, but I totally agree with one of the SANS Admins when they said, and I am paraphrasing I think: "what part of NO critical systems should be on the Internet do you not get?"

Let me make sure everyone is understanding what I'm talking about. Every text char or numeral is made of an eight bit byte. When you encrypt, you scramble those bits. What I'm talking about is NOT sending the bits together. Every bit could be sent in a different data stream. Much like the old printers where each bit was sent on a separate wire.

 

Btw, almost all encryption to today is based on algorithms and depend on a single key. A "book" code is based on both ends using the same "book" in the same manor and therefore never repeats. It is repetition that makes codes "breakable". At one time, book codes were fairly limited in that a spy could only carry around so many books. Today, a spy can carry around the entire Library of Congress, and more, on a tablet. And one isn't limited to using only books. Any "digital media", such as video or music CDs, could be used.

Edited by lewmur
  • Like 1
Link to comment
Share on other sites

You're talking parallel computing, Lew. It's not feasible with today's technology. Can you imagine the bandwidth and discrete lines it would take to send a company document with images that was 4,000,000,000 (4Gig) or so bits? Or even one that was 256K?

 

I ken your thinking, though. It kinda' reminds me of frequency shifting radio transmissions. The signal is sent from a transmitter to a distant receiver (or receivers) that are sync'd to one another so that the PLL (phase-lock loop) solid state tuners shift frequencies so many times a second in a random pattern. The only way a third party can intercept and decipher this radio signal is if their receiver is sync'd also, which is in the realm of impossible, odds-wise. It's a VERY secure transmission method in RF (radio frequency) communications. Pretty neato stuff. It's old tech, even though it's still definitely in use; mostly by the military.

 

 

 

 

 

.

I'm an NOT talking about "parallel computing". I merely used the old printers as an example of all of the bits not needing to be in the same stream. And as to your "giant documents", you might want to go back and read the OP in the thread. I made it very clear that not all computing need be done on the same OS and that my suggestions applied ONLY to text and numeric data. ALL "bookeeping" falls into that category. Yes, medical people need instant access to high res images to diagnose illnesses. But that does NOT mean that the "patient's info" needs to be included with the images. That can be sent over a more secure LOW BANDWIDTH system.

 

I really wish that people would carefully read what I actually say and NOT try to put their own interpretation on it.

Edited by lewmur
Link to comment
Share on other sites

Think of it this way. The accepted method of sending data is that you send eight bit bytes of data in a packet. Each byte contains all the bits of an ascii character or maybe a pixel data for an image. Instead, a packet could contain only the first bits of the byte, the second bits etc. Then the receiver would only need to know what eight packets to assemble to restore the data. But no one intercepting individual packets would have any way of deciphering them.

Link to comment
Share on other sites

Hello,

 

I think what you are describing is a packet-switched network, in which data is segmented into sections and prefixed with a header that contains information such as it destination, origin, payload, sequence number, etc. This would be in contrast to a circuit-based network, where a direct connection is established between two endpoints, and signalling for initializing and killing the connection could be done out-of-band (on a different channel, etc.). This is similar to how an analog or digital (ISDN) phone line works.

 

Regards,

 

Aryeh Goretsky

  • Like 1
Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
×
×
  • Create New...