0

This is theoretical question that seems to be interesting (at least for me). What would you do to completely close the whole system from outside world? By close I mean that any human shouldn't be able to login and it should only do some tasks with the simplest interface with outside world that is needed for them. It should be IMPOSSIBLE (ok - to possible extent ;) ) to access internal structure by anyone. However - after cutting power off, and restarting it that way - it should continue its work.

I imagine that HDD should be encrypted, so after cutting power off - it shouldn't be possible to get anything from it.

Is it possible or how close can we get?

PS. I don't even know what tags to use :( .

Łukasz Zaroda
  • 6,593
  • Just for fun. How about configuring a time bomb and if the user presses wrong key combinations in the keyboard for the third time, the system goes boooom!!! – Ramesh Mar 02 '14 at 00:53
  • 2
    @Ramesh: https://xkcd.com/1168/ – n.st Mar 02 '14 at 01:46
  • 1
    This is much to broad to give a meaningful answer. Presumably you want your system to do something (control an elevator, play music, ...), so some input and output is needed. How critical is the contents of the disk/flashdrive? If controlling an elevator, probably not much; otherwise it could be important. To what extent can you control hardware access? And so on. As in all "security" type questions, 100% isn't possible, even in principle; and you need to consider the potential treats (just random accidents, high-school student nosing around, determined profesional, NSA). Give details... – vonbrand Mar 02 '14 at 02:08

1 Answers1

1

"potential treats"? Like what? Bacon? Candy? On a serious note though, I see the down vote, but the question is interesting. Of course, limiting physical access is part of the security process. As far as the system itself is concerned, you could remove all ports from the motherboard, except the hard drive and power connections after you installed the operating system and set the BIOS to power the system up after power loss, and to ignore all error messages about missing keyboard. Weld the case shut. Now you have a sort of Schrödinger's *nix Box! If the box communicates with or controls anything, it is not fully closed off from the outside, though. Pointless experiment or not, it is an interesting brainstorming exercise. On a more practical note, in the information security field people do use air-gapped machines for a variety of reasons; generating keys, storing sensitive data, certificates, writing messages that leave the computer only in an encrypted form through storage devices and not through wired or wireless networking.

Elteto
  • 11
  • This is question about system but not hardware, if you removed hardware, you could add it once again I think, but is it possible to remove all "drivers" to anything from inside? ;) – Łukasz Zaroda Mar 02 '14 at 13:30