Jump to content

Talk:Covert channel

Page contents not supported in other languages.
From Wikipedia, the free encyclopedia

good movie


This article needs major revisions. It is not a good summary of existing work on covert channel. Even the definition part is not complete, making the following part confusing/misleading. In the literature, the term "covert channel" has several definitions that are not equivalent. Some of them, including the widely accepted one defined in the Orange Book, do not consider steganography as covert channels. In this sense, without clarifying the assumed definition, this article is flawed. —Preceding unsigned comment added by 71.198.122.69 (talk) 08:20, 26 March 2008 (UTC)[reply]


Major Flaws

[edit]

This article is so incorrect that there may not be any sentences that can be salvaged. I made a pass at fixing the main introduction. It is written from the POV of cross domain solutions and trusting all the software to find the object hiding; not from sound COMPUSEC awareness. We need to convert it to real covert channels. Hopefully there is someone educated who can help. John (talk) 04:35, 10 December 2009 (UTC)[reply]


Examples May Help

[edit]

Now the intro is more correct. I believe 3 examples would help:

1. a covert storage channel

2. a covert timing channel

3. a channel that is NOT a covert channel, whereby an object is hidden or encoded in a data structure of an object that is transported on a legitimate channel.


Data Hiding Sections Need To Go

[edit]

Data hiding is an attack based on misuse of a legitimate data channel, categorically not a covert channel. All the "Data Hiding" sections are misplaced in this article and I plan to delete them unless someone objects. They may be excellent for another article. John (talk) 06:24, 20 January 2010 (UTC)[reply]

I agree that the data hiding sections should be removed - they lack citations for the material discussed, lack mainstream citations for the topic, and confuse data hiding with covert channels. A concise section on so-called network covert channels should be included, instead. Also, the term data hiding should be not be retained, as it is easily confused with both information hiding (a design strategy for representation-independent interfaces) and steganography. (Timlevin (talk) 20:05, 21 December 2013 (UTC))[reply]

Take a look at this SANS paper which classifies Steganography as a covert channel A Discussion of Covert Channels and Steganography. I am not stating that the idea of "data hiding" is synonymous with covert channels, however this paper indicates that Steganography is considered to be a covert channel by the SANS institute. Would be interested in thoughts! — Preceding unsigned comment added by Shrout1 (talkcontribs) 16:27, 26 February 2015 (UTC)[reply]

[edit]

Hello fellow Wikipedians,

I have just modified one external link on Covert channel. Please take a moment to review my edit. If you have any questions, or need the bot to ignore the links, or the page altogether, please visit this simple FaQ for additional information. I made the following changes:

When you have finished reviewing my changes, you may follow the instructions on the template below to fix any issues with the URLs.

This message was posted before February 2018. After February 2018, "External links modified" talk page sections are no longer generated or monitored by InternetArchiveBot. No special action is required regarding these talk page notices, other than regular verification using the archive tool instructions below. Editors have permission to delete these "External links modified" talk page sections if they want to de-clutter talk pages, but see the RfC before doing mass systematic removals. This message is updated dynamically through the template {{source check}} (last update: 5 June 2024).

  • If you have discovered URLs which were erroneously considered dead by the bot, you can report them with this tool.
  • If you found an error with any archives or the URLs themselves, you can fix them with this tool.

Cheers.—InternetArchiveBot (Report bug) 22:51, 13 August 2017 (UTC)[reply]

Port knocking

[edit]

Please verify the sentence: "A similar case is port knocking. In usual communications the timing of requests is irrelevant and unwatched. Port knocking makes it significant." I would fix to: "A similar case is port knocking. In usual communications the timing of requests is irrelevant and unwatched. Covert channel makes it significant."Truman (talk) 16:51, 4 March 2019 (UTC)[reply]

Wrong definition?

[edit]

"a covert channel is a type of attack that creates a capability to transfer information objects between processes that are not supposed to be allowed to communicate by the computer security policy." But Covert channel is not an attack, or not only an attack, it is a vulnerability. I would fix to: "a covert channel is a vulnerability that allows to transfer information objects between processes that are not supposed to be allowed to communicate by the computer security policy. This can be due to a wrong design or to a specific attack."Truman (talk) 17:24, 4 March 2019 (UTC)[reply]