RE: Covert Channels

[Richard Masoner <richardmasoner () yahoo com>]

I've only been following this thread peripherally, but
isn't covert channel discussion limited to analyzing
the assurance of Trusted Systems?

Perhaps my view is limited since Trusted System
development is something I've done, but it seems to me
that this thread has been on steganography instead of
covert channels of communication.

On a trusted system, for example, a user isn't going
to modify the IP header to steganographically send
secret information, because he can't.

In the Trusted Systems world, covert channel analysis
and detection is something that is done, and in that
community it's considered science, not snake oil. 
Part of covert channel detection, for example, might
be flagging a user who copies text from an X window
and pastes that text into an X window that's at a
lower privilege level.

Richard Masoner



__________________________________________________
Do you Yahoo!?
Y! Web Hosting - Let the expert host your web site
http://webhosting.yahoo.com/