1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • Can an Internet connected computer be unhackable?

    From LundukeJournal@1337:1/100 to All on Mon Mar 7 20:30:04 2022
    Can an Internet connected computer be unhackable?

    Date:
    Mon, 07 Mar 2022 20:28:48 GMT

    Description:
    I mean... really, truly secure? Can it be done?

    FULL STORY ======================================================================

    Is it *possible* to make a computer unhackable yet still accessible via the internet? How? If not, what's the closest we could get? - @mikewarot (on Twitter)

    My initial reaction to this question is to declare, No, of course not. There is no way to truly, fully, secure a computer connected to the Internet.

    The more complex a system becomes, the more vulnerable it is.

    The more points of access a system has, the more vulnerable it is.

    These two statements are undeniable truths of dealing with security of any sort of situation whether that be software controlled systems or even real-world security concerns.

    For all of its strengths the Internet is an extraordinarily complex system. Each node and connection point in the system is, all by itself, a complex microcosm of interconnected (and not always properly functional) components. And the number of nodes and individual access points each with wildly
    varied components is absolutely off the charts.

    Can an Internet connected computer be made 100% unhackable?

    No. Dont be ridiculous .

    But can we get close to unhackable?

    Well. Somewhat. But, to get a computer close to unhackable, it requires an individual system (server, node, call it what you like) to be scaled back in terms of both complexity and available points of access.

    Case in point: The House of Lunduke BBS .

    The computer that BBS runs on is only accessible on one port (23) and only
    via Telnet, and the security of the system is a simple account / password combo. The operating system it is running? DOS . (Not joking.)

    Simple.

    Theres no publicly accessible web server. No PHP engine. No CGIs. No SQL database. No blockchains. No SSL certificates. The overall system is kept as simple as possible.

    Ive had that BBS running for a very, very long time. And it has been under constant attacks almost that entire time. Seriously. Constant.

    Not a moment goes by where someone isnt running some sort of script that attempts to take advantage of one of the numerous vulnerabilities of typical Internet connected systems. Common UNIX and Linux hacks. Apache vulnerabilities. The works.

    Heres one of the less sophisticated example scripts that Ive seen probing the BBS system to see if it might have any known vulnerabilities: Username
    daemon, you say? Good luck with that, buddy. This attack would only work if there was a user named daemon with a password of enable. Even then, it would only give access to that user account and not the rest of the system.

    Those attacks have never not once succeeded. Same L33T HAXOR, trying every attack he knows. Failing every time.

    And, once again, this BBS isnt some fancy-shmancy, ultra-encrypted system.

    DOS. Telnet. Zero encryption. Simple passwords.

    Thanks to the astounding simplicity of the system, it has withstood several yeas of daily hack attempts.

    I have even made repeated calls on people during multiple live shows Ive
    done at various tech conferences to hack into that system. Most people give up as soon as they hear Telnet and DOS. The fact that these ancient (in modern computing terms), and oft-joked about systems, are deemed un-hackable well thats darn amusing.

    To be clear: A DOS-based, telnet accessible system is absolutely hackable. Without question, if someone truly was dedicated to break into that system, they absolutely could. There are simply far fewer options for how to accomplish the break in.

    So. What can we take away from this?

    Simpler systems have the capability of being far more secure than complex systems.

    Systems with reduced numbers of access points (less ports, less internet-exposed processes) are also easier to secure.

    DOS is the most secure operating system of all time.

    Prove me wrong. I dare ya.

    Lunduke.Substack.com Lunduke.Locals.com Reddit Twitter

    Current subscriber exclusives for The Lunduke Journal:

    eBooks : Lunduke's Dad Jokes About Computers, vol. 1 , Linux for Hank (kids book), Half a Decade of Linux-y Shenanigans, Lunduke Journal Quarterly - Volume 1 , Paper Doll Tux , Road-Sign Hank & the Aliens (comic book), Operating System Not Found (choose your own adventure)

    Games : Linux Tycoon ( Linux, Windows , DOS ), 2299 (Linux, Windows)

    + Exclusive Podcasts , Articles , & 24x7 Telnet BBS Access Subscribe now
    Share







    ======================================================================
    Link to news story: https://lunduke.substack.com/p/can-an-internet-connected-computer


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)