Re: General security question

[Magosányi Árpád <mag () bunuel tii matav hu>]

A levelezőm azt hiszi, hogy daN. a következőeket írta:
> The only issue I have with drop boxes is now you have 3 components instead 
> of 2, the more components you add to your security system, the more 

The nice thing about drop boxen is that they are not part of the security
infrastructure. Even if the drop box has world access, only the
availability of the data can be an issue (and the volume of exchanged data
also disclosed but this covert channel can be easily minimised if
necessary). The security element is the crypto, which is done inside the
end systems. 
The complication comes from the fact that the communication should be done
according to the drop box requirement, and in real life synchronisation
issues come to the picture. But if the design of the communication is made
after the decision of the drop box approach (and there are no extra
boundary conditions are involved), it might even be easier than another
solution. And you shall not be concerned with primer integrity problems
(e.g. someone cracking your system by attacking the transport endpoint
actively, because it is a low-risk system), but only secondary ones (e.g.
someone cracking your transfer client using malicious server replacement
[the latest openssh bug comes to mind, but having ssh agent or X display
for an automated data transfer is at least a misconfiguration], or
inserting data which becomes active while processing it [and third party
can insert data which activates only until the decrypting is done]).

-- 
GNU GPL: csak tiszta forrásból

_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://www.nfr.com/mailman/listinfo/firewall-wizards