« Cooling Summers? | Main | A War We Can Lose -- Chapter 6.9 »

Dec 23, 2009


You trash the notion of the "air gap", but it's worth pointing out that you aren't actually saying that it doesn't work--you're saying that bad procedure can screw it up. Which is true of any security arrangement; so do you have an actual unique criticism?

DensityDuck says that an "air gap" is like any security arrangement -- bad procedure can screw it up, and do I have a unique criticism of the air gap as a security measure?

I think DD assumes that everyone understood that "air gap" meant that nothing ever moved between the Internet and the classified system, so that using a CD or flash drive to move data from one to the other was an obvious screwup. I'm not sure that understanding was quite an obvious as DD implies. And if that's the way the system must work to maintain security (which does seem to be true), then air-gapped systems are a lot less useful than we thought. It becomes an architecture that rejects open source data.

The comments to this entry are closed.

My Photo
Bookmark and Share