Security over the Net
Cheesewaffle
Member Posts: 20 ■□□□□□□□□□
in Off-Topic
Hi,
I have recently been reading up on VPN's and encryption (HTTPS).
After reading quite a bit of literature I understand we use them to secure traffic(packets).
But my question is why is the internet so insecure?
If the internet is run by big ISP's who control the infrastructure shouldn't the information we send be secured anyway? As they just have all their equipment secured?
Cheers
Cheeseywaffle
I have recently been reading up on VPN's and encryption (HTTPS).
After reading quite a bit of literature I understand we use them to secure traffic(packets).
But my question is why is the internet so insecure?
If the internet is run by big ISP's who control the infrastructure shouldn't the information we send be secured anyway? As they just have all their equipment secured?
Cheers
Cheeseywaffle
Comments
-
dynamik Banned Posts: 12,312 ■■■■■■■■■□It would take quite a toll on ISP's equipment resource-wise, as well as make things significantly more difficult and complex to manage. Plus, you would need to trust your ISP do 1) implement the technology correctly, and 2) not abuse their power and snoop on your traffic. Forgive me, but I really don't think Comcast has my best interests in mind. Plus, those technologies are also useful if you're connecting to the internet from untrusted locations, such as coffee shops.
-
Cheesewaffle Member Posts: 20 ■□□□□□□□□□Thanks,
What about groups of hackers, can they snoop on traffic? Using programs like wireshark? -
dynamik Banned Posts: 12,312 ■■■■■■■■■□They'd have to find a way to get between the source and destination (i.e. set up a wireless access point that looks legitimate, ARP poison an internal network, etc.), but yes, they could do that. Those technologies will protect against that as well. However, you still need to be careful because tools like ettercap can do man-in-the-middle for things like SSL and SSH as well.
-
Met44 Member Posts: 194But my question is why is the internet so insecure?
When you connect to a web site using SSL, at best this tells you that (1) the traffic is encrypted, (2) the source of the traffic, and (3) the traffic wasn't modified as it was in transit to you. At worst, someone was able to do something nasty like compromise a key, spoof a certificate, or other things dynamik mentioned, and you ended up trusting someone you didn't intend to trust. That, or the web server just securely tunneled its malicious code straight through your company's firewall/IPS, undetected. Suppose your computer's antivirus software is out of date; now there is a problem. Obviously there are methods to help prevent all of that, but the point is that the ISP might have been completely secure and you still have a virus on your system. There are lots of ways to skin a cat.
"The only truly secure computer is one buried in concrete, with the power turned off and the network cable cut (... and even then I have my doubts)." Here's the most secure network you'll ever find. I'm selling installation and free lifetime support, but warranty is voided by blasting or excavation. -
dynamik Banned Posts: 12,312 ■■■■■■■■■□"The only truly secure computer is one buried in concrete, with the power turned off and the network cable cut (... and even then I have my doubts)."
Pfft, you don't even sink it in the ocean? Weak -
tiersten Member Posts: 4,505Cheesewaffle wrote: »But my question is why is the internet so insecure?
If you truly piss people off on the internet then you can experience a form of community policing where carriers or networks will refuse to talk to you but this is very rare.
Like the coffee shop that Dynamik mentioned, do you trust them to have secure their network and to not snoop on their customers? Now take that same question and apply it to everybody between you and your remote site. -
tiersten Member Posts: 4,505Pfft, you don't even sink it in the ocean? Weak
-
Met44 Member Posts: 194Pfft, you don't even sink it in the ocean? Weak
True, that would be a great way to sell marked up rugged hardware. I'm pleased to say that I am now offering on-site installation for a nominal fee in as little as one week at a premier storage location, just off the coast of the Bahamas. -
crrussell3 Member Posts: 561True, that would be a great way to sell marked up rugged hardware. I'm pleased to say that I am now offering on-site installation for a nominal fee in as little as one week at a premier storage location, just off the coast of the Bahamas.
Pffft, I already have a patten going for my storage location in the Mariana Trench. The site is extremely secure, just pay no attention to those rumors about Decepticons being dumped there.MCTS: Windows Vista, Configuration
MCTS: Windows WS08 Active Directory, Configuration -
veritas_libertas Member Posts: 5,746 ■■■■■■■■■■Pfft, you don't even sink it in the ocean? Weak
I'm only worried about the hard drive, and a drill with large bits will take care of that. Then bury the hard drive in cement. -
tiersten Member Posts: 4,505veritas_libertas wrote: »I'm only worried about the hard drive, and a drill with large bits will take care of that. Then bury the hard drive in cement.
Of course, you'd have to be sufficiently paranoid or know that you've got data that is valuable enough to warrant doing this. As for complete destruction of a HD, I'd say thermite would do the trick. (Note: Don't blame me if you're crazy enough to do this) -
veritas_libertas Member Posts: 5,746 ■■■■■■■■■■If your paranoia level is set to 11 then you'd have to totally destroy the HD platters. Just scratching or drilling holes in it wouldn't be sufficient. The areal density of current generation HDs is extremely high now so even a little 1 inch square chunk of your platter will store over 400Gb of data. Due to the high areal density, coercivity of HD platter coatings has correspondingly gone up.
Of course, you'd have to be sufficiently paranoid or know that you've got data that is valuable enough to warrant doing this. As for complete destruction of a HD, I'd say thermite would do the trick. (Note: Don't blame me if you're crazy enough to do this)
Forget being paranoid, that looks like just plain good old-fashion fun!
Thermite - Wikipedia, the free encyclopedia