Technology risk without safeguards

• Previous message (by thread): Technology risk without safeguards
• Next message (by thread): Technology risk without safeguards
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

I think the actual risk is the opposite of transmitting signals to damage or sabotage.

I have read about many cases of receiving weak signals from things like monitors and wireless keyboards that could be snooped in by receiving and decoding them. I suppose routers and switches could leak signals representing actual data packets like this too. Perhaps even before they are encrypted.

I could imagine a scenario where a neighboring cage in a DC attempted something like that. It would be much  harder to detect than a physical breach. 

Brandon

> On Nov 4, 2020, at 12:54 PM, William Herrin <bill at herrin.us> wrote:
> 
> On Wed, Nov 4, 2020 at 11:37 AM Suresh Kalkunte <sskalkunte at gmail.com> wrote:
>> Your comments gives me an overall impression that data center equipment are on average adequately protected, that is good. Also, public discussion on the risk of intentional EMI is a big positive.
> 
> I watched a T.V. program a few years ago where an investigative
> reporter did a piece on the risks of malicious electromagnetic
> interference (EMI). He did a demonstration where he tried to cause a
> car to malfunction. A bad actor could cause highway crashes! He had a
> great big apparatus about the size of the car's engine compartment and
> pointed at the car. Nothing happened. So he moved it about 3 feet from
> the car. Nothing happened. So he opened the car's hood and pointed it
> right at the engine. Finally the engine started sputtering and the
> dashboard electronics malfunctioned. The car, of course, remained
> completely controllable and when the EMI generator was turned off it
> resumed normal operation undamaged.
> 
> I've also had lightning hit about 50 feet from my unshielded computer
> room. It fried a little plastic COTS router that was connected by
> about 100 feet of UTP ethernet to my core router. The core router
> crashed but worked fine after a reboot. No other equipment was
> affected.
> 
> Vulnerability to EMI is a lot less than folks imagine.
> 
>> However, targeting a human using powerful RF is uncharacterized (please see https://github.com/sureshs20/De_Risk_Technology). If the RF emitters conducive for getting re-purposed for malice were prohibitively expensive _or_ the expertise to re-purpose RF for malice was very complex _or_ if there were diagnostic/forensic tests to detect foul-play using powerful RF, I would not be pursuing this initiative to safeguard unsuspecting/defenseless targets of opportunity.
> 
> Malicious use of EMI emitters to harm human health is definitely out
> of scope for this list.
> 
> Regards,
> Bill Herrin
> 
> -- 
> Hire me! https://bill.herrin.us/resume/

• Previous message (by thread): Technology risk without safeguards
• Next message (by thread): Technology risk without safeguards
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]