Not even an air-gap will save you when they use thermal sensors to steal your data using heat...

;)

Hack proof is impossible. In order to do any work, a person needs to have access to that data. People can always be hacked. Therefore your data can always be stolen. QED.

"The proof-of-concept attack requires both systems to first be compromised with malware. And currently, the attack allows for just eight bits of data to be reliably transmitted over an hour"

So basically if somone already hacked your system that is air gaped (see how it's not really a new problem there since you already screwed up before) they can steal 8 bit worth of data per hour? Sure they can send commands and in the sample they give to control a missile i guess 8 bit of data per hour is plenty to send a position to your pre installed malware to control it, however the hard part seems to be yknow, preinstalling the malware into the computer that was probably never connected to anything except the missile system itself.

That is so wrong and false on so many levels. First, when you plug a USB thumbdrive, a microcontroller in the motherboard handshakes with the device. There are exploits targeting these microcontrollers, and no OS-level security will protect you from this.

You'd best put your servers inside a faraday cage, too. With a little bit of low-end sensor and monitoring technology and a program to decode what you're receiving, you can wirelessly snoop on any keyboard (even a wired one!) remotely at a reasonable range. The more money youre able to throw into the problem (e.g. FBI or NSA level of budget) the longer range you can potentially sniff someones keypresses.

No OS level protection can work against this, either...

Except this is completely unrelated to the problem of the OP of a hack proof website as, yknow, no one is physically typing on the server, so it's pretty damn easy to protect against monitoring keypresses when well, no one is pressing and there's no keyboard

No, it's not. If I was to create a very secure web server, the only open port(s) would be 80 and 443. This would mean that the only way to control the system would be via a local console. You'd configure it, and only administrate it this way. Not to mention that some administration tasks of servers require someone with a physical keyboard plugged in at the datacenter to do various things.

Failing that, you could launch this attack against the admin of the website. Find where he lives, or works, and sit outside his house or place of work with the equipment in a van, stakeout style. As he presses the keys to admin his remote website, you got him, without even having to touch his PC...

On a properly secured network, getting access to the CEO's laptop through a usb hack and having him plug into the local network should give you ZERO access to the rest of the network aside from files the user has access to. So it is an issue of giving way too many rights to people who may be unwillingly corrupted.

Work in a finance company. Only company laptops are permitted to connect to the network, these all have USB disabled. Some have even been opened up and had the USB physically removed too. When connecting to the network using a laptop you have to connect via VNC (using RSA pin key) to a terminal server on an offsite data centre then into another internal terminal server and then from that terminal server (using one set of credentials) back to your desktop(using your regular network credentials).
All the computers in the company will not connect to the network if a usb or bluetooth device is detected. We are not even able to use Apple Magic Mice with our apple hardware. All mobile phones that enter the building have to have Mobile Iron software installed and can be inspected by IT security at any time.
If the design team need to send a psd to a programmer then we need to have two IT security staff come over to their desk with a set of screwdrivers to connect a hard drive copy the file then disconnect it and walk across the office and do the same thing at a programmers desk (the reason being that files over 200k are not permitted across the network). Theres all sorts of other stuff that goes on that I simply don't understand (not really a networking person myself).

Are we unhackable. Our IT security guys say no it isn't and they themselves find weak points on almost a daily basis but, they provide as much security as they know about at the time. Policies change daily and it is difficult to work in but, it is a business that is responsible for billions of pounds of client money.

Even if your system is secure, what's preventing someone with enough insanity to break into the CTO's house, put a gun in his head to enter the password?

CTO is the wrong person. If you really wanted access it would have to be the IT security manager.

"I'm currently planning a deployment of Something (too early to announce) that is in a "kind of SAAS" mode, even as the one who conceived it i couldn't hack into it if you gave me a 1 million budget to spend on hacking it"

Gosh. That IS rather a strong claim. Well, not that you couldn't hack it, but that you imply others couldn't either. Because even in white-hacker-land there are some properly, properly scary hackers out there.

It's all a matter of tradeoffs but since there's pretty close to 0 physical and software area of attack and the data is not sensitive at all (only the software is) and the software only resides in ram, it's not "too" hard. It's not about how scary people are, just like in any field you can't be any better than the field allows for, so if there's no entry point then there's no entry point to the system itself (well there are pretty extreme ways to access anything as i said, but if we restrict ourselves to technical ways that do not require heavy weaponry, i can't think of any for what i have planned).

That is so wrong and false on so many levels. First, when you plug a USB thumbdrive, a microcontroller in the motherboard handshakes with the device. There are exploits targeting these microcontrollers, and no OS-level security will protect you from this.

You'd best put your servers inside a faraday cage, too. With a little bit of low-end sensor and monitoring technology and a program to decode what you're receiving, you can wirelessly snoop on any keyboard (even a wired one!) remotely at a reasonable range. The more money youre able to throw into the problem (e.g. FBI or NSA level of budget) the longer range you can potentially sniff someones keypresses.

No OS level protection can work against this, either...

Except this is completely unrelated to the problem of the OP of a hack proof website as, yknow, no one is physically typing on the server, so it's pretty damn easy to protect against monitoring keypresses when well, no one is pressing and there's no keyboard

No, it's not. If I was to create a very secure web server, the only open port(s) would be 80 and 443. This would mean that the only way to control the system would be via a local console. You'd configure it, and only administrate it this way. Not to mention that some administration tasks of servers require someone with a physical keyboard plugged in at the datacenter to do various things.

Failing that, you could launch this attack against the admin of the website. Find where he lives, or works, and sit outside his house or place of work with the equipment in a van, stakeout style. As he presses the keys to admin his remote website, you got him, without even having to touch his PC...

What tasks would require someone with a physical keyboard plugged into the server? I've never had such a need.

Also i'm not sure what being able to find out what you type at work would help the hackers with unless you type in sensitive information (but why? If at work you shouldn't have to authenticate with a password or something similar that you'd type to begin with)

In any case if it was "such" a big issue a workaround is to make your own keyboard / keyboard driver, it's always a matter of how far you want to go but both the issue of key noise and wired transfer can be fixed.

Not even an air-gap will save you when they use thermal sensors to steal your data using heat...

;)

Hack proof is impossible. In order to do any work, a person needs to have access to that data. People can always be hacked. Therefore your data can always be stolen. QED.

"The proof-of-concept attack requires both systems to first be compromised with malware. And currently, the attack allows for just eight bits of data to be reliably transmitted over an hour"

So basically if somone already hacked your system that is air gaped (see how it's not really a new problem there since you already screwed up before) they can steal 8 bit worth of data per hour? Sure they can send commands and in the sample they give to control a missile i guess 8 bit of data per hour is plenty to send a position to your pre installed malware to control it, however the hard part seems to be yknow, preinstalling the malware into the computer that was probably never connected to anything except the missile system itself.

You'd best put your servers inside a faraday cage, too. With a little bit of low-end sensor and monitoring technology and a program to decode what you're receiving, you can wirelessly snoop on any keyboard (even a wired one!) remotely at a reasonable range. The more money youre able to throw into the problem (e.g. FBI or NSA level of budget) the longer range you can potentially sniff someones keypresses.

Not just the keypresses, your entire monitor might be remotely snooped by carefully measuring the E-M field in the air.

I did my military service as a communications engineer for field HQ, and was amazed by the computer hardware we used.

Heavy duty boxes with built in faraday cages, and only opto connections between the boxes.

Any cable where data is passed through can be compromised.

Just to tune in to the "making X impossible" ... there is always someone whos is able to break the lock, and steal the crown jewels. Not even Fort Knox is safe enough and far too famous, hence most of the gold AFAIK has been moved to other, less well known warehouses.

What drove the concept home best for me was what we where teached in military. There, I was trained a a Security Infantry Soldier (before being reclassified as a normal infantry soldier, but that is besides the point).

A big part of our training was securing military installations.... which was really hard work lugging around fences and barbed wire.

A lot of people would initially believe that the sectors now covered with double fences and multiple rows of barbed wire could be forget about, because "who could possibly get in?"...

of course that was a gross mistake.

The point our trainers made was that basically none of these measures where meant to keep someone out, even though it would certainly deter most people from trying to climb in during peacetime because of the time needed and the dangers getting caught in that barbed wire (not to mention how pointless it is to break into a military base during peacetime)... the real point was to MAKE IT HARDER TO BREAK IN, thus a trespasser NEEDING MORE TIME TO GET IN, thus whoever was in charge of defending the base HAVING MORE TIME TO REACT.

Lesson was, no matter how many rows of barbed wire you wrap your base in, given enough time and dedication, somebody can break in.... but with each row, they need more time until they are inside the perimeter.

I see IT Security as the same concept.

You try to deter the script kiddies that lack the skill to break in. They might try, they will not be able to get around the security, they will give up and try to find an easier target.

You try to slow down the Hacker that DOES have the skill to get around your security. That might give your Sys Admins the time needed to notice the attack and initiate countermeasures.

Even if the Attack is successfull, you try to collect enough evidence to trace down the origin of the attack. Making the attack riskier for the attacker in the long run. If the hacker is employed by a country and the country the attack originates from gets traced down, this country will get into a quite awkward situation. Making it quite possible they tell their hackers to refrain from future attacks until they are sure their attacks can no longer be traced.

There is never 100% security... but you can get damn close by combining multiple layers of automated security with competent and 24/7 security staff. Of course that costs money, A LOT of money. Big businesses spend a big part of their IT budget on security because of that.

You'd best put your servers inside a faraday cage, too. With a little bit of low-end sensor and monitoring technology and a program to decode what you're receiving, you can wirelessly snoop on any keyboard (even a wired one!) remotely at a reasonable range. The more money youre able to throw into the problem (e.g. FBI or NSA level of budget) the longer range you can potentially sniff someones keypresses.

Not just the keypresses, your entire monitor might be remotely snooped by carefully measuring the E-M field in the air.

I did my military service as a communications engineer for field HQ, and was amazed by the computer hardware we used.

Heavy duty boxes with built in faraday cages, and only opto connections between the boxes.

Any cable where data is passed through can be compromised.

No cable can be compromised unless

1) You've got physical access to the cable or

2) It's not properly shielded

If nothing gets emited from the cable (or Nothing allowing to deduce the signal within it) then you can't really do anything about it.

No cable can be compromised unless
1) You've got physical access to the cable or
2) It's not properly shielded

That was what I thought too before doing my service.

It was obviously not enough for the designers of the military information system though.

I have no idea if they had a real (and probably classified) exploit for it, but at least the information on those computers was important enough to not take the risk.

My best guess is that it isn't really that easy to "properly shield" a cable, and you have to go to pretty extreme lengths to do it.