Decoupling for Security

This is an excerpt from a longer paper. You can read the whole thing (complete with sidebars and illustrations) here.

Our message is simple: it is possible to get the best of both worlds. We can and should get the benefits of the cloud while taking security back into our own hands. Here we outline a strategy for doing that.

What Is Decoupling?

In the last few years, a slew of ideas old and new have converged to reveal a path out of this morass, but they haven’t been widely recognized, combined, or used. These ideas, which we’ll refer to in the aggregate as “decoupling,” allow us to rethink both security and privacy.

Here’s the gist. The less someone knows, the less they can put you and your data at risk. In security this is called Least Privilege. The decoupling principle applies that idea to cloud services by making sure systems know as little as possible while doing their jobs. It states that we gain security and privacy by separating private data that today is unnecessarily concentrated.

To unpack that a bit, consider the three primary modes for working with our data as we use cloud services: data in motion, data at rest, and data in use. We should decouple them all.

Our data is in motion as we exchange traffic with cloud services such as videoconferencing servers, remote file-storage systems, and other content-delivery networks. Our data at rest, while sometimes on individual devices, is usually stored or backed up in the cloud, governed by cloud provider services and policies. And many services use the cloud to do extensive processing on our data, sometimes without our consent or knowledge. Most services involve more than one of these modes.

To ensure that cloud services do not learn more than they should, and that a breach of one does not pose a fundamental threat to our data, we need two types of decoupling. The first is organizational decoupling: dividing private information among organizations such that none knows the totality of what is going on. The second is functional decoupling: splitting information among layers of software. Identifiers used to authenticate users, for example, should be kept separate from identifiers used to connect their devices to the network.

In designing decoupled systems, cloud providers should be considered potential threats, whether due to malice, negligence, or greed. To verify that decoupling has been done right, we can learn from how we think about encryption: you’ve encrypted properly if you’re comfortable sending your message with your adversary’s communications system. Similarly, you’ve decoupled properly if you’re comfortable using cloud services that have been split across a noncolluding group of adversaries.

Read the full essay

This essay was written with Barath Raghavan, and previously appeared in IEEE Spectrum.

Tags: , ,

Posted on November 8, 2023 at 7:08 AM26 Comments

Comments

JimFive November 8, 2023 8:04 AM

I think that “you’ve decoupled properly if you’re comfortable using cloud services that have been split across a noncolluding group of adversaries” is wrong. In the proposed model it is “colluding adversaries” that you need to worry about.

I think that this paper is proposing a technical fix to what is fundamentally a structural/legal problem. The current environment is such that a corporation can use any data it can get its hands on in any way that it wants. If I make a hotel reservation with my phone number that information gets transferred to google via some process and now google sends me ads for whatever location the hotel is at. But the hotel should not be allowed to tell google that I made a reservation. That’s the problem.

Asimov (I think, it could have been Heinlein) wrote about a society where private information was owned by the person and misuse of that information was an act that could ruin a company. We missed that train but I’d like to think that we have a chance of rolling it back a bit.

Clive Robinson November 8, 2023 10:10 AM

@ Bruce,

I hate to say it but changing what we call things, rather than learning why we need to change the way things actually work, is a game of rearranging the deck chairs on the Titanic.

Saying,

1, “Data at rest” for “data storage”
2, “Data in motion” for “Data communication”
3, “Data in use” for “Data processing”

Is a case of the former, not the latter and is not resolving any issues, in fact it’s actually making things needlessly more complicated and as a consequence actually hiding things that should be in clearer sight… So even if lessons are learned, they are harder to implement and subject to “lost in translation” issues.

Whilst I’ve never been a fan of AuthZ and AuthN they had become a form of standard for the past four decades or so. And had been augmented when people started to realise that both people and jobs had roles attached to them and roles needed to be looked at within the function of the organisation and importantly be dynamic rather than sufficiently static and encomberson so as to be like fouling on the bottom of a boat (just “grows unaccountably”, “slows progress”, whilst “decreasing efficiency” and “decreasing security”).

Decoupling is a new term that trys to encompass other terms such as segregation, issolation, and, encapsulation to name just three.

Hence,

“In the last few years, a slew of ideas old and new have converged to reveal a path out of this morass, but they haven’t been widely recognized, combined, or used. These ideas, which we’ll refer to in the aggregate as “decoupling,” allow us to rethink both security and privacy.”

I realy don’t think it will “allow us to rethink both security and privacy”, just make for more nearly irrelevant questions in certification exams, and needless re-writes of books.

As was once said,

“There’s a reason you don’t chuck all the crabs in one bucket, or put all the snakes in one bag.”

Or other similar points involving cats, ferrets, and similar creatures that “need space” or “segregation” and seperate “encapsulation”. Otherwise you get a mess that nobody wants to go near let alone sort out.

“The less someone knows, the less they can put you and your data at risk.”

Actually whilst that’s sort of true for “disinterested outsiders”, it’s not true of “interested outsiders” and many “involved insiders”. Because of the old “information loves to be free” observation from decades ago and the likes of side channels and inappropriate actions.

And why I’ve consistantly warned that Cloud and most “XaaS” systems are a very very bad idea.

Whilst we can sort of encapsulate data at rest and in motion, when it’s not sufficiently or fully segregated it leaks,

1, information
2, meta-information
3, meta-meta-information

As a matter of function (storage, communications). But when it comes to “data in use” currently there is neither encapsulation nor effective segregation, and as has been demostrated even with “Security Enclaves” there is sufficient information leaking,

“That like a loose thread on a jumper, it can be pulled and unravel more and more”. Thus “Decoupling” becomes a moot point encapsulation fails as segregation is insufficient.

As for,

“To verify that decoupling has been done right, we can learn from how we think about encryption: you’ve encrypted properly if you’re comfortable sending your message with your adversary’s communications system.”

The use of “if you’re comfortable” is not an idea that should be used in safety or security.

Some may remember all those holiday makers “who were comfortable” on the beach having their Xmas holiday, when the sea went out… Because they did not have the “knowledge” to know what it ment, many did not respond in time so disapeared, died, or were injured when it came back as a Tsunami and swept them helplessly to their fate.

If people actually understood the difference between segregation and encapsulation and side channel leakage of information, meta-information and meta-meta-information they would never ever be “comfortable” with “cloud services”.

Oh and for those covered by the SEC and “insider trading regulation” the attacks on CISO’s that have just been started are something you should realise are the first step of a potentially protracted grab on profits and fines. With the next step being via the regulation for insider trading prevention. Because no cloud service in active use can comply with insider trading prevention regulation…

K.S. November 8, 2023 10:42 AM

I am not convinced that it is possible to fully secure cloud infrastructure when using “involved” cloud providers, which we have reasons to suspect they all are. As such we need to talk about mitigation of inevitable compromises by APTs, such as poisoning your own data to make it less useful to hostile Nation-States when it is inevitably compromised.

hughes November 8, 2023 10:48 AM

… a VERY poorly written “Decoupling” essay — takes 20 paragraphs to get even near the main point and then muddles that unhelpful pojnt

JonKnowsNothing November 8, 2023 11:08 AM

@Clive, All

Over a long period of network configurations there is a pattern that can be determined in how things are set up.

There are times when consolidation is en vogue and when that gets saturated, distributed systems become the FOTM.

We have been going through a long period of distributed system design. As distributed systems require a different methodology for their use, coding, and setup, this has in part driven the way the internet works today.

Decoupling doesn’t really do much in the way of really addressing the way the current distributed system works.

We already know that we cannot fix this version of distributed system. We already can see the entire structure is vulnerable to Single Point of Failure and Cascading Failures. (1).

As @Clive pointed out, changing the names of things doesn’t really make any substantive difference in functionality. Increasing distribution of data does not really make things more secure because at some point, it all has to be reassembled.

Relational Databases can minimize the number of storage entities with an increasing number of storage indices. You have to do a lot of lookups if you want to do anything with the data. If you want an application to DoSomething, you have to reassemble all that data. Index lookups are fast v Flat Files which don’t need a lot of indices. You trade off one for the other.

Adding in another layer of DeCoupling indexing, isn’t really going to do much, because it relies on the same distributed system as every other layer.

There is really only one way to go, but you need a Whale to do it first, before the herd will follow. Since the current set of Whales make excellent profits from they way this system works, they are not the Whales we are looking for…

===

FOTM Flavor of the Month

1) ht tps://www.theguardi an.c om/business/2023/nov/08/challenging-times-ahead-for-optus-amid-fallout-from-network-wide-outage

ht tps://www.theguardia n. c om/business/2023/nov/08/optus-network-outage-australia-what-we-know-explained-news-updates

ht tps://www.theguardian. com/business/2023/nov/08/optus-phone-and-internet-outage-affects-millions-across-australia

  • The differing fortunes of the telcos speaks to the huge challenge facing Optus barely a year after it was hit by the worst cyber breach in Australian history
  • Hospitals, homes, businesses and transport services hit by Australia-wide internet, mobile and landline network blackout
  • eight hours after a nationwide outage left millions of Australian customers and businesses without mobile and internet services.

Anonymous November 8, 2023 11:08 AM

The biggest threat to capitalism is overproducing. The biggest threat to communism is underproducing. Artificial Intelligence is the machine that can predict demand; however, this machine can only be built if it knows what I am thinking and decoupling breaks that.

JonKnowsNothing November 8, 2023 12:52 PM

@Anonymous, All

re: Artificial Intelligence is the machine that can predict demand

Clearly, you have never been in a manufacturing environment. AI can no more predict demand than the JIT systems do and before that the Order Point Inventory Methods.

Inventory management is a big deal and lead time+time to market is all that AI/CritPath systems can calculate. They cannot predict actual demand.

What you might get is seasonal demand, skis in winter, swim suits in summer. Exactly which skis and which swim suits isn’t in the tarot cards.

Nor can these systems predict the “Next Hit”; the item that becomes a popular fad that exceeds all capacity. Pet Rocks and Cabbage Patch dolls.(1)

This is one reason, of many, that ads are placed and psychological FOMO NUDGEs sent (all legal of course) attempting to influence the population with disposable income to buy the “latest MUST HAVE” item(s), and even those who do not have disposable income to burrow (credit cards) so that “they won’t miss out”. (2)

AI cannot predict actual demand, it also cannot predict a marketing catastrophe. (3)

===

FOMO fear of missing out

1)

htt ps://en.wikiped ia.org/wiki/Pet_rock

htt ps://en.wikipedi a.org/wiki/Cabbage_patch_doll

2)
ht tps://www.theguardia n.c om/australia-news/2023/nov/07/junk-food-brands-target-children-social-media-data-who-prof-teresa-davis

  • Junk food companies use social media to co-opt children into working for them ‘for free

Davis described tactics used by the industry to lure children in,
such as encouraging children to take a photo of themselves with a
particular food product and post it to social media for the chance of
winning a “prize” including a supply of that food.

Food companies are also developing online games, with one
example given being children encouraged to shoot cannon balls at
a food target, putting the brand “front and centre”, Davis said.

In another example shown by Davis, a child was supplied with
various unhealthy foods and videoed himself “unboxing” and tasting
the foods to his social media followers.

Brands also encourage children to “tag” their friends in posts
promoting unhealthy food products for a chance to win the product
for their friends on social media, allowing food companies to collect
child food preference data, Davis said

3)
ht tps://www.theguardian .com/fashion/2023/nov/04/fashion-model-ai-image-tiktok

  • In a TikTok about the incident that has been viewed 1.8m times in
    the last week, Shereen Wu says Michael Costello, a designer who
    has worked with Beyoncé, Jennifer Lopez, and Celine Dion, posted
    a photo to his Instagram from a recent Los Angeles fashion show.
    The photo depicts Wu in the slinky black ballgown that she walked
    the runway in – but her face has been changed, made to appear as
    if she is a white woman

devin k November 8, 2023 1:09 PM

The essay uses “sigcomm.org” as an example of a site that could be hypothetically accessed without DNS-tracking by the ISP. But what about the site tracking the user? That one seems to not allow anonymous access; I see only “Please wait while your request is being verified…” when using Tor, and it never moves past that. Parts of Google block anonymous access somewhat aggressively too (search works about a third of the time). Not as aggressively as the IETF, who once claimed “pervasive monitoring is an attack” and championed protocol anonymity, but as of about September demand people “Enable JavaScript and cookies to continue” to even view the plaintext version of the RFC by that name.

If site operators are so against anonymity, what’s their incentive to change their mind and participate in programs like this? The essay says “We’re all hoping that companies will keep us safe, but it’s increasingly clear that they don’t, can’t, and won’t. We should stop expecting them to.” And it’s not till right at the end that I see the answer: “government policy that mandates decoupling-based best practices”. Well, that’s not gonna happen in the USA, where about half of all government agencies themselves disallow anonymous access without explanation (including the IRS, with whom people are legally required to engage: “Access Denied / You don’t have permission to access “http://www.irs.gov/” on this server. / Reference #18.d79419b8.1699466557.1d5fb39″).

If we can’t get our government to pass a law requiring companies (or themselves) to protect private information with current protocols and pratices, is it realistic to expect them to mandate “decoupling”?

JonKnowsNothing November 8, 2023 4:58 PM

@Anonymous, All

re: In a world of “Upgrade or die”, FOMO seems like a survival skill.

It has been a marketing technique from ancient times: I have the better cows, sheep, horses. Even Biblical infighting over off loading poor quality sheep to others while stockpiling better sheep for oneself was a theme. Where would we be without stories of Bucephelous and Marengo and the other MyHorseIsBetterThanYourHorses?

iirc(badly) when IBM brought out their first PCs, they thought they would be like mainframes: last forever. They even sold off their profitable PC division because they made just a wee-bit more profit from their mainframes. Then the market moved and PCs became obsolete before you could unpack the box and the rush was on for bragging rights to the latest and greatest with newer and newer machines.

Recently there’s been some push back, not a lot, but significant. Apple and Android will support their phones for longer, both opting for multiyear support. It’s nice to know you might get software updates 7 years from now, but will the phone still function otherwise?

M$ has not been very helpful in the up-cycling of their older OS onto refurbished machines, generally donated to charity. So those old systems now go into the landfill.

I have a boxes and boxes of obsolete kit. I am my own computer museum.

===

h ttps://en.wikipedia. org/wiki/Bucephalus

  • Bucephalus or Bucephalas ( c. 355 BC – June 326 BC)[a] was the horse of Alexander the Great, and one of the most famous horses of classical antiquity.[1][2] Ancient historical accounts[3] state that Bucephalus’ breed was that of the “best Thessalian strain”, and that he died in what is now Punjab, Pakistan, after the Battle of the Hydaspes in 326 BC. Alexander was so grieved at the loss of his horse that he named one of the many cities he founded after him, as Alexandria Bucephalous.

Bucephalus was named after a branding mark depicting an ox’s head on his haunch.

ht tps://en.wikipedia.o rg/wiki/Marengo_(horse)

  • Marengo (c. 1793–1831) was the famous war horse of Napoleon I of France. Named after the Battle of Marengo, through which he carried his rider safely, he was imported to France from Egypt following the Battle of Abukir in 1799 as a six-year-old. An Arabian breed, greyish-white coat, Marengo was probably bred at the famous El Naseri stud.
  • Marengo was wounded eight times in his career, and carried the Emperor in the Battle of Austerlitz, Battle of Jena-Auerstedt, Battle of Wagram, and Battle of Waterloo. He also was frequently used in the 80-mile gallops from Valladolid to Burgos, which he often completed in five hours. As one of 52 horses in Napoleon’s personal stud, Marengo fled with these horses when it was raided by Russians in 1812, surviving the retreat from Moscow; however, the stallion was captured in 1815 at the Battle of Waterloo by William Petre, 11th Baron Petre.

Sid Justice November 8, 2023 5:45 PM

@devin k,

wow, just freakin’ wooow!
It’s been a long, very long time, since I read a comment this badass on this blog!
The sad, sad reality. Hypocrisy every which way you turn/look.
Thank you for your comment. It’s what we all knew/know but the way you succinctly put it together, plain and simple, and I love it when government hypocrisy is called out.

vas pup November 8, 2023 6:23 PM

@Bruce said “The first is organizational decoupling: dividing private information among organizations such that none knows the totality of what is going on.”

Whatever organizational decoupling implemented NSA, other similar structures will have authorized or otherwise access to all pieces. XREF should be very difficult by utilizing absolutely different key identifiers, so authorized XREF would be transparent to organization being accessed with legal authorization/justification only.

Clive Robinson November 8, 2023 8:43 PM

@ JonKnowsNothing,

“I have boxes and boxes of obsolete kit. I am my own computer museum.”

Yup, I know that feeling…

Then there is “the dead tree cave” insulated with tons of paper, and don’t forget the stacks of test, electronics, and communications equipment keeping the lab warm. Or the racks of food preservation equipment, trust me when I say charcuterie tools make the equipment you might find in a medieval torture chamber look like “Sunday parlour best” in comparison as for the actual meat, those “it looks offal” jokes just don’t convey that changing state from “on the hoof” to “on the plastic tray”… Maybe people should be thankfull I’ve not taken up forestry as a hobby…

But I still have bits from my sailing days around including a working 3cm Radar system, that might be fun to put on the roof and spin up 😉

Oh and apparently I’m just a “normal bloke with interesting hobbies” 😉

Godel Fishbreath November 8, 2023 9:04 PM

I don’t know where to put this.

Ars Technica has this article mentioned:

A fully updated iPhone (left) after being force crashed by a Flipper Zero (right).
This tiny device is sending updated iPhones into a never-ending DoS loop

This gadget was said to be able to copy hotel cards.
I wonder if it can open cars that are locked/opened via wireless? Or if it could pop the trunk or allow the user to start the engine?

Clive Robinson November 8, 2023 10:54 PM

@ Godel Fishbreath,

“I don’t know where to put this.”

How about,

https://www.schneier.com/blog/archives/2023/11/crashing-iphones-with-a-flipper-zero.html/

With regards,

“This gadget was said to be able to copy hotel cards.
I wonder if it can open cars that are locked/opened via wireless? Or if it could pop the trunk or allow the user to start the engine?”

Only if they have very poor security.

The older home garage door openers used to use just an “ID code” thus were subject to the simplest of “replay attacks”.

Car door openers are supposed to use a constantly changing code, that uses encryption to stop it being predictable thus not just replay attack proof and further use a secret key so that it can not be brut-forced either even by the person who designed it. Further any wireless security device these days even security badges for photocopy access in the office should at the very least do this, preferably with a further nonce based or zero knowledge proof challenge-response authentication as well.

But those won’t stop relay attacks which the FZ is aledgedly not capable of… but to be honest I can think of ways to make some mods with a couple of 30USD or less HTs to make that “not so” over a good mile or four. Which means that the security system needs an “in range” distance/time limiter responder system in place. For which “Gold Codes” and “NASA JPL DSN Ranging Codes” have been used in the past. Designed for simplicity around “Linear Feedback Shift Register”(LFSR) “Pseudo-Noise”(PN) “Direct Sequence Spread Spectrum”(DSSS) “chiping codes”. Though more complex “Weil Codes” are receiving more interest of late,

https://www.mdpi.com/2079-9292/10/22/2737

ResearcherZero November 9, 2023 3:14 AM

We can’t all have conversations in an electromagnetically shielded skiff, and it is often pretty impractical (they don’t fit in the boot of your car).

Who? November 9, 2023 4:43 AM

I usually trust —and highly appreciate— the effort from the National Security Agency to provide advice hardening our computing infrastructure. As I said before, these valuable tips are written with lot of common sense. However, the cloud-related ones:

  • hxxps://media.defense.gov/2019/Jul/16/2002158059/-1/-1/0/CSI-CLOUD-SECURITY-BASICS.PDF
  • hxxps://media.defense.gov/2020/Jan/22/2002237484/-1/-1/0/CSI-MITIGATING-CLOUD-VULNERABILITIES_20200121.PDF

are, at most, reasonable effort approaches to security.

The problem with “the cloud” is that these ones are the machines of other people; would you trust on me to store, process and protect your data? I am sure the answer will be no. Then, why will you trust on cloud computing providers? Are they better than me?

We are talking about protecting our data from others, while —at same time— we are trusting them to store and process this very same data.

Sorry, it is not possible. Period.

Who? November 9, 2023 5:02 AM

To be more clear, the only cloud model than can be reasonably hardened is the “private cloud” one. Any other model (IaaS, PaaS and SaaS) is broken by design from the point of view of security as, at least, hardware, communication channels, storage and virtualization are out of our control.

If you want to take the risk that is ok, but do not say information will be safe when hardware, storage, communications and virtualization are on the hands of a potential threat actor.

Clive Robinson November 9, 2023 6:02 AM

@ Who?, ALL,

Re : Worse than you say.

“Any other model (IaaS, PaaS and SaaS) is broken by design from the point of view of security as, at least, hardware, communication channels, storage and virtualization are out of our control.”

There are so many “XXX as a Service”(XaaS) that are security wise broken in so many ways, it’s kind of getting pointless to point them all out.

But whilst Cloud XaaS “in service” is a risk at all times, you also have to consider “the whole life cycle”.

There are certain well known Cloud Setvices quite deliberately designed to not just pull your data in fast but modify it to their needs not yours. You might not find out untill it is to late to do anything about it.

But what about when you decide to leave one supplier for another.

All of a sudden getting your data back and moving it becomes a very real physical, logistical and security nightmare.

For instance one well known provider won’t let you “collect and transport” they will “post it out to you” in a myriad of little boxes that you not they are responsible for if they never get sent, get lost, or don’t have your data on.

You will then have to “rebuild and transform” before you can send the data to a new cloud provider. This of course needs considerable hardware, power, water, etc and your data remains unavailable to you for quite some time.

But there are other issues, one is “legal tricks” and “electronic searches”. Judges are infamous for their “lack of technical knowledge” even though as some will note “business managers can have less”.

What do you do when you get hit with a legal order to provide data?

Your cloud provider might help but at what cost?

Lawyers can use the process to “bankrupt you out of court” and many judges will just nod unreasonable demands through.

The whole notion of “cloud” is just a very terrible idea when you examine it across the entire life cycle.

JonKnowsNothing November 9, 2023 1:34 PM

@wannabe, @who, All

re: I never understand trusting NSA. Or the rest for that matter.

They have a lot of $$$ to splash about, and there are a lot of people more than willing to TakeTheMoney. These are the same people that make up all LEAs globally and they all TakeTheMoney.

I never understood how such people reconcile what they do with the consequences of what their actions, but these folks do not seem to have any personal issues. Or perhaps if they do, it shows up years and years later as PTSD illnesses.

Our entire global society is ~50% of these sorts of people; doesn’t matter which country, there is always someone who will TakeTheMoney.

If you wave the local flag too, you get more.

So, the NSA and other LEAs do not need “our trust”, they are doing just fine without it.

  • Money, Guns, Flag

Clive Robinson November 9, 2023 6:59 PM

@ ResearcherZero, ALL,

Re : Cost of design and manufacture swells to meet Government budgets.

“We can’t all have conversations in an electromagnetically shielded skiff, and it is often pretty impractical (they don’t fit in the boot of your car).”

They can be designed to fit in a couple of back packs, I know, I’ve done so as far as “electromagnetics only” are concerned [1].

But to meet several requirments SCIF’s have to be more than just electromagnetically shielded, they have to stop other kinds of energy escape. And that’s where not just the bulk, but other issues arise, that also in turn create others…

As a very rough idea if you follow the requirments to reduce materials costs you end up with a box room in the center surounded by a wrap around corridor with two or more right angle corners excluding the outer and inner door vestibules, so radiant energy hits anachoic / absorbant walls several times. The other walls of the box have various “filter and conditioning” systems around them, some with quite leary UPS systems.

Whilst electromagnetic anachoic and shielding materials can be quite low weight, sufficient “sound proofing” is “an entirely different kettle of fish”. It also effectively stops ventilation by natural means, so you would fairly quickly suffocate unless air is mechanically pushed in and foul extracted (some are actually run at raised preasure using air flow control techniques similar to Class 3 Biosafety Level labs with self closing doors at the vestibules)…

The average adult male resting breaths at around 12-20 breaths a minute depending on how fat and unfit they are. Each breath requires a tidal volume of about 0.5litres, so 10litres/person/minute is the minimum baseline (~1/5th or 20% of that is the required oxygen which decreases quickly with altitude). However even very small amounts of activity rapidly raises this need and 40-60 liters per person per minute is kind of the range you have to design for.

And remember SCIF’s are seen like lifts… In that the plate on the wall says “10 Persons Maximum” but “we all know that realy means 15 people” because girls are small etc etc etc… So you might as well go for 1 cubic meter per min and have done with it… But you can’t because for other reasons it needs to be both temprature and humidity controled. To stop pathogens like “black spot mould” and the like killing people.

Then there is power for lights and equipment requiring special power filtering and heat removal.

Then there is aditional NBC requirments after all if you are going to the expense, of the SCIF you might as well add some more, as you multiple “dual use it”…

And so it goes on… A little box with a table and a few chairs becomes as if by magic an NBC rated cell / CryptoCell / SCIF / CommCen something quite large and very costly (but if you get the contract very profitable).

I’ve seen designs that basically start off with what looks like a lorry container as the room box and then other cut up containers are full seam welded around it… Then anachoic materials covered by flooring walls and ceilings with metal conduits for cables etc.

You kind of need a special lorry to transport them, which is also fun because quite often the requirments include having a 2meter gap all around… So you need an aircraft hanger or warehouse sized building just to put them in.

[1] The thing about conductive cloth and metal thread is these days three layers seperated by two layers of loose weave seperator is not much thicker that cloth used for quilted coats. And like the quilt of a sleeping bag it compresses down almost as much. So designing an inner and outer “tent system” whilst not trivial ends up looking like one of those cubic “hot tents”. Provided only battery powered equipment is used inside and you don’t intend to stay in there for very long then you can do it but at ~50lb in each backpack –one for tent and inner, the other for poles and flooring– it’s not something you are going to want to lug for more than a mile or so especially if you have to also carry your own “personal” kit and supplies.

bl5q sw5N November 10, 2023 11:03 AM

It would be nice to have the right mathematics to be able to clarify and make rigorous these areas.

Of course, that would be nice for all of computing, and also even more so for all of mathematics.

Anonymous March 23, 2024 8:14 AM

@JohnKnowsNothing
“PCs became obsolete before you could unpack the box”

There is no free will in upgrade or die.

Leave a comment

Login

Allowed HTML <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre> Markdown Extra syntax via https://michelf.ca/projects/php-markdown/extra/

Sidebar photo of Bruce Schneier by Joe MacInnis.