Vulnerability Development mailing list archives

Re: Covert Channels

From: "Roland Postle" <mail () blazde co uk>
Date: Thu, 17 Oct 2002 15:18:10 +0100

On 17 Oct 2002 08:19:40 +0200, MA wrote:

By the way, ISO-15408 defines AVA_CCA.3 "Exhaustive cover channel
analysis". AFAIK, this is science fiction. Does anybody have a silver
bullet?


3 metres of freshair? Which reminds me of 'active Tempest-based
trojans/viruses' where the attacker causes a system's
motherboard/monitor/etc to give of radio waves which can be picked up
with a radio reciever or possibly another, nearby compromised system
(that last bit may be science fiction, but far from impossible). So
maybe the silver bullet should include some decent emissions shielding
too. Technically, you still haven't 'exhaustively analysed' but you can
be fairly sure,

- Blazde

Current thread:

Re: Covert Channels, (continued)
- - - Re: Covert Channels David Litchfield (Oct 18)
    - Re: Covert Channels Michal Zalewski (Oct 18)
    - RE: Covert Channels Ofir Arkin (Oct 19)
    - RE: Covert Channels Michal Zalewski (Oct 19)
    - Re: Covert Channels Dragos Ruiu (Oct 21)
    - Re: Covert Channels Roland Postle (Oct 22)
    - RE: Covert Channels Roland Postle (Oct 21)
  - RE: Covert Channels Jason Barbour (Oct 17)
  - Re: Covert Channels Alex Tibbles (Oct 17)
  - Re: Covert Channels MA (Oct 17)
    - Re: Covert Channels Roland Postle (Oct 17)
  - RE: Covert Channels Dom De Vitto (Oct 17)
    - RE: Covert Channels Jeff Nathan (Oct 19)
    - RE: Covert Channels Dom De Vitto (Oct 19)
- Re: Covert Channels Craig Baltes (Oct 17)
- Re: Covert Channels CJ Oster (Oct 17)
- Re: Covert Channels Rohit Sharma (Oct 17)
- Re: Covert Channels Chris Reining (Oct 18)
- Re: Covert Channels Darryl Luff (Oct 18)
  - Re: Covert Channels Valdis . Kletnieks (Oct 18)
  - Re: Covert Channels Jeff Nathan (Oct 19)

(Thread continues...)