German state gov. dicthing Windows for Linux, 30k workers migrating.

This reminds me of the guy who ditched Los Alamos and Caltech "big boy big iron" back in the days of Cray - 1996. Instead he networked sixteen Pentium Pro PCs running Linux together to build his own DIY supercomputer for a fraction of mainframe cost.

Danke,

That assumes you want to DIRECTLY recover its development costs. E.g., the military thinks of "recovering" costs by avoiding future LOSSES. The same can apply to many other industries.

Define "reasonably secure". Given that most "small operators" lack the technical skills to undertake such an effort, they will end up piecing together a system using bits of a relatively few number of "available" (free or otherwise) systems -- the security of each of those being relatively unknown.

And, again a result of lack of knowledge, they will likely not understand the risks that those systems bring to their applications/deployments.

Developers often treat security as window dressing so tend not to design truly secure devices/appliances; yet want to convince themselves that they've addressed those needs ("I put a lock on the front door to my house so I'm now secure!")

Adversaries, OTOH, can accumulate lists of exploits and their associated targets. Then, fingerprint systems of interest to get a reasonably good idea of which vulnerabilities might apply. ("The center stile in some windows can be removed with a single screw thereby allowing the window to be removed from its frame and providing a person-sized opening into the house")

All this from the comfort and (legal?) safety of some remote location.

That's the fallacy. It costs relatively little to probe (and fingerprint) every accessible IP. Then, throw a set of exploits *already* deemed LIKELY to compromise such a system at it and note the results. The process can be automated (and likely would be given the sheer number of potential targets!)

[A colleague always thought he was "safe" because he ran an out-facing Solaris/SPARC host. No, just because so few people do so doesn't mean the known exploits for such hosts are no longer available to the hacker!]

Because there are so few truly different systems "out there", the likely locations (in the permanent store) of any "goodies" are known or easily identified -- because the SYSTEM has to know where these things have been placed!

As damn near ALL of these "systems" are available to an adversary to probe and explore "offline", he's already figured out how he's going to get what he needs -- unlike trying to break into some proprietary system that he's no first-hand prior experience "observing".

I.e., give me a VALID login for some "institution" and I'll have to poke around to figure what MIGHT be accessible, then where/how. Point me at a Windows/Linux/OSX/BSD host and I'll already have a headstart!

With the proliferation of appliances with none/poor/laughable security, your system is no longer the sole attack surface. Each of these appliances can be attacked, compromised and then used as a beachhead to poke at your other system(s) -- as it is now "inside" your peripheral defenses! As they all want to have their software updatable ("to keep current with the latest security fixes" -- really? exploits are announced every month; how often do you push updates to your appliances??), they are all routable and EXPECTED to access the outside world.

So, open a connection to a WAITING hacker on the outside and let him serve as C&C while you (the appliance) are the dutiful soldier behind enemy lines...

How many devices in your home/organization are "undocumented" (i.e., effectively black boxes)? Can you speak to the levels of their security? Ever have a friend bring their phone/laptop to your home and connect to the internet using your connection? Are you sure his device wasn't also probing your hosts -- without HIS knowledge?

Consider the number of "complimentary wifi" APs that most phone users eagerly connect with. Are they sure there have been no exploits hosted behind those APs?

Can you enumerate all of the potential security vulnerabilities that you *have*? Today? Tomorrow??

[...]

I was thinking of a slightly different approach from the usual one. With automated coding and decoding it is a relatively simple matter to concatenate various processes such as:

Direct encipherment Rearrangement by character or block Insertion of dummy characters Codes Languages

Each of these could be broken individually, but used in succession they become much more difficult. This would be a system that was suitable for small organisations where the daily arrangements could be distributed by a separate communication -- for instance:

Today: Shift by 5 letters - Reverse each block of 11 letters - Insert a random character every 3rd and 17th position - shift back 7 letters - Represent every 19th letter with it's Vail Cipher equivalent - Arrange letters on a 12 x 12 grid in rows and read them out by column.

Tomorrow: Double a character every 7th position - Arrange letters on a

10 x 19 grid in rows and read them out by columns -Represent every 13th letter with its ASCII equivalent -Reverse alternate blocks of 11 characters - Shift back 3 letters - Add a random character every 12th position - Arrange letters on a 9 x 17 grid in rows and read them out by columns

Anyone trying to break into the system, even if they could guess at some of the elements or intercept one of the distributions, would be faced with a lot of work for very small returns. The elements could be changed around and new ones added to the repertoire quite easily.

No, but I can make life very difficult for would-be hackers in the hope that they will turn to easier targets with better rewards. For some years I have had to store databases of personal information on computers that are connected to the Web, so I have given the problem a lot of thought. Without access to the decoding programs (which are in an obsolete format running on an obsolete OS) there is little chance of anyone else decoding the information.