Exploring Internet Security: Can It Ever Be As Secure As Physical Systems?

[GRB 080319B]

http://www.cbsnews.com/stories/2010/06/10/60minutes/main6568387.shtml?tag=contentMain;contentBody"

https://www.youtube.com/watch?v=<object width="480" height="385"><param name="movie" value="http://www.youtube.com/v/FZUzB8uC9bs&hl=en_US&fs=1&"></param><param name="allowFullScreen" value="true"></param><param name="allowscriptaccess" value="always"></param><embed src="http://www.youtube.com/v/FZUzB8uC9bs&hl=en_US&fs=1&" type="application/x-shockwave-flash" allowscriptaccess="always" allowfullscreen="true" width="480" height="385"></embed></object>

https://www.youtube.com/watch?v=<object width="480" height="385"><param name="movie" value="http://www.youtube.com/v/R-qudlJDqmU&hl=en_US&fs=1&"></param><param name="allowFullScreen" value="true"></param><param name="allowscriptaccess" value="always"></param><embed src="http://www.youtube.com/v/R-qudlJDqmU&hl=en_US&fs=1&" type="application/x-shockwave-flash" allowscriptaccess="always" allowfullscreen="true" width="480" height="385"></embed></object>

Can electronic/internet systems ever be as secure as physical systems? Seeing how easily http://www.msnbc.msn.com/id/14825465/" carried out by hackers, its seems that the current electronic/internet systems are repleat with flagrent security vulnerabilities I know there has been monetary and information theft before the advent of the internet, but it seems like these incidents have become increasingly more common and with increasing severity as the world becomes more dependent on these network systems. Have corporations/governments become complacent with these threats, seeing them as a "necessary evils", to remain connected through the internet? If so, is there any pragmatic solution to this fundamental problem of internet security?

 

[Dav333]

good god this is scary. TB's of data stolen wow

 

[Bill Simpson]

Cyber War: What It Is and How to Fight It, Richard Clarke

http://www.booktv.org/Program/11562/Cyber+War+What+It+Is+and+How+to+Fight+It.aspx

34 minutes 10 seconds into that he gives the three laws of cyber security:
1: Don't have a computer.
2: If you have to have a computer, don't turn it on.
3: If you have to have a computer and you have to turn it on, don't plug it into anything, like the internet.

 

[ShineyPenny]

From my Naval Systems Security course:

"The best computer protection is only as good as its user."

 

[SpartanG345]

why don't they not connect to the internet lol, so remote access is impossible.
Would it be possible for the Military to create there own country wide network. But then that could get hacked from within the military

 

[Borg]

why don't they not connect to the internet lol, so remote access is impossible.
Would it be possible for the Military to create there own country wide network. But then that could get hacked from within the military

The military does have separate networks. Hacking them isn't the biggest concern - those networks are more vulnerable to incidents like the Wikileaks incident that occurred this week.

 

[newtech]

One thing I was wondering throughout the videos was how was these systems being compromised? Were the attackers using vulnerabilities in the OS, or software that was being used? Were the attackers using social engineering techniques to get information? I had no idea about the previous attacks that caused power outages. That is a scary thought.

 

[Svensken]

As with everything within hacking:

- You can hack system "X" if there is a hole that allows system "X" to be hacked.
- Since we are humans, system "X" will almost always be open to a dedicated hacker (pref: "cracker").
- We can protect system "X" but we need to be ahead of the game.

 

[GRB 080319B]

One thing I was wondering throughout the videos was how was these systems being compromised? Were the attackers using vulnerabilities in the OS, or software that was being used? Were the attackers using social engineering techniques to get information? I had no idea about the previous attacks that caused power outages. That is a scary thought.

One possible method of intrusion:

http://news.cnet.com/8301-27080_3-20013545-245.html?tag=topStories2"

 

[XxsithlordxX]

Bottom line is that its all about 1's and 0's. A system is only as complicated and secure as the human brain that made it. "If it is made, it can be broken".

 

[GRB 080319B]

http://www.symantec.com/connect/blogs/stuxnet-introduces-first-known-rootkit-scada-devices"

 

[mugaliens]

As with everything within hacking:

- You can hack system "X" if there is a hole that allows system "X" to be hacked.
- Since we are humans, system "X" will almost always be open to a dedicated hacker (pref: "cracker").
- We can protect system "X" but we need to be ahead of the game.

Well said, and I'm glad you said it, as many people believe both all OSes and all encryption can be hacked.

Not so.

Just as one-time-pads cannot be cracked provided the pad is sufficiently random, certain operation systems employing the proper techniques are similarly beyond reproach.

Sadly, Microsoft's, Apple's, Unixes, and most of the other common ones aren't among them.

 

[GRB 080319B]

http://www.msnbc.msn.com/id/45199096/ns/technology_and_science-security/t/cyber-weaknesses-should-deter-us-waging-war/"

http://www.physorg.com/news/2011-11-foreign-cyber-infrastructure-expert.html"

This is arguably the first case where we have had a hack of critical infrastructure from outside the United States that caused damage