Iran Cyber Security and Artificial Intelligence (civilian and military)

[Hack-Hook]

Like I said, I think the most vulnerable part is communications.

A full operating system without external communications, it doesnt matter how many backdoors it has, it's secure.

But when you use internet or wireless communications, it's another thing.

I remember one decade ago, a lot of "bugs" in OpenSSL (Open Source software) were discovered.

Heartbleed - Wikipedia

en.wikipedia.org

So, it's not a bad idea code your own encryption libs from scratch, addings mods to algorithms, avoiding standards, it's not a bad idea your own tcp/ip stack and make it incompatible with all software except your software, it's not a bad idea your own USB driver for a 4G modem, and so on.

this is the beauty of open source

Date discovered	1 April 2014; 9 years ago
Date patched	7 April 2014; 9 years ago

 

[BHAN85]

this is the beauty of open source

Date discovered	1 April 2014; 9 years ago
Date patched	7 April 2014; 9 years ago

You should see when the bug was written (2012) and when it was discovered (2014).

Two years without large open source community seeing it, enough time to let all security agencies around world to discover it and use it against foes.

 

[Hack-Hook]

You should see when the bug was written (2012) and when it was discovered (2014).

Two years without large open source community seeing it, enough time to let all security agencies around world to discover it and use it against foes.

two year of nobody knew about it vs Gods knew of how long only NSA and CIA and Microsoft knew about it

 

[BHAN85]

two year of nobody knew about it vs Gods knew of how long only NSA and CIA and Microsoft knew about it

Yes, foreign proprietary software is dangerous.

But open source too. Even when it's public and thousands eyes see the code in two years.

To keep own security best choice is: Own proprietary code to communications layer.

 

[Hack-Hook]

Yes, foreign proprietary software is dangerous.

But open source too. Even when it's public and thousands eyes see the code in two years.

To keep own security best choice is: Own proprietary code to communications layer.

the software will be targeted with various type of attacks and if a weakness revealed it will again be like a foreign proprietary situation
also its not feasible for many software like Operating System that are in development for more than 2-3 decades at least to reach their current state and no government think for such long term projects

 

[BHAN85]

the software will be targeted with various type of attacks and if a weakness revealed it will again be like a foreign proprietary situation
also its not feasible for many software like Operating System that are in development for more than 2-3 decades at least to reach their current state and no government think for such long term projects

I didnt say develop own whole operating system.
But own software to communications layer is a good idea, and it's feasible.

Keep in mind: Even a Windows machine plenty of backdoors and trojans is secure if it has not communications to outside.

 

[Hack-Hook]

I didnt say develop own whole operating system.
But own software to communications layer is a good idea, and it's feasible.

Keep in mind: Even a Windows machine plenty of backdoors and trojans is secure if it has not communications to outside.

the nature of the system require communication (Gas pomp attacks)
or our air defense and ships if they want to benefit from network warfare, stuxnet infection started with a thumb drive not network

 

[BHAN85]

the nature of the system require communication (Gas pomp attacks)
or our air defense and ships if they want to benefit from network warfare, stuxnet infection started with a thumb drive not network

Yes, but it can be used own proprietary software to communications layer instead open source famous software.

Send UDP datagrams through a USB 4g modem can be easily fully implemented from scratch.

 

[BHAN85]

And embedded devices are cheap nowadays, better just one box to one task than one computer. So employees can't be deceived to install trojans or even if there are traitors, they wont be able to do anything but the task the must do.

OpenWRT and ARMBian are great projects of open source linux dist to embedded devices.

 

[Hack-Hook]

Yes, but it can be used own proprietary software to communications layer instead open source famous software.

Send UDP datagrams through a USB 4g modem can be easily fully implemented from scratch.

and build new communication algorithm?
encryption algorithm ,...

your suggestion is not practical, when we are at it why not build indigenous 7g networking and the hardware that come with it?

 

[BHAN85]

and build new communication algorithm?
encryption algorithm ,...

your suggestion is not practical, when we are at it why not build indigenous 7g networking and the hardware that come with it?

Just communication layer, own tcp ip stack and so on.

No a backdoor could run there if the enemy doesnt know how new software works.

A pair of hundreds line of code, compatibility with all existing hardware, but non-compatibility with all software that uses network.

Network is the weak part of any system from a remote hacking point of view. It's the only part that should be coded from scratch to avoid backdoors.

What I said is easy work, what you said is not easy.

Imagine someone give you a microcontroller with USB support and a USB 4G Modem to send simple text messages over internet UDP protocol, It can be done easily from scratch with 100% own homemade code? Yes, just a few hundreds of lines of code. And who could hack that? Nobody.

So apply the same idea to more complex systems. Keep it simple and homemade to avoid remote hacking.

In fact it's the same idea that Iran does in his own military hardware industry.

Iran makes own homemade missiles and rockets, the most simple to do deterrence with full own technology.

Dont trust in complex foreign made open source solutions, no matter how friendly seems.

 

[Hack-Hook]

Just communication layer, own tcp ip stack and so on.

No a backdoor could run there if the enemy doesnt know how new software works.

A pair of hundreds line of code, compatibility with all existing hardware, but non-compatibility with all software that uses network.

Network is the weak part of any system from a remote hacking point of view. It's the only part that should be coded from scratch to avoid backdoors.

What I said is easy work, what you said is not easy.

Imagine someone give you a microcontroller with USB support and a USB 4G Modem to send simple text messages over internet UDP protocol, It can be done easily from scratch with 100% own homemade code? Yes, just a few hundreds of lines of code. And who could hack that? Nobody.

So apply the same idea to more complex systems. Keep it simple and homemade to avoid remote hacking.

In fact it's the same idea that Iran does in his own military hardware industry.

Iran makes own homemade missiles and rockets, the most simple to do deterrence with full own technology.

Dont trust in complex foreign made open source solutions, no matter how friendly seems.

from Wikipedia

UDP uses a simple connectionless communication model with a minimum of protocol mechanisms. UDP provides checksums for data integrity, and port numbers for addressing different functions at the source and destination of the datagram. It has no handshaking dialogues and thus exposes the user's program to any unreliability of the underlying network; there is no guarantee of delivery, ordering, or duplicate protection. If error-correction facilities are needed at the network interface level, an application may instead use Transmission Control Protocol (TCP) or Stream Control Transmission Protocol (SCTP) which are designed for this purpose.

UDP is suitable for purposes where error checking and correction are either not necessary or are performed in the application; UDP avoids the overhead of such processing in the protocol stack. Time-sensitive applications often use UDP because dropping packets is preferable to waiting for packets delayed due to retransmission, which may not be an option in a real-time system.[1]

 

[BHAN85]

from Wikipedia

Yes, I know what is UDP, dont you?

It's just the easiest way to send information over internet, implementation from scratch are a few lines of code. Unlike TCP complex stacks

So if you dont want to be hacked, keep it simple. And dont use millions lines of open source code.

A gas station that it uses embedded devices with software made from scratch wont be hacked everyday like it happened recently.

You wont be safe using thousands lines of code of OpenSSL.

You wont be safe using complex TCP/IP stacks.

And so on, and it doesnt matter if it's open source, open source projects can have bugs known by security agencies and unknown publicly, and it can be infiltrated by undercovers who put backdoors disguised as bugs, and Open source community wont see in two years even in biggest famous Open source projects like OpenSSL.

KISS principle - Wikipedia

en.wikipedia.org

 

[BHAN85]

Iran is doing well when they develop their own missile and drones industry.

They just need to apply same ideas to a cibersecurity field.

e.g: Shaheds to get GNSS position use a own made receiver with SDR.

 

[Hack-Hook]

Yes, I know what is UDP, dont you?

It's just the easiest way to send information over internet, implementation from scratch are a few lines of code. Unlike TCP complex stacks

So if you dont want to be hacked, keep it simple. And dont use millions lines of open source code.

A gas station that it uses embedded devices with software made from scratch wont be hacked everyday like it happened recently.

You wont be safe using thousands lines of code of OpenSSL.

You wont be safe using complex TCP/IP stacks.

And so on, and it doesnt matter if it's open source, open source projects can have bugs known by security agencies and unknown publicly, and it can be infiltrated by undercovers who put backdoors disguised as bugs, and Open source community wont see in two years even in biggest famous Open source projects like OpenSSL.

KISS principle - Wikipedia

en.wikipedia.org

using udp means begging to be hacked