Thanks for those replies.
onlyonemac wrote:
Even a floppy disk can have extra data "hidden" on tracks 81 and 82 which most system won't even know is there, and data could be stored between the sectors or in extra sectors after the end of the track (floppy disks traditionally have 18 sectors per track, although this can be increased to 22 sectors in practice) although this may require modifying the firmware and/or operating system of the target machine.
You can count the seeks though and hear longer gaps if the head's jumping a long way, so a virus trying to hide stuff on tracks 80, 81, 82, or 83 would give itself away instantly. Even writing between the tracks would be noticed as the head has to be moved one way, then back again to get it slightly off line. To read the hidden data is much harder still though, and going through a copying step on a middle machine (preferably a very old one) which is only ever used for that purpose would make it very hard for any hidden data to make it through. The best bet would be to try to fit extra sectors in by reformatting tracks and hope there's no additional copying step, but that's easy to find if you look for it, so again it's a giveaway, and no one wants their military-grade virus to be discovered and stolen so easily. The Iranians eventually found the one the Americans used against them, but only after it had revealed itself by doing an astronomical amount of damage.
______________________________________________________________
AMenard wrote:
And you also have to consider that there are maybe some backdoor built into the microcode of your CPU, GPU and other micro controller by foreign government with collaboration from the manufacturers of said chips. We even had a lecture at my University IT security and ethics class about built-in kill switch and that was in the early 90's.
Yes, you have to assume that all the machines you're using have backdoors built into them, and if you're moving data from an open machine to a closed machine on single-use flash drives you have to assume that you are triggering that backdoor into action, but it may be possible to stop it doing any harm beyond destroying your data - it may still be possible to stop it leaking industrial secrets to the outside. (That could still be a disaster though unless you have some way to check that your backups aren't being corrupted as they're written which doesn't itself open up the possibility of corrupting them while checking them.)
______________________________________________________________
Brendan wrote:
For defending some data from a government; the first question you need to ask is "what is the government's next easiest alternative to acquire that data". If the answer is that the government could just send some thugs to your house to threaten your life and/or torture you until you give them the data; then you have a rough guide for how much security your computer actually needs (e.g. "no more than about $0.50 - the cost of a bullet if ammo is ordered in bulk").
The trick then is to have a government protect you, although you can't rely on them to get the security right. America leaks its military secrets like a sieve and China simply hoovers everything up. They don't isolate their data adequately, and many/most of the chips they're using have been manufactured in China, so they ought to assume there's a spy in every machine and make sure it never gets any opportunity to send a report home.
______________________________________________________________
Schol-R-LEA wrote:
Another rule to remember is that the most effective tools for circumventing security are the user's gullibility, greed, blindness to people they consider beneath them (such as janitors and IT technicians), acceptance of people who appear to be doing necessary jobs that you don't understand or care about (such as janitors and IT technicians), and willingness to go along with authority figures. Primary props for this include fake ID badges, authoritative (or panicked) voices over the phone, the
Clipboard of Authority, and janitor's jumpsuits.
Which means you either need to manage without such staff and do all the maintenance work yourself, or replace them all with robots (and have some way of making sure that they can't be recruited by the enemy). I can see why the Americans can't keep their secrets secret - it's almost guaranteed that all secrets will leak out no matter how well you try to defend them. You can probably do it well enough on a very small scale, but as soon as you try to expand it you will inevitably bring in people who can't be trusted, and people can be bought easily.
I wonder how many servers one person could reasonably keep going in a closed base without needing any additional help? New parts could be passed in, and old parts would need to be destroyed before being passed out.