[3677] in cryptography@c2.net mail archive
Re: Is a serial cable as good as thin air?
daemon@ATHENA.MIT.EDU (Missouri FreeNet Administration)
Mon Nov 30 21:57:53 1998
Date: Mon, 30 Nov 1998 13:46:15 -0600 (CST)
From: Missouri FreeNet Administration <measl@mfn.org>
To: Dianelos Georgoudis <dianelos@tecapro.com>
cc: cryptography@c2.net
In-Reply-To: <199811300420.WAA00846@tecaprocorp.com>
Why not keep the "ThinAir" concept, and use an optically-isolated link?
A one-way connection: just like your floppies...
On Sun, 29 Nov 1998, Dianelos Georgoudis wrote:
:Date: Sun, 29 Nov 1998 22:20:29 -0600
:From: Dianelos Georgoudis <dianelos@tecapro.com>
:To: cryptography@c2.net
:Subject: Is a serial cable as good as thin air?
:
:
: We are installing home banking systems where the Internet Server
: is separated from the bank's computer center by air. Data is moved
: periodically back and forth using low tech but dependable floppy
: disks that carry only encrypted data (the principle of red/black
: separation is implemented by loading only encrypted data on the
: server). This "air-wall" is an effective way to stop hackers from
: penetrating the bank's computer center using its Internet
: services. This works quite well with services such as users'
: credit-card queries.
:
: Now, we have a potential client insisting on on-line transaction
: capability. One possible solution is to connect the Internet
: server with a PC on the bank's private network using a serial
: cable. We would write our own transmission protocol. The PC
: working on the bank's network would run a memory resident program
: that services the serial port and will discard any blocks that do
: not decrypt properly or have an invalid structure (only blocks
: that decrypt into the correct data structure would be processed at
: all). Here is the question: Is this as good as thin air? Can you
: see any way a hacker could use such a connection to penetrate the
: bank's network?
:
:
:Dianelos Georgoudis
:email: dianelos@tecapro.com
:http://www.tecapro.com
:
:
Yours,
J.A. Terranson
sysadmin@mfn.org
support@mfn.org
--
If the Government wants us to behave,
they should set a better example!
