There is a lot of discussion regarding how to secure systems that have network/internet access. We talk about firewalls, virus scanners, authentication, authorisation, passwords, encryption, VPN, SSL  and a lot of other methods to secure access, communication, storage of data.

Does the right combination of methods will help to secure a system? Yes? Are we sure that this will really do the deal?

I´m not sure. It will not work if

1. someone gets access before the system is secured
2. a software is on the system that generates a security vulnerability – which could be related to bugs or design problems of the OS or applications that may open the access to the system
3. a manufacturer/software producer is placing a vulnerability on one or more components to track information and sending data by avoiding the regular security mechanisms
4.  the system has a hidden trigger that could be activated from outside to provide data
5. user try to make life easier by generating access to a system in a way not provided by the administrators
6. …

Is this something that only exists in theory? I don´t think so. Some examples.

• No.1While installing and configuring a system it may be a short or long timeframe where the system is more open than in productive usage. That may also happen if an administrator is doing changes.
• No.2 How many bugfixes, service releases, alerts do we see for OS, firmware, applications every day. We could be sure that someone uses the vulnerability to get access to an “interesting system” before the problem is fixed
• No.3  CarrierIQ software component on phones using Android to provide data located on the mobile
• No.4 “Silent”/unvisible SMS send by a public authority to receive position information from a mobile phone over the air
• No.5 An additional PC/modem/access point/router is installed by users in a network with unsecure settings to get easy access to the “world outside”

We learn that we could never be sure that someone gets access to data if you are using a network with internet access. Inside a network data could also be visible to persons that may normally not be allowed to see that information. Take care!

No related posts.