digg

Facebook Connect Join Digg About
See the original image at web.mit.edu

Secure computers aren’t so secure

web.mit.edu Even well-defended computers can leak shocking amounts of private data. MIT researchers seek out exotic attacks in order to shut them down

Who dugg this? Made popular 30 days ago

Digg DudeWhat is Digg?

Digg is a place for people to discover and share content from anywhere on the web. Digg surfaces the best stuff as submitted and voted on by the community. Take the Tour to learn more.

49 Comments

show profanity settings
expand all
  • rblancarte, on 10/30/2009, -4/+39The most secure computer is one that isn't running, isn't hooked up, even to power, and is locked in a room with no way of accessing it. If your computer is on, by nature it is insecure. If you think otherwise, you are just asking for trouble. And any in-depth computer user should know this.
  • RunDiggMC, on 10/30/2009, -3/+32Insecure computers are insecure.
  • TheUngod, on 10/30/2009, -1/+25Only if they are FAT, especially FAT32.
  • GamerXR72, on 10/30/2009, -1/+13I could have told you that after watching CSI. Hackers can make a GUI in Visual Basic and get your information at any time.
  • WhiskeyLemur, on 10/30/2009, -1/+12Frak you, my abacus is secure!
  • IphtashuFitz, on 10/30/2009, -1/+12The most secure computer hasn't been built yet. It's just components sitting on the assembly line, or better yet the raw materials. At least that way you know there aren't any hardware-level backdoors in the system.
  • jv2k, on 10/30/2009, -1/+11nofx, way to completely miss the joke.
  • zip000, on 10/30/2009, -0/+8When I read that it is possible to capture keystrokes from a power outlet down the hall, I pretty much gave up on the idea of security. It isn't even a new technique, just something that I had never heard of. Just monitoring the fluctuations of power, it is fairly trivial to detect which keys are being pressed.


    I'm still amazed by that.
  • NJank, on 10/30/2009, -1/+9I had 3 friends die from H1N1 picked up from an infected abacus, you insensitive clod!
  • phlyphl69, on 10/30/2009, -1/+9The level of insightful or even moderately entertaining comments on this shockingly low...
  • iopasd, on 10/30/2009, -0/+7I'm digging this just to spite you, anus.
  • dbbblondon, on 10/30/2009, -0/+6my momma says i'm special
  • hughesj919, on 10/30/2009, -0/+6Pretty interesting read. That's some clever programming. Thieves are much lazier than that though, and there are always easier ways to get information than going directly for the computer (phishing for example). People are much easier to crack than computers, and always will be.
  • mister711, on 10/30/2009, -0/+6***** you
  • the8thbit, on 10/30/2009, -0/+5nofx: *WHOOOOOOOOOOOOOOOOSH*
  • Turious, on 10/30/2009, -1/+5So they use a magnifying glass to look closely at my security key? Crap, I thought I had covered all my bases.
  • erichw1504, on 10/30/2009, -4/+8If secure computers aren't secure then aren't they just computers?
  • IphtashuFitz, on 10/30/2009, -1/+5Um. See where I said "better yet the raw materials"? And the comment about that being the only way to know there aren't any hardware-level backdoors built into chips?
  • jakobrowning, on 10/30/2009, -0/+3Don't you mean to say that you just read the article and wanted to let everyone here know you're a smarty-pants know-it-all even though you just learned about this 2 minutes before you commented?
  • burrdugg, on 10/31/2009, -0/+3Acting like you are above everyone else on security matters is never advisable, because the person eavesdropping your keystrokes live over the net is not going to believe you.

    Even the most proficient security experts in the trade are always taking for granted the risk factor that an intruder may be lurking inside their system at any given moment.
  • erichw1504, on 10/30/2009, -0/+3Stupid is as stupid does.
  • Expl0siv0, on 10/30/2009, -0/+3Hey be nice.
  • bdpf, on 10/30/2009, -0/+2If a computer is connected to the web, internet or with outside access, phone, DSL, T1, etc. it can be compromised.

    Only a stand-a-lone computer, not connected in anyway might be secure if it is a tempest approved computer in a tempest shielded secure environment.

    Do you have several hundred thousand dollars?

    A good DIY might be cheaper but how do you pay guards?
  • the8thbit, on 10/30/2009, -0/+1It magnifies-away the blue.
  • Rammat2, on 11/02/2009, -0/+1The only way to keep from aging, kill yourself.
  • JohnnySoftware, on 10/30/2009, -0/+1No. Timing is everything.
  • Jaime2000, on 10/31/2009, -0/+1@NJank: You are doing it wrong. You are supposed to say the following.

    "***** you, two of my friends died from the H1N1 your infected abacus gave them!"
  • JohnnySoftware, on 10/30/2009, -0/+1Yeah, except that is not secure.

    You're taking as a given that physical security is doable and software security is not doable.
    I can think of a number of cases where that is the exact opposite of what happened.

    Your description is often uttered by people whose software has really, really, really severe track record of being insecure. Go back and check who you are quoting.

    Start calling out ways to physically secure stuff and I can respond with ways to overcome that.
  • bdpf, on 10/31/2009, -0/+1/s

    25 years of providing secure comms, in the Navy, lets me know that no computer is secure. Don't forget to disable thumb drives. Ha Ha!

    /s
  • JohnnySoftware, on 10/30/2009, -0/+1If that was true then there would be more attacks mounted through phishing than through worms and viruses.

    I really doubt that is anywhere near true.

    Of course, people bought the computers in response to ads, word of mouth, assumptions, and seeing what "everyone else" was doing. So maybe in a sense you are right and people are easier to crack.
  • rjan, on 10/30/2009, -1/+1You mean this comments suck?
  • ethana2, on 10/30/2009, -1/+1Colemak, suckers :D
  • JohnnySoftware, on 10/30/2009, -1/+1I don't think tempest shielding an environment prevents you from leaving the door unlocked, the building unattended, and the computer unguarded without any sort of tether on it or security in it.

    Supposedly the credit card industry, the military, and many other organizations operate in a "secure environment" but we have sure seen a heck of a lot of data loss from those sectors the past couple years, haven't we?

    If you're not intelligent, knowledgeable, diligent, and passionate - you're going to get pwned. Nobody is perfect but from reading about tons of incidents in the past decade I can be pretty sure that at each breach someone was not sufficiently up to snuff in one of those 4 categories.
  • miaow, on 10/30/2009, -1/+1scientists were able to tune in to your wireless headphones while you watch porn, like your neighbor does.
  • Sybaek, on 10/30/2009, -2/+1The only real way to secure a computer:

    Turn it off.
  • the8thbit, on 10/30/2009, -3/+1Hey man, maybe your computer would be more secure if your security key wasn't "security key".
  • phlyphl69, on 10/30/2009, -3/+1Yes Sir, That is EXACTLY what I mean...
  • ITSpecific, on 10/31/2009, -3/+1The only real way to secure a computer:

    Not have one.
  • geoken, on 10/30/2009, -4/+1Are they talking about hard drive cache or actual ram/paged memory?
  • NJank, on 10/30/2009, -4/+1actually, they're slow computers.
  • bobdigi, on 10/30/2009, -5/+2Fag
  • mister711, on 10/30/2009, -8/+3the most secure computer in the world is the deathstar system. Unfortunately the deathstar got blown up
  • piieerrrree, on 10/30/2009, -6/+1"In 2005, Eran Tromer, now a postdoc at CIS, and colleagues at the Weizmann Institute in Rehovot, Israel, showed that without any breach of security in the ordinary sense, a seemingly harmless computer program could eavesdrop on other programs and steal the type of secret cryptographic key used by one of the most common Internet encryption schemes."
    Aaand that's when I stopped reading.
  • erichw1504, on 10/30/2009, -6/+1Especially CRT monitors around flat screen monitors.
  • earthtones, on 10/30/2009, -12/+5"Secure computers aren't so secure" - gee, ya think? :)
  • sajuuk, on 10/30/2009, -10/+2Your both wrong. Even the components can be compromised, as is evidenced by the hard drives that show up pre-loaded with virii. The only truly secure computer is the one that doesnt exist.
  • Speedy7, on 10/30/2009, -9/+1Heartburn's gone away now.
  • nofx1510, on 10/30/2009, -12/+2Have you ever had to read a FAT32 partition table, its not fun and its defiantly something a hacker would do as a last resort to get your information.
  • inactive, on 10/30/2009, -15/+5What the *****? We've known about this for decades. How incredibly stupid do you have to be to digg an article like this?

  • Add a Comment

    Login or register to comment!
    Or, sign-in super fast with your Facebook account ...


© Digg Inc. 2009 — Content created and posted by Digg users is dedicated to the public domain | Terms of Use Updated | Privacy Policy
DIGG, DIGG IT, DUGG, DIGG THIS, Digg graphics, logos, designs, page headers, button icons, scripts, and other service names are the trademarks of Digg Inc.