Extreme paranoia Security and Attack vector theory

[Guest]

[tetsuo55]

Maybe not really an application request per-se

But comodo could probably adjust an existing one or cook one up

Extreme paranoia mode ON.

In This text i'm going to explain a theory i cooked up. It's the standard i use to decide of an application does or does not increase security on my system.
The theory is based on extreme paranoia and an assumption that is statistically incorrect. Lucky chaos theory backs me up on this one. It only takes 1 of these exploits to be true to validate what i am saying.

First some explentaions:
BUG: An unintended behaviour in a design(hard or software)
EXPLOIT: A BUG that can be used\abused by an attacker

For this theory i am going to assume that EVERY BUG is an EXPLOIT and that every hard- and soft-ware is full of BUGs.

ATTACK: A seqeuence of 1's and 0's (or electrical fluctuatios)that triggers the BUG.
VECTOR: The "entrance" the attack uses to enter the system.

--------------

Hardware VECTOR's:
All ports on the system, PS2, usb, VGA and so forth. Even ports that only allow outgoing data can be ATTACKed by shorting the cuircut.

Software VECTOR's
Os, drivers, applications, network traffic.

One of my personal favorites is malformed TCP/IP traffic or HTML.


----------------
How to protect?


-The hardware should be more secure, not accepting signals from anything and anyone, bugs should be fixed with high priority.
-All ports should be physically unreachable for unauthorised users(but it should be very easy for the authorised users)
-The protection software running on the system(could be the os itself) should be guarding against data-streams from all ports (so the protection software should also be protecting bluetooth, infrared, serial port, vga, dvi and so forth)
-The protection software should be monitoring all network data streams.

Basically the protection software should work as a PROXY between the entire system.
*Data starts to come in.
*Protection software starts buffering the data(or not) and asks(or knows) to allow or dissalow
*Buffered data gets scanned for any attack 1' and 0's (this requires massive knowlegde of exploits and malware signatures)
*A permanent allow rule can be made which bypasses the scan (handy for things like monitors)

It's up to the hardware manufactures to increase the security of hardware connections. 1 example is HDCP(its basically a huge pain the ass)

[hbobeck]

Hi Tetsuo,

thanks for your post!

very interesting indeed. Would be nice to get some feedback from the devs on how/if this could be implemented...

Harry

[gibran]

Someone has already answered and the answer is Trusted Computing.

Trusted computing may not be a good solution. http://en.wikipedia.org/wiki/Trusted_Computing#Criticism_of_Trusted_Computing

[tetsuo55]

Someone has already answered and the answer is Trusted Computing.

Trusted computing may not be a good solution. http://en.wikipedia.org/wiki/Trusted_Computing#Criticism_of_Trusted_Computing

That's not a real solution, it requires completely new systems and software to work, any backwards compatibility would be fully exploitable.

[gibran]

That's not a real solution, it requires completely new systems and software to work, any backwards compatibility would be fully exploitable.

Protectling all datastreams require also new hardware and backward compatibility is obvoiusly a risk.

I guess that this is a problem whose solution looks more dangerous than the originary problem itself.

[tetsuo55]

Yeah if you use new hardware and software and completely forget backwards compatibility the problem will be greatly reduced(it will never go away as my theory states that everything has exploitable bugs so even the new system will)

You could even use secure virtualisation to create some backwards compatibility.

Still i hope someone will come up with an out-of-the-box solution that will work with legacy hardware and software

EDIT:

I guess that this is a problem whose solution looks more dangerous than the originary problem itself.

Very well said 

[tetsuo55]

Okay i think i can make this a little easier for everyone

My proposition is:

Hard- and Soft-ware is full of BUGS, each of these bugs is an Exploit, for each Exploit there is an ATTACK that can reach the system through any Vector.

Think of the system(hard-+soft-ware) as a few story office building.

This building is under seige, all the many doors and windows have to be baricaded and guarded, same goes for the airco and phonelines/internet connection. All the interior walls are thin drywall sheets, due to the siege some of the people in the office might go nuts(or get persuaded to join the siegers). So the inner walls have to be fortified too.



(The system that provides this level of protection would possibly lead to an uber-stable system as a bonus)

[Tags:]