• @HC4L
    link
    English
    92 months ago

    Depends. If you need updates on the software used in the air gapped network you won’t have lot of options. Burning cd’s doesn’t sound so crazy all of a sudden though…

    • @[email protected]
      link
      fedilink
      English
      142 months ago

      Having worked in classified areas, both as an admin and an unprivileged user, CDs were normally the method of transferring data up the network. (Transferring down rarely occurred, and even then you’d be limited to plaintext files or printouts.)

      I’ve seen more places use data diodes to perform one- or two-way transfers so that requests can be streamlined and there’s no loose media to worry about tracking. It’s not super fast and higher speeds mean more expensive equipment, but it covers 98% of software update needs, and most non-admin file transfers were under 20MB anyways.

      Anything that did require a USB drive, like special test equipment (STE) or BIOS updates, had to use a FIPS-140-1 approved drive that offered a ready-only mode via PIN. This drive could only be written to from a specific workstation that was isolated from the rest of the machines (where data was transferred via CDs of course) and required two persons to perform the job to ensure accountability.

      Not the most time-efficient way of doing things, and not completely bulletproof, but it works well enough to keep things moving forward.

    • @[email protected]
      link
      fedilink
      English
      32 months ago

      You can greatly reduce the attack surface by limiting device use to specific users or maybe even specific devices that are controlled.

    • @[email protected]
      link
      fedilink
      English
      12 months ago

      Wouldn’t you validate that update on a test machine in an isolated environment…like we’ve done since forever?

      • @HC4L
        link
        English
        22 months ago

        That still won’t say anything about the reliability of the medium. The update itself isn’t the problem.

    • @quixotic120
      link
      English
      12 months ago

      I mean therein lies the problem. If you remove mass storage devices but allow cds then that’s just a different attack vector to exploit. You could potentially make it so there is no way to interface with any kind of storage but then when someone finds a way to break things open with a hid device you now have no practical way to fix the issue (plus working with the machine will be a nightmare)

      • @chaospatterns
        link
        English
        3
        edit-2
        2 months ago

        CDs have an advantage over USB drives in that they can’t actually secretly be USB HID devices like a fake keyboard or mouse that runs a bunch of commands when it plugs in. It’s only a storage device.

        A super secure environment might then lock down all USB devices to ones known by them and then epoxy all ports and devices.

      • @[email protected]
        link
        fedilink
        English
        22 months ago

        No. This exploit worked because the medium is read-write. Once a disc is finalized, it cannot be written to. You can’t exfiltrate data via the CD.

        I’m sure there’s some modified CD burner out there that can write to a finalized disc, but this would only work where the air-gapped machine supports it, and also even has a drive that can write.

        • @quixotic120
          link
          English
          12 months ago

          Unless it’s a rewritable cd, or the cd is the first step in a chain of exploits that allows write access on the usb ports used for peripherals so that an inside person could get away with a usb key or modified keyboard, or something else we can’t conceptualize but some group of well funded state actors can