You are here

DEC

Cloud Computing Discovers Covert Channels

A SANS Handler Notebook entry by Toby Kohlenberg reports on data leakage in cloud computing, and links to a terrific paper from some UCSD/MIT people: Ristenpart, Tromer, Shacham, and Savage.

If we set the wayback machine to the early 1970s, we find a paper by Butler Lampson about something called the confinement problem. It's the same thing. Ristenpart et al pick up some of the threads (like noninterference) though their paper doesn't point all the way back to Lampson.

This is a hard problem to solve. The only defense right now is if attackers lack the motivation to exploit it.

Techno-zombies and Pluribus

I'm always amazed at how long a piece of apparently obsolete equipment can remain in service, especially in government service. Bruce Schneier's blog listed a link to NSA's 1991 video catalog at governmentattic.org. The catalog grants us an interesting if spotty view into the world of crypto gear and classified data collection systems.

I was particularly astonished to see inclusion of a video about the Pluribus - a long-obsolete Arpanet-era packet switch. I worked on the beast: it was overbuilt and underpowered. And unreliable (more on that another time). In the ideal world of tech, such obsolete junk should have been recycled by 1991. I was optimistic.

Theme by Danetsoft and Danang Probo Sayekti inspired by Maksimer