RSS

DISEÑO DE SISTEMA CRIPTOGRÁFICO

31 Ene

JAMES … JAMES BOND,

wishaw_2378039b

LA PELICLA SKYFALL  ME A DADO UN BICHO MUY EXTRAÑO …. CLARO ES DE SUPONER BAJO MI PERFÍL EL DE CREAR UN ENTORNO DE CRIPTADO AL IGUAL QUE EL  DISEÑO DEL ESPIA.

AL MARGEN DE LA FICCIÓN Y LA REALIDAD SE ME A DADO POR CREAR UN SISTEMA DE CRIPTADO DIGITAL USANDO UN CONTROL GRÁFICO PARA HACERLO MORFOLÓGICAMENTE VARIABLE. PUEDE SER MI TÉSIS XD.

SI YA APRECIARÓN LA PELI SE VE CLARAMENTE LOS NIVELES DE FIELDS QUE TIENE Y COMO ES QUE VARIA EL CÓDIGO DE CRIPTADO DE LA INFORMACIÓN CON LOS INTENTOS QUE HACE EL AUDITOR.

1.- PUES LA PRIMERA GRAN INTERROGANTE ES AVERIGUAR SI YA EXISTEN ESTA CLASE DE SISTEMAS Y SI TIENEN UN NOMBRE EN ESPECIAL O SIMPLEMENTE SON  INSTRUCCIONES ALGORÍTMICAS QUE MUTAN SU CÓDIGO BAJO DETERMINADA ESTRUCTURA.

2.- QUE SISTEMA IDE O ENTORNO DE DESARROLLO ME PERMITIRIA PODER DESARROLLAR ESTA CLASE DE SISTEMA DE CRIPTADO BUENO ME INTERESA LA INTERFACE GRÁFICA DE INTERACCIÓN POR LO QUE ME GUSTARÍA TENER UNA GRAN LOOK AND FIELD. LAS OPCIONES QUE SE ME OCURREN SON PYTHON, HTML5 5 Y JS.

PUES ME PASE SURFEANDO EN LA WEB Y ENCONTRE ESTA APLICACIÓN INTERACTIVA EL DÍA DE HOY 31/01/2013. DE LA EMPRESA NEBUTEK. 

CODIGO MORFOLOGICO

VEO CON ESPECTATIVAS QUE ES VIABLE EL DESARROLLO DE UNA INTERFACE MUCHO MÁS DINÁMICA Y COMPLEJA QUE PUEDA REALIZAR LA TAREA DE ENCRIPTAR Y GUARDAR EN SUS ENTRAÑAS ALGORÍTMICAS LA PALABRA ORIGINARIA IMPLEMENTANDO DIVERSOS CAMPOS DE PROTECCIÓN MORFICABLES.

PREGUNTAS

1.- MI PREGUNTA ES COMO ES QUE SE DESARROLLO LA APLICACIÓN  QUE ALGORITMOS EMPLEA, QUE JUEGO DE FUNCIONES QUE IMPLEMENTA HTML5 Y JS EMPLEA.

2.- QUE IDE ES EL MÁS ADECUADO PARA DESARROLLAR ESTE TIPO DE SISTEMAS ALGORÍTMICOS GRÁFICOS. ALGUNAS OTRAS POSIBILIADES GOOGLE DART, PROCESSING.

NAVEGANDO UN POCO MÁS ENCONTRE ESTA DESCRIPCIÓN:

REFERENCIA DEL TEXTO INFERIOR:

Let’s start with the following: I was already planning on watching Skyfall and when I saw this question in my Quora feed I got more excited to watch it.

Totally disappointing.

I understand that the oversimplification of the hacking \ code analysis \ reverse engineering process is very much needed in movies because in reality, it’s a very dull and stretches over long periods of time. However, coming from a highly technical background, I found it very insulting!

Yes insulting.

Let’s split the discussion into 2 parts:

1. Silva’s MI6’s network compromise & global domination attempts:

Compromising a Corporate network is possible due to the high level of interconnectedness between the computers \ machines \ nodes. In other words, let’s imagine a corporate network as a group of Nodes (where each one of these green bubbles below is a machine\computer, one of them could be M’s personal laptop):

A good network topology and architecture doesn’t allow this level of interconnectedness! The image above portrays a very bad design, but for the sake of simplicity, we’ll consider it as valid.

If one can get access to any of these nodes, theoretically he will have a high probability of being able to bounce to another machine on the same network if that network’s design is bad and not well protected. (It is usually protected by defining which computers are able to communicate, with chain of access levels, firewalls, privileges for running certain applications etc…)

Since Silva used to be an MI6 agent, he might have been able to acquire intel about the Network mapping, as well as inside information (credentials, key network addresses, operating systems running on the machines, key nodes, software etc…) that will make his breaching attempt more feasible (to say the least).

In addition, real life experience shows that no matter how complex and detailed a security system is, and no matter what preventive procedures are implemented, there will always be a fault somewhere especially if the network’s structure keeps changing (adding more machines, replacing faulty hardware, expanding the network, software upgrades, Zero-day exploits popping up etc…) There are too many variables that cannot be controlled which reduce the system’s rigidity and increases its vulnerability to attacks.

With all the above said, Silva’s MI6 attack is plausible.

Now the global domination part:

It seems that the Mainframe computer in the background did its part in portraying a sense of unimaginable power that would make it easier for the viewer to accept the idea that one man is capable of controlling the world from his computer.

Let’s answer the above with: NO. Global Cyberwarfare domination will not happen not today, not tomorrow, not without global centralization of the internet.

That’s the internet above (or a visualization of it). Unless we can create a meta-internet layer, or have this whole network communicate with one node, or find a way to control each and every single node (which is highly unlikely), we will not be able to control it.

Here’s the rational behind my claim above. The world wide web seems to be huge and connected in so many weird ways, which sometimes leads to asking the question who controls this whole global network?

The answer is simple, everyone and no one. Everyone in the sense that each node of this network is owned and managed by an individual or a group, but the whole network is not and (hopefully) will never be managed by one entity. Governments are currently trying to limit this decentralization for more control, and until that happens, global domination is far fetched. However, if a government succeeds in diverging the influx of information through one node of the network, the cyber doomsday will be near, and Silva might have an actual shot at global control.

2. The access to Silva’s laptop:
I’m going to discuss this part with simple bulleted answers:

  • It’s possible for an automated spyware piece of code to spread across a network automatically just by hooking a machine via ethernet. However this piece of spyware needs to be crafted to attack certain vulnerabilities in the network that are known to the attacker.
  • Reverse engineering of a virus \ spyware code is a lengthy process and here I invite you to watch Ralph Langner’s [Langner – The last line of cyber defense] talk about cracking Stuxnet here: Ralph Langner: Cracking Stuxnet, a 21st-century cyber weapon | Video on TED.com
  • Security by obfuscation is the most unreliable form of security, it will only render the code unreadable to a human, but reversing the obfuscation process is feasible. The only thing gained from code obfuscation is the increase of the time needed to have a copy of the code in plain text.
  • The visualizations of the reverse engineering process are not real, they’re just Hollywood fluff.

Sorry for the lengthy answer, but that’s my take on Skyfall’s hacking interpretation.

Disclaimer: Apologies for oversimplifying the discussion, but going into more depth requires an understanding of technical jargon, understanding of networks, software development as well as diverse hacking concepts.

ATTE. JIMY ESPINOZA R.

Anuncios
 
Deja un comentario

Publicado por en 31 enero, 2013 en TEC PERÚ

 

Etiquetas: , , ,

Responder

Introduce tus datos o haz clic en un icono para iniciar sesión:

Logo de WordPress.com

Estás comentando usando tu cuenta de WordPress.com. Cerrar sesión / Cambiar )

Imagen de Twitter

Estás comentando usando tu cuenta de Twitter. Cerrar sesión / Cambiar )

Foto de Facebook

Estás comentando usando tu cuenta de Facebook. Cerrar sesión / Cambiar )

Google+ photo

Estás comentando usando tu cuenta de Google+. Cerrar sesión / Cambiar )

Conectando a %s

 
A %d blogueros les gusta esto: