A reference journal on interesting IT topics

Archive for March 2015

Temporary working storage

leave a comment »

I have not stated this clearly, but it does emerge in multiple places in my blogs, due to the number of new ‘tricks’ on media to store on hidden places possibly important information, the use of removable media is not enough (has not been enough for a few years now,) in the sense of the known one national directive(s.) My personal take is that whatever the logistic structure of communications supporting control points is at our days, it should have one of those.

The final result when used with a common stone casting negative mold, and an optional eventual punching of protocol number, should be pleasant to the look (and the protocol) very artistic and functional for the purpose of the (same) one directive above, paper weights. That should make your beans counters happy, and become a valuable source of a ‘numbered limited series’ of storage compliant (and all accounted for,) free paper holders for your agency. 😉

Update 1: Software (crappy) issues, while we are at it, obviously some kinds of known software and operating systems for simpletons, should be ‘banned,’ AKA ‘prohibited,’ from the public administration, not to be ending up like those folks here. So far it looks like, after removing ‘all’ dos/windows, adobe and java compatibility extensions ‘and’ using not intel compatible architectures, some flavors of unix appear immune, and so looks as well the situation for the usual VMS and os390, (besides probably some ‘really old’ legacy dinosaurs.) In absence of reasonable incompatible hardware, possibly some more esoteric systems, can ‘maybe’ provide a limited amount of defense (it is however unknown for how long.)

Update 2: Site issue, wireless technology lousiest implementations, associated with BYOD, has made anything unsafe, would suggest banning personal devices (check with scanners, no devices to be admitted) and installing very high power jammers, eventually to burn them out, besides re-analyzing carefully covert channels (all this garbage with cameras and audio, and who knows what else, can record, even with no network connection, all the emissions sources now ‘also’ built in bridges and processors.) Maybe 5-10 years of prison for introducing an emitting/wireless device (including RFID) in special areas, including fines in the order of millions for manufacturers, should be a deterrent.

Update 3: Collaborators issue, is not an update, just a memento on things we know for a while, anonymous and secure are two different things, apparently putin put a bounty on whoever breaks the TOR Onion network, that is quite re-assuring in a sense (but don’t use it to check your bank statements,) for secure communications, the usual PGP/GPG work just fine with extremely large RSA keys, fits just fine on any *ux in thunderbird with enigmail extension, finally for direct communication (IPv4 to IPv4) you can use the old nnim, which has support for many strange forms of encryption, and you can compile from source, to make sure has no bugs in it. Build yourself a live CD possibly on a big endian, compile all from source after having verified the spying bugs are out, and you should be OK, any web extensions at this time should not be safe, there are a number of “unfixable” vulnerabilities in a number of products, which would suggest limiting web exposure to html only text mode, which is always good to access also on low speed lines. P2P networks could also be your friends to distribute publications, clear or encoded text, without exposing yourself to the darknet, not really necessary for now, you are mostly dealing with stupid.

Update 4: Site issues again, any external ports, IR, Bluetooth, LEDs, USB, should be surgically removed/disconnected from the motherboards, serials can be added if needed on cards, encryption card with autonomous TCB should be installed between motherboard and any media, frequency jammers should be installed to interfere with any radio emission (besides usual site preparation FC and filters rules)

Update 5: TISA espionage favouring agenda issue, sabotage with all methods, overt or covert, it is in nobody national interest to permit such liabilities, corrupted politicians and wall street trying to make a buck with fraud, can seriously affect budgets in litigations, and create an innumerable pile of liabilities, nope, no go.


Written by dibi58

March 22, 2015 at 12:59 am

Posted in esoteric, OS, SEC