Multi-layer security vs Separate machines

yes that's correct. I was musing over the idea of isolation...there are several degrees...

Like Joanna of bluepill fame, apparently uses different browsers, one for online banking another for everyday use. That's very weak isolation of course but it presumably works against stuff like crosssite scripting attacks...

The next level up would be isolation via different user accounts , so you use one account to do X, another account to do Y.

Then via stuff like returnil/deep freeze

The next step in isolation is via virtual machine

And the next step up is actually having different physical machines... (and then different machines or different LAN etc etc)

Depends on how far you want to carry this really.. and as i said, no matter which strategy you use, you have to be disciplined enough to do only what you are supposed to do....

It's very easy to decide, oh well it's too troublesome to launch another browser, log into another account, reboot to a safe state, launch the vm, or even physically move to another machine, and do online banking on the unsafe one... or viceversa....

 

Here's my two bit on the separate machine idea...

I have used this method for many years. Except I don't use separate machines at all, only a removable hard drive tray system with multiple hard disk fully configured with separate operating systems. I use them mostly for testing but I also use them as traps or fishing nets for hacks, spyware and trojans.

I also use one built specifically for Gaming. And now since SATA II Hard Disk technology is widely available you can even use these as hot swappable data storage by having multiple units... (like SCSI for corporate hot swap bays).

This is what I actually use MRK-200ST-BK (Full Kit) more info here on similar products: http://www.vantecusa.com/product-storage.html#
Combined with a stack of 500 Gig WD AAKS series Hard disks...

This method allows me to invest most $$$ into a multiprocessor (Yes multi sockets not just cores) power house instead of using cheap unreliable low performance PC's... This technique can also be applied to any of you, if you put some time & energy into the proper design of your pc... Instead of purchasing the lowest denominator on the market multiple times...

And oh... by the way, each of these independently configured hard drive with it's own operating system is setup with it's own multi layered security at software level as well...

 

In other words, what level of discipline are you going to tolerate for the diminished gains in security.

 

Why not simply use Firefox with NoScript? a far simpler strategy against Serv Cross Scripting or with any type of IFrame driven injectors...
Also free products such as Linkscanner & McAfee Site Advisor excel against these!

 

This is where using Noscript makes so much sense: when sensitive data is at risk.

If added to the isolation hierarchy LUSHER delineated above, Noscript could be placed before the level of separate browsers, separating allowed/disallowed scripts and plugins within the browser.

 

One advantage that the separate hardware strategy has over multi-layered which appeals to me:
I can SEE with my EYES and confirm there can be no leaks!

With all these softwares, isn't there a LOT of trust which must be placed in every single one of these software vendors?
5 apps from different vendors; five BUSINESSES to trust?

I have enough headache just trusting the OPERATING SYSTEM vendor!

 

Hello Herbalist!
Some months ago I followed the link on your sig and created a Win98SE VM, to remember the good ol' days.
Well, the good ol' days certainly were good, but thank goodness, they are also OLD.
It can be done, but it still requires a LOT of work to get Win98 up to snuff from scratch.
So you are 100% correct; it is quite possible make a 10 year old operating system, heck, maybe even a 13 year old operating system, as secure as the latest, but would the average guy have enough passion to make it so?
I think not.

 

The manufacturer of your car, the producers of your food, your doctor, etc., can make mistakes that could be far more damaging to you.

If the data is so important or your lack of trust so great, then being able to see and confirm with your own eyes is the solution for you!

 

I guess it comes down to learning and understanding what one is actually trying to accomplish. The layers in question are specific target one is trying to secure (based on current attack vectors) as for the companies... Well, that is a question of appropriate research done during selection...

Trust doesn't have to be blind... at least not entirely.

 

The manufacturer of my car is based in my country, and so too the producers of my food, and I know the University from which my doctor graduated.
I can go to court and get my doctor's license suspended.
Can I do the same with a software developer?

Your comment is ridiculous.

 

Isn't there a legal system in your country?
There are always remedy for such. Besides a company actually has far more to loose. ie reputation, respectability and ultimately sales which could lead to insolvency...

Typically those are elements a serious software business would not take lightly.

 

Yes, we do have a legal system in my country.
It's the same country that allowed a monopolist to control the market with an OS that has a very poor security profile.
True, this apparently is a very serious software business; unfortunately I guess they missed reputation 101 and respectability 101, but they sure did mighty fine in sales 101!

 

Perhaps in America, however in Europe they did loose some rather significant lawsuits and they are ordered to pay some massive fines..

 

Massive? Hehe.
For some, it may be massive.
For this entity?

 

Certainly for me... anything over $10.00 Canadian is massive!

 

Perhaps.

But it would be more ridiculous for you to worry about a legal remedy after you died from an auto accident, pathogens in your food, or a mistake by your doctor. This is self-evident.

Frankly, I wouldn't focus on the analogy which you don't think is apt. I was merely suggesting a proper perspective. Being cautious is one thing. Paranoia is quite another (not a rare occurence here).

Unless someone has important data that justifies such extreme measures, why go through all that trouble? But if you really have such serious concerns with trusting most security software, then by all means it's a solution for you.

 

Yes, getting 98 up to date and ready for the modern internet does take some time. There's a lot to do, especially when you get to drivers and hardware upgrades. USB 2.0 didn't exist when my OS was released. Then again, getting any version of windows up to date on the patches takes time. I was looking at the SP3 release candidate for XP, all 336 megabytes of it, wondering how many patches that thing contains. That thing is over half the size of my 98 install CD. Starting from scratch with any version of windows, XP or older is a pain. Fortunately, it only has to be done once.

Once you get past the updating and get to the actual securing of the OS, 98 is comparatively easy to secure. It takes about 2 minutes to close the open ports on 98. Doing the same on XP or 2K requires going into the services and deciding what to disable.

Firewall rules are much simpler on 98. There's far fewer OS components that want internet access. 98 runs fine when the OS itself isn't given internet access. The services on NT systems make that more complicated. On 98, the only part of the firewall rules that might get complicated is rules for loopback connections.

On 98, an app like SSM free is easier to set up than it is on XP. There's fewer processes to make rules for. Parent-child dependencies are much simpler than on NT systems. Compared to XP, default-deny is simple to set up and much easier to enforce. A lot of modern malware doesn't run on 98. Rootkits are almost a non-issue. On 98, the entire registry can be secured with a couple of batch files. Try that on XP.

Yes, the "good ol' days" were are still good. No ones taken them away. They're still there for the taking. M$ and the other big vendors would like you to believe that you need their support, that you have to run the latest, greatest, and most expensive. If you're using a security policy rooted in default-permit, you probably do need them. Many people don't realize that there are other options. Yes, it can take some time to learn to secure an older system and to make it functional in todays internet. You can spend time learning how to take care of and how to secure what you have, or you can spend that time earning money to buy new hardware, software, etc and hope for results that are as good. You'll spend the time either way.
Rick

 

Since $M is solidly convinced against ever revisiting 98/Me systems for a new rewrite, which to their blind eyes would be of enormous interest and benefit no matter what critics say, that leaves us die hard 98 loyals with a gloden opportunity because there are still developers out there willing to take up the gap $M left behind when they totally abandoned it.

Personally i'm still in the process of finding just the right driver to power my 98 connection via wireless handset.

I might even write one if i get tired of hitting dead ends. There are always workarounds to be realized even with these systems. $M would much rather dismiss it ever existed from the looks of things, but thats on them. Theres still plenty of possibilities and you can bet some have capitalized on these new discoveries returning their 98's back again into the mainstream of usefullness.

IMO, Vista is a bust, and XP has the BEST attention going for it right now by security vendors who are ganging up on securing it COMPLETELY & PERMANENTLY with sandboxes, virtuals, ISR's etc. For me XP Security is already fully complete, with a lot of effort btw and time invested due to it's HUGE framework of files/services/registry/permissions etc.

But 98 is wide open yet to improve on even more and in many ways prove more secure with less re-assembly required.

 

Tricks...

 

PS also misses the point, that we don't trust them at all. The idea of having 5 layers is such that each layer is watched by the other 4!

I don't particularly trust my sandbox, but my firewall, antivirus, behavior blocker etc is watching the sandbox for any tricky business and so on for each of the other components.,,,

 

Apparently I DO miss the point, because I was under the impression that the purpose of having separate layers was that each layer covered a separate threat vector, rather than each layer being a watchdog for the other.

It appears that I stand corrected.

 

I must say though, I am more than a little curious as to which firewall, for example, you use that is capable of watching your antivirus, and therefore covering you when your AV falls short...

 

The idea is that if one "layer" misses something, another "layer" would catch it, since no anti-malware product is completely foolproof.

For example, a software firewall would alert you to malware phoning home that your AV failed to detect.

 

LUSHER was (partially) kidding

 

Originally Posted by ProSecurity
Apparently I DO miss the point, because I was under the impression that the purpose of having separate layers was that each layer covered a separate threat vector, rather than each layer being a watchdog for the other.

Actually they do both as they actually work as a fail safe mechanism without being designed that way... Besides whatever executable trying to modify core systems will be detected multiple times and thus offering the opportunity to block it layer by layers if necessary... I have done this often between the firewall alert, Defense + alert and then PREVX alert all monitoring the requests and releases of some executable... pretty neat to watch actually.