Hacker News new | past | comments | ask | show | jobs | submit login

Reminds me of the time I was looking after a SECURE system: One of the tasks was the daily update of the antivirus. So I would grab the blessed stick, insert it into the Internet-PC, and using FTP would download the latest antivirus update. Then I'd walk over to the SECURE system, insert the stick, and run the exe from the stick. There, system SECURED for today!

Norton, trust no other!




You forgot that you need to use read-only media to transfer data from Internet-connected system to air gapped system, such as CD-ROM, or destroy writeable media after use in an air-gapped system.


If the purpose of the attack is to bring something into the network, to e.g. destroy something (Stuxnet), or blink an LED that faces a window, then RO media will be pretty useless, and will probably cause a false sense of security.


Likely that is the point. The initial process with the stick is security theater, and adding the RO requirement is just more theater. Both comments are sarcastic, imo.


The read-only requirement makes sense because otherwise confidentiality of the airgapped system can be easily compromised (data extraction).

If one's role is to only update AV on the airgapped machine then their data transfer to the airgapped machine should be only going into one direction.


i think the joke requires knowledge that, if the exe is compromised, there's zero ways in hardware you can enforce read only mode on a USB stick, so it's probably done in software and is moot.

and also, if it's air gapped, why even have an antivirus. ... for air borne ones?


It's incredibly easy to enforce read only on a USB stick when you destroy it after bringing it into a classified environment. As for antivirus, aren't we talking _right now_ about bringing potentially infected drives into an network?


Still sounds like unnecessary risk when you can achieve it with a read-only CD drive.


The professionals who defined this update protocol have access to classified information I'm sure that allows them to assess risks us readers of public blog posts are not privy to! So we shouldn't judge on the morsels of public information what must have been an elaborate evaluation of best practices only accessible to the echelon of administrators in the government branch where I was doing my duty.

Seriously though, I learned a lot there. If I wanted friends to have access to such a system, this is the plausibly deniable access route I'd set up for them.


That sounds like an ideal attack vector! Norton and other AV have elevated privileges with an opaque data format ready to be exploited.


I believe that was exactly the other commenter's point.


The funniest part is that the update was an exe to be run from the USB stick. The one thing you should not ever do on any system.

Unfortunately I wasn't prepared to broach the subject in a way that didn't have me say "you'd be safer without the AV". So I got nowhere.


Oh even worse! Yeah, you likely wouldn't have made any headway.


I’m of the opinion that 3rd party security software is malware. If it isn’t today, a future acquisition or enshittification ensures that it will be.


While true, the future is the future, and not entirely relevant.

Or do you eschew using a fork, because in 12 weeks in will fall on the floor?

Certainly, the problem is secret falls on the floor. The ones we can see can be handled.

This problem even happens with brand names, with hardware. You buy a fridge, and a decade later go to buy another. Meanwhile, megacorp has been bought by a conglomerate, and brand name is purposefully crap.


Imagine, if you will a bed of gold embroidered and wrought with the most excuisite works. Above the bed however is a sharp sword suspended on a single hair of a horse's tail. Would you avoid relaxing on the the bed because the sword may fall and kill you at some point in the future?


What’s wrong with the brand-name AV engines and security controls shipped with the OS? To me, it’s mostly just a lack of trust on the part of management.


Kaspersky is/was a brand-name AV. Look at what happened on their way out after the US ban...


Everyone should build their own security software?


All the major desktop OS have AV engines built by excellent teams. I do trust this more than McAfee or Norton. I also trust it not to take my machine down as much as CrowdStrike.


You trust native Windows security? I’m hoping it’s not, but what if a hospital’s decision looks like a choice between ransomware and a root system like crowd strike?


Have fun running your business with no third party software. You'll have to start by writing your own OS.

Speaking of which... it's remarkable that Microsoft Windows probably has code from 50,000 people in it. Yet there haven't been any (public) cases of people sneaking malicious code in. How come?


If Windows had malicious code in it, would we be able to tell the difference?


Sure, I’m sure somebody who is going to go through the effort of slipping malicious code into Windows would also make sure to do some QA on it. So it would be suspiciously unbuggy.


That makes complete sense if your threat model is preventing data from leaving a secure network, assuming the USB drive stayed in the secure network or was destroyed after entering it.


Why would you need A/V on an air-gapped system?


I didn't expand on that but actually that system was part of a global network; entirely separate from the Internet. There was MS Outlook installed on the terminal nodes. One can see how somebody could become nervous about not having AV on the nodes and come up with a "protection" scheme like the one I described.


Air-gapped doesn't mean no data transfer. If there is data transfer, then viruses could get on it which will use up system resources.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: