Path: ...!news-out.netnews.com!s1-1.netnews.com!feeder.usenetexpress.com!tr3.iad1.usenetexpress.com!usenet.blueworldhosting.com!diablo1.usenet.blueworldhosting.com!nnrp.usenet.blueworldhosting.com!.POSTED!not-for-mail
From: "Edward Rawde" <invalid@invalid.invalid>
Newsgroups: sci.electronics.design
Subject: Re: About WiFi7
Date: Fri, 23 Aug 2024 22:32:53 -0400
Organization: BWH Usenet Archive (https://usenet.blueworldhosting.com)
Lines: 274
Message-ID: <vabgom$ppa$1@nnrp.usenet.blueworldhosting.com>
References: <va78n1$1ifd7$1@solani.org> <va7rd4$14gv$1@nnrp.usenet.blueworldhosting.com> <va98fq$1j36c$1@solani.org> <vaa78t$5jo$1@nnrp.usenet.blueworldhosting.com> <vaanpe$112hi$1@dont-email.me> <vaarue$gq1$1@nnrp.usenet.blueworldhosting.com> <vab51q$12s47$2@dont-email.me> <vab8kd$md1$1@nnrp.usenet.blueworldhosting.com> <vabe2r$142d4$1@dont-email.me>
Injection-Date: Sat, 24 Aug 2024 02:32:54 -0000 (UTC)
Injection-Info: nnrp.usenet.blueworldhosting.com; logging-data="26410"; mail-complaints-to="usenet@blueworldhosting.com"
Cancel-Lock: sha1:6kBPRAf8YA5Gn3CGH/ft1xDP2dw= sha256:yjbgyGty2MV2v85/UGFgyxPqqH2RWU2/gr8WgPgip7o= sha1:rBaZrxOL0Lu4EKD4h0Kxyra0uWQ= sha256:CIk++lRO8g9gHXb/60z87ffXfcKc9zgFRw5cxB2zWfA=
X-MSMail-Priority: Normal
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.6157
X-Priority: 3
X-Newsreader: Microsoft Outlook Express 6.00.2900.5931
X-RFC2646: Format=Flowed; Response
Bytes: 13667

"Don Y" <blockedofcourse@foo.invalid> wrote in message news:vabe2r$142d4$1@dont-email.me...
> On 8/23/2024 5:14 PM, Edward Rawde wrote:
>>>> But I don't see how an air-gapped network is a network.
>>>> I would not be able to get anything done.
>>>
>>> If everything you need is IN that network, then why open it up to potential
>>> adversaries?
>>
>> I don't have anything open to potential adversaries.
>
> Of course you do.  You just don't THINK you do!
>
>>> I have scanners, printers, in-circuit-emulators, CAD/CAE
>>> systems, etc. all "a click away"
>>
>> So do I.
>
> So, then I guess MINE is a network, right?
>
>>> -- without ever leaving the confines of
>>> my home/office.
>>
>> I can use mine from any country I'm likely to be in.
>
> How do you place the documents in the scanner?  Pick the pages up
> off the printer?  Turn the power on to the DUT you are debugging
> with the ICE?
>
>>> If I need to find a datasheet, I can move to THIS machine, locate the
>>> datasheet, download it to a thumb drive and sneakernet it into the
>>> office.  How often do you need to do *that*?
>>
>> Every few minutes, and I can do it all from where I sit, even if I go to another country.
>
> Really?  How HUGE must your designs be to need you to spend all that
> time constantly downloading NEW datasheets?  Do you ever READ any of them?
> How *trivial* are the designs if you are able to move on to MORE datasheets
> after "using" the previous ones?
>
>>>> I came across an individual with three virus scanners installed a few days ago.
>>>> I didn't bother giving advice, I just left them to waste hours running scans.
>>>> I did ask when they last found a virus and was confidently told "never".
>>>
>>> I have no such tools "installed", here.
>>
>> Same here. Just the default Microsoft scanner.
>
> Yet you allow updates -- to the OS?  Apps?  Even the malware scanner?
>
>>> Every 6 months, I pull the disk from
>>> this machine and check the disk pulled 6 months earlier with the "latest"
>>> free AV scanner.  This gives the tool vendor a chance to catch up with
>>> the latest exploits (a 6 month window) which a "current subscriber" can
>>> only HOPE to gain protection.
>>>
>>> I've never found anything.  So, either the tools folks are using are
>>> ineffective -- or, my internet behavior is pro-actively robust.
>>
>> Well if you put yourself in prison you're not likely to be bothered by much from outside.
>
> Gee, I have far more design and personal freedom than any of my colleagues!
> And, have had such for decades, now.  So much so that they have started
> "cutting the cord", as well.
>
> You are likely RELIANT on the outside world.  Me? not so much.
>
>>> Of course you have a network.  I have three 24-port switches in the office
>>> (virtually all ports in use) and two 12's in my bedroom.  Is this NOT a network
>>> because I can walk to all of the nodes?
>>>
>>> If a person has physical access to YOUR "network", then security is a moot
>>> point.  Even an encrypted drive is vulnerable -- I *steal* it and I've
>>> now effectively denied you service.
>>
>> Plenty of people have physical access to my network.
>> Most of them wouldn't know a switch from a banana.
>> Those who would are trusted people.
>> Untrusted people who might know what a switch is are simply not allowed anywhere near my physical LAN.
>
> You've then confirmed my statement.  Or, do you just not like folks
> to touch your things?
>
> You can come and stay, overnight, in my guest room.  You can use either of
> the two drops, there, to access The Internet.  You can look and see all of
> the devices wired in to the house -- yet can't interfere with any of them
> (let alone compromise any of them) without physically walking up to
> them and "damaging" them.
>
> Take a tesla coil and short it to the 8P8C's.  Well, there goes YOUR
> internet access.  But, nothing else (including the switches!) cares.
>
>>>> I could be writing this post from one country today and another tomorrow.
>>>
>>> As could I.  By using any NNTP agent on any internet connected machine.
>>> Why does it have to be one of the machines on my air-gapped network?
>>
>> Because you'd have missed your flight by the time you find and install one and what if you need that data sheet you left on your
>> office computer?
>
> If the datasheet CAME from The Internet, why can't I now relocate it
> ON The Internet?
>
> When you travel, do you not take a phone and/or laptop WITH you?
> Do the places you visit not have libraries and public access places?
> Do none of the colleagues/friends/businesses that you visit have
> laptops or workstations that they will let you use?
>
> NNTP, email, WWW are ubiquitous services.  There's no need to
> burden yourself trying to support something "special".
>
>> Sure you can download it but was that LT1234 or LT2341 or LTC1324? and what if you'd really like to have the LTSpice simulation 
>> you
>> did at the office?
>
> If I was going to be away from the office long enough that something that I
> HADN'T PLANNED ON WORKING ON became significant, then I would be a piss poor
> worker.
>
> I was called home for a medical emergency.  I grabbed my checkbook (so I
> would know what periodic bills were coming due along with the related
> paying methods), a laptop and copied some files onto it.  The emergency
> dragged on for 3 months.  I was never in need of anything that I didn't have
> with me *or* that I couldn't get using a neighbor's AP (my folks don't
> have internet service).
>
> I was even able to design the artwork for some "aprons" and "book bags"
> for the local library's volunteer organization and email the artwork to them.
>
> True, I was unable to replant the tree that toppled in the back yard during
> a storm that occurred while I was away.  But, my *work* was unaffected.
>
> Having big projects makes it relatively easy to be able to work on *something*
> even if it wasn't what you may have originally planned.
>
> [The parts I tried to order this week are not here -- but, I can divert my
> time to creating more test cases for my gesture recognizer.  Or, documenting
> the virtual memory interface in my RTOS.  Or...]
>
>>>> Countries I never go to (Mostly non-English speaking countries) are blocked inbound by pfsense.
>>>
>>> Wonderful.  And you have to maintain that.  Instead of doing "real work".
>>
>> LOL these people maintain it for me:
>> https://www.maxmind.com/en/home
>
> They came over to your house to install it?  And, the updates?  And, rewrite
> special rules for your access?  All for free??
>
>>> Your browser can be fingerprinted.  They (the sites you visit) may not know
>>> your *name* (yet) but, know that "you" are visiting site X, Y and Z.  Are
>>> you sure they aren't sharing information about your visits?
>>
>> Fairly sure yes. I can tell because You Tube doesn't offer relevant (or so it thinks) videos whenever I restart my browser.
>
> That's specious reasoning.
>
> "My house hasn't been burglarized so I *know* it is secure..."
>
>>> The same is true of most developers -- especially folks writing software.
>>> Have someone pay you to break the design you just "finished" and you (and
>>> they) will forever see your *design* efforts in a different light!
>>>
>>> How hard to you work at trying to identify conditions that can/will break
>>> your design?
>>
>> Depends on what I'm designing and what it will be used for.
>
> Ah, so you only care about quality *sometimes*?
>
>>>>> [Do you think a 50 million LoC piece of software doesn't have tens of
>>>>> thousands of latent bugs??  Bugs that can be identified, verified and
>>>>> quantified without your ever being aware that this has happened?]
>>>>>
>>>>> Consider, carefully, what you really need access to outside of your own
>>>>> physical domain.
>>>>
>>>> Oh I have, for a long time.
>>>> So for me I can work from anywhere I might need to work from as if I was here, and all my files are here (not in any cloud).
>>>
>>> Thus they are all accessible -- to a determined adversary, as well.
>>
========== REMAINDER OF ARTICLE TRUNCATED ==========