Air Gap? What air gap...

I saw that this morning. Those Israelis sure have been busy little bees the last several years on air gapped systems exploits.
 
Markverhyden said:
I saw that this morning. Those Israelis sure have been busy little bees the last several years on air gapped systems exploits.
Click to expand...
In a past life I used to build air-gapped systems. The part that bugs me is...

If you built the way we did? This crap is flat not possible. I was working with grounded materials, cable spacing, and other techniques to control EMF bleed 20 years ago. This junk is only possible if you think you're "air gapped" by simply running a dedicated switch or VLAN to a specific room.

I'm no longer doing that work because no one would pay for it. And now, here I am with actual evidence of the crap I was worried about two decades ago. Doesn't do me any good, because people still won't invest in infrastructure correctly regardless.
 
Heh....wow.."LAN-tenna". Pretty much just plugged in an access point into an isolated network...just using the CPU of an infected host machine for the wifi chipset, and using the ethernet wiring for the antenna. Freaky!
 
YeOldeStonecat said:
Heh....wow.."LAN-tenna". Pretty much just plugged in an access point into an isolated network...just using the CPU of an infected host machine for the wifi chipset, and using the ethernet wiring for the antenna. Freaky!
Click to expand...
Side channel exploits are usually creative uses of the laws of physics go move data around. This same team exfiltrated data using light off a monitor and the sound of PSU fans... It's pretty wild.
 
fincoder said:
I thought 'air gap' meant no network connection whatsoever.
Click to expand...
That's exactly what it means, it means a LAN that's isolated from everything. Yes you can refer to a machine as air gapped if it's utterly unplugged, but there is also a concept of an air gapped network, allowing multiple machines to communciate with each other but not the world, or any other network.

This article describes software that when run inside the isolated network, turns the wire in the walls into an FM radio station another device nearby can pick up on and relay data from.

Do you want nuclear launch codes? This is how you get nuclear launch codes...

@britechguy It's more specific than that... and Air Gapped network means a completely isolated network that has no internet connectivity OR any other connectivity. It's its own thing, a digital island. It doesn't even talk to other internal networks.

But that's where the problem lies you see... you can achieve this in many ways, and the only really secure way is to ensure you don't just VLAN it off on the same switches that do everything else. And this article is actually talking about why in extremely high security situations, you cannot even share the same cable plant!
 
Sky-Knight said:
That's exactly what it means, it means a LAN that's isolated from everything.
Click to expand...

So, it can be, as I implied, a Local Area Network that has no connection to cyberspace (or even other networks). But it is a network.

You can't say an air-gapped LAN has no network connection whatsoever, as it is a network. It has no connection "to the outside world." It's self-contained.
 
fincoder said:
I thought 'air gap' meant no network connection whatsoever.
Click to expand...
Initially, as I understand it, it referred to a computer, monitor, KB, mouse plus necessary peripherals directly attached. I remember reading commentary years ago that discussed high security places where there were several setups like that in one office space, several systems setup next to each other on long tables. Later things like KVM's, VM's etc muddied the waters. At some point KVM's and hypervisors were accepted as long as the chassis wasn't attached to another network. Things get more complex so now they'll allow LAN's but in a walled garden. At any rate, as always, it's PEBCAK that one has to worry about.
 
britechguy said:
So, it can be, as I implied, a Local Area Network that has no connection to cyberspace (or even other networks). But it is a network.

You can't say an air-gapped LAN has no network connection whatsoever, as it is a network. It has no connection "to the outside world." It's self-contained.
Click to expand...

Yeah context matters.

Are we talking about an air gapped system? or network? They both apply... Typically air-gapped networks don't communicate beyond themselves... but that's not a hard and fast rule either. The only thing that's consistent is, these things have no Internet access... ever...
 
Are computers and other storage devices regarded as air-gapped if they're connected to a LAN with no WAN connection? I didn't think that was the case, because the complexity of some LAN architecture would mean some tiny amount of uncertainty (e.g. due to human admin staff involved).
 
fincoder said:
Are computers and other storage devices regarded as air-gapped if they're connected to a LAN with no WAN connection? I didn't think that was the case, because the complexity of some LAN architecture would mean some tiny amount of uncertainty (e.g. due to human admin staff involved).
Click to expand...
The machine wouldn't be air gaped, but the LAN might.
 
You must log in or register to reply here.

Similar threads

mdownes
Data recovery from a 12+16 pin SSD (MacBook Air)
Replies
15
Views
277
jogold
jogold
HCHTech
GoDaddy again - Outlook error 7ita9
Replies
3
Views
198
callthatgirl
callthatgirl
Appletax
Bent New Mobo, A-XMP vs EXPO
Replies
12
Views
990
Appletax
Appletax
HCHTech
Permission Hell
Replies
12
Views
1K
Sky-Knight
Sky-Knight
Appletax
[REQUEST] Do I have these gaming PC fans in the correct orientation?
Replies
9
Views
888
Blues
Blues
Back
Top