0

Is being online all the time the root of all evil, when it comes down to private computer clients security?

Would a not-always-connected-to-the-internet system, solve most of our problems?

In a concrete situation, I'd have a net computer (maybe booting from a Live CD) and a work computer (without internet). Both systems would be able to mount a common file system to interchange information, which would be encrypted. Excluding an evil BIOS, there is not much I can imagine that makes this computer vulnerable.

Quora Feans
  • 1,891
  • 1
  • 12
  • 20

2 Answers2

1

Being online at any time is the problem, not being online most of the time - though that does, of course, increase the risk. Try putting a brand new computer online for the first time without the benefit of the firewall in your router. It takes no more than 30 seconds to start seeing automated hacking attempts to commonly used ports.

The only way to be safe is to have a never connected system. This is known as an "air gap". However, even this isn't that safe as the US Airforce found out when some of their UAV systems got infected after someone had opened an infected file. They were not ever connected to the Internet. Of course, in that case no damage occurred other than embarrassment and the time/energy required to cleanse all the PC's. But a targeted attack might have caused serious damage.

In your example, your supposed safe computer is actually very vulnerable (though not as vulnerable as the connected PC of course) due to you exchanging information with it from the online PC. To reduce this vulnerability, you would need to ensure that any data you passed from one to the other was carefully cleansed of any possible infection. The use of a Live CD would be sensible and would limit any infection of the connected PC. But you would not want to use a network file system to connect unless you had good protection of the network & even using USB would require very good anti-malware on the unconnected PC.

Then you have added a massive overhead to your computing environment so you would need to ask yourself if it was worth it. You would need to be working on very sensitive information, working on high-risk web sites, or be at high risk of attack to warrant that kind of overhead I would think.

Julian Knight
  • 7,132
  • 19
  • 23
0

It will really depend on the environment. Every situation has risk, but different situations have more risk in different areas.

For example, my home computers vs my work computers. At work there are hundreds of people who could be in contact with my computer so physical security has high priority. However, the sites I browse and files I download are limited so I'm much less likely to infect my computer that way.

My home is different. Barring somebody breaking into my home, physical security isn't of the utmost importance because the people who have physical access to my computer is very limited. Access to my computer via the internet is much different. I'm much more willing to download weird things and visit sketchy sites than I am at work, so network security is more important than physical.

All that said, there are several ways your offline computer could be attacked that aren't physical:

  • Online computer infects shared network
  • You update software on the offline computer and the updated version is infected
  • You transfer an infected file from the online to offline computer

To wrap it all up, there's no concrete answer because it really all depends on the situation. Depending on the situation, the likelihood that one of the three above attack vectors could range from more important than physical security than less important.

Eric Lagergren
  • 2,351
  • 1
  • 13
  • 13