If anyone in your company can access your data, it's hackable. Hackproof means nobody can access it, including yourself and your own customers.

Every security measure, including TLS, is meant to deter potential hackers. Just a lock on your door doesn't fully guarantee your house is safe. It prevents curious people from getting in, but someone with the right tool, the right skill, and the intent, can still get in.

Well no, that's a gross simplification and is simply not true, things aren't just hackable magically, there are only so many categories of entry points, off the top of my head:

- Just flat out bad security (making sure the way you access it isn't secure, like guessable or stored passwords)

- OS / software Security exploits (which aside from the rare 0 day exploit you should have no issue preventing)

- Your own software security exploits (and this is on your side)

- Physical access to the hardware

- Social engineering

All of those can be mitigated or flat out prevented given appropriate effort in such a way that hacking a website (both gaining access to it to change it or simply getting access to it's private data) is virtually infeasible, it's simply a matter of effort and as someone nicely said in this thread security is a cost center not a profit one and all of that costs quite a bit.

Ever read how Target got hacked? Through the freaking HVAC system. HVAC. Who would've thought someone would hack into your air conditioners?

Again, all those things you listed are good practices, and they should be applied to guarantee security. But there is no such thing as 100% security. None. Even if your system is secure, what's preventing someone with enough insanity to break into the CTO's house, put a gun in his head to enter the password? What's preventing your data center from being bombed?

Every single security measure you do is adding an extra blanket of protection, but you won't be able to fully secure it. 100% security means you put your data into a ridiculously thick titanium wall or something with not a single door or lock, even a nuclear explosion won't break this box. But that means you can't access it either.

Not saying you shouldn't be doing good security practices. You should, just how you should always lock your doors at night and before you leave. It's just common sense.

Ever read how Target got hacked? Through the freaking HVAC system. HVAC. Who would've thought someone would hack into your air conditioners?

Ever read how Target got hacked? Through the freaking HVAC system. HVAC. Who would've thought someone would hack into your air conditioners?

Internet of things! What could go wrong?

If anyone in your company can access your data, it's hackable. Hackproof means nobody can access it, including yourself and your own customers.

Every security measure, including TLS, is meant to deter potential hackers. Just a lock on your door doesn't fully guarantee your house is safe. It prevents curious people from getting in, but someone with the right tool, the right skill, and the intent, can still get in.

Well no, that's a gross simplification and is simply not true, things aren't just hackable magically, there are only so many categories of entry points, off the top of my head:

- Just flat out bad security (making sure the way you access it isn't secure, like guessable or stored passwords)

- OS / software Security exploits (which aside from the rare 0 day exploit you should have no issue preventing)

- Your own software security exploits (and this is on your side)

- Physical access to the hardware

- Social engineering

All of those can be mitigated or flat out prevented given appropriate effort in such a way that hacking a website (both gaining access to it to change it or simply getting access to it's private data) is virtually infeasible, it's simply a matter of effort and as someone nicely said in this thread security is a cost center not a profit one and all of that costs quite a bit.

Ever read how Target got hacked? Through the freaking HVAC system. HVAC. Who would've thought someone would hack into your air conditioners?

Again, all those things you listed are good practices, and they should be applied to guarantee security. But there is no such thing as 100% security. None. Even if your system is secure, what's preventing someone with enough insanity to break into the CTO's house, put a gun in his head to enter the password? What's preventing your data center from being bombed?

Every single security measure you do is adding an extra blanket of protection, but you won't be able to fully secure it. 100% security means you put your data into a ridiculously thick titanium wall or something with not a single door or lock, even a nuclear explosion won't break this box. But that means you can't access it either.

Not saying you shouldn't be doing good security practices. You should, just how you should always lock your doors at night and before you leave. It's just common sense.

It's just a matter of who you trust with your data and how important it is to protect that data, it's very feasible if you put the means to fully protect it, and no not even the air conditioning company should have access to your server room if it's that important, no one should for that matter except multiple people at once and the hardware should be unaccessible easily (no usb ports / no anything ports except for the ethernet ones going to the net if needed in the case of a website).

I'm currently planning a deployment of Something (too early to announce) that is in a "kind of SAAS" mode, even as the one who conceived it i couldn't hack into it if you gave me a 1 million budget to spend on hacking it (in any form, be it corrupting it or simply retrieving the data even through physical means), At most i could bring it down (physically break the server), but it's even possible to protect yourself against physical stealing and memory cooling attacks if you plan accordingly, it's complex, it's strictly a cost center, it's most certainly NOT Worth taking such crazy précautions for a random website, but no one bothers pretending to be your ventilation system company and physically going into your Datacenter to hack random's joe website.

The Truth is the great majority of big hacks you hear about it the news would've been more than trivial and pretty cost free to prevent (aside from the cost of running a little bit of neurons) and are simply not acceptable for such huge companies. However some other hacks are reasonable as the cost to prevent them is simply not manageable compared to the risk of it happening (for example if you run a website making 10 000$ / year of revenue it's certainly not Worth it to rent a full room in a Datacenter, have them sign over handling of the room asking for only power and ethernet as input, physically removing their door and putting your own multi key & biometric door that is neither owned nor managed by the Datacenter, requiring at least 2 out of 3 of the core people of the company to open it, writing your own minimalist server with a strict subset of what you need, closing every single port in a multi layer of different vendor hardware firewalls that you still chose not to trust etc etc, all of those things are expensive and time consuming and massively overkill for the need of everyone, but at least some of those make sense for a big company.

So yea when i hear about the nsa or sony getting hacked and see it's simply social engineering and 0 protection once someone is in their network, it just sounds silly to me. Often they don't even do the "bare" minimum (minimizing the surface of attack).

Hell even if you consider software exploits, how often is it on open ports on software that the target doesn't even use?

Full security is impossible yes, someone can always go into the Datacenter with massive weaponry yes, but near full protection against reasonable and common means of Attack such as those i listed is fairly easy and inexpensive if done right, and definately a neglectible cost for a large company. However security in large companies is often limited to "let's get good AV / firewall and pray".

On a properly secured network, getting access to the CEO's laptop through a usb hack and having him plug into the local network should give you ZERO access to the rest of the network aside from files the user has access to. So it is an issue of giving way too many rights to people who may be unwillingly corrupted.

That is so wrong and false on so many levels. First, when you plug a USB thumbdrive, a microcontroller in the motherboard handshakes with the device. There are exploits targeting these microcontrollers, and no OS-level security will protect you from this. You're trusting the Motherboard manufacturer to have designed an unhackable microcontroller. You can try another vendor, but that one will have different vulnerabilities (likely the same because they all usually use the same 3rd party vendors or the same firmware).
Second, OS-level drivers will interact with the device, first to select the appropriate driver that can interact with it, then load it. This OS is not free from bugs. There are exploits targeting USB drivers. You're trusting the OS and all the drivers you have installed to have zero defects.
Third, when the user is browsing the data files of the USB thumbdrive, the USB thumbdrive may put files the file explorer will try to preload (eg. JPG files, PDF files, etc), and find an exploit in said file explorer. There are ton of exploits targeting user level applications in this way.

Not to mention attacks like memory hammering which can compromise the security (or at least stability) of the entire system. Or better yet, ring -2 privilege escalation. Yes, ring -2. Did you even know it existed?

Once you're in control of a single node, infecting others is freaking piece of cake due to the overwhelming amount of complex software and hardware interactions we use on a daily basis. Just like with USB connections, the same can be done with Ethernet connections. There are HW, OS-level and user-level communications and any failure point can be fatal.

Even routers can be hacked via software or hardware exploits. How on earth will you discover a router that infects computers with malware when a computer is plugged to it?

The only way to protect against these attacks is to not plug anything into your computer, ever. Better yet, don't use computers.

the more you should make sure you restrict his rights to the minimum he needs to do his work without being annoyed

That minimum is very high, considering they need a lot of access to do their job properly. Higher ups aren't just people in suits that go to work 4 hours then play golf the rest of the week.

Plus, too much security is in itself a double edged sword. You can get locked out of your own system making you waste a lot of productivity. Just like there has been rich people that got trapped inside their own panic rooms.

"I'm currently planning a deployment of Something (too early to announce) that is in a "kind of SAAS" mode, even as the one who conceived it i couldn't hack into it if you gave me a 1 million budget to spend on hacking it"

Gosh. That IS rather a strong claim. Well, not that you couldn't hack it, but that you imply others couldn't either. Because even in white-hacker-land there are some properly, properly scary hackers out there.

That is so wrong and false on so many levels. First, when you plug a USB thumbdrive, a microcontroller in the motherboard handshakes with the device. There are exploits targeting these microcontrollers, and no OS-level security will protect you from this.

You'd best put your servers inside a faraday cage, too. With a little bit of low-end sensor and monitoring technology and a program to decode what you're receiving, you can wirelessly snoop on any keyboard (even a wired one!) remotely at a reasonable range. The more money youre able to throw into the problem (e.g. FBI or NSA level of budget) the longer range you can potentially sniff someones keypresses.

No OS level protection can work against this, either...

Posted Today, 12:30 AM


Quote


On a properly secured network, getting access to the CEO's laptop through a usb hack and having him plug into the local network should give you ZERO access to the rest of the network aside from files the user has access to. So it is an issue of giving way too many rights to people who may be unwillingly corrupted.

That is so wrong and false on so many levels. First, when you plug a USB thumbdrive, a microcontroller in the motherboard handshakes with the device. There are exploits targeting these microcontrollers, and no OS-level security will protect you from this. You're trusting the Motherboard manufacturer to have designed an unhackable microcontroller. You can try another vendor, but that one will have different vulnerabilities (likely the same because they all usually use the same 3rd party vendors or the same firmware).
Second, OS-level drivers will interact with the device, first to select the appropriate driver that can interact with it, then load it. This OS is not free from bugs. There are exploits targeting USB drivers. You're trusting the OS and all the drivers you have installed to have zero defects.
Third, when the user is browsing the data files of the USB thumbdrive, the USB thumbdrive may put files the file explorer will try to preload (eg. JPG files, PDF files, etc), and find an exploit in said file explorer. There are ton of exploits targeting user level applications in this way.

So basically you didn't understand what i said, and then stated it was all wrong. Everything i said is compatible with everything you said, i never said you could protect the CEO's PC from him plugging something into the port, i said that his PC getting hacked shouldn't give any access to THE REST OF THE NETWORK. I thought it was pretty damn clear in the part which you quoted in which i say well, exactly that, that he will get hacked if he gets a usb stick made for it, that you can't protect against that, but that you can protect against TRUSTING HIM

That is so wrong and false on so many levels. First, when you plug a USB thumbdrive, a microcontroller in the motherboard handshakes with the device. There are exploits targeting these microcontrollers, and no OS-level security will protect you from this.

You'd best put your servers inside a faraday cage, too. With a little bit of low-end sensor and monitoring technology and a program to decode what you're receiving, you can wirelessly snoop on any keyboard (even a wired one!) remotely at a reasonable range. The more money youre able to throw into the problem (e.g. FBI or NSA level of budget) the longer range you can potentially sniff someones keypresses.

No OS level protection can work against this, either...

Except this is completely unrelated to the problem of the OP of a hack proof website as, yknow, no one is physically typing on the server, so it's pretty damn easy to protect against monitoring keypresses when well, no one is pressing and there's no keyboard :)