Proper air gap maintained religiously should be able to solve a lot of problems in cyber crime. After all, we still interface with computers through meat and bones.
Yes, it's just the maintaining it religiously part that's surprisngly hard.
Like, things and emergencies come up just like they do in a normal business but you have to go all the way back into secure mode to address them.
That process takes time and effort. Cleaning runs to location where you connect, switching hardware, activating all the vpn chains or tor connection, etc etc. Coordinating occasional OTP key exchanges, time/location randomization, etc. ...you didn't slip up and get lazy with the entropy generating your "secure" encryption key did you? You have to find drop shipping locations and those expire or go wrong.
Or there was a car at location X which is a choke point that is technically on your list of triggers for counter surveillance but it's 7PM on a Friday and that cute girl you're supposed to meet is waiting. Do you assume the worst and burn everything, re-do your secure connection point or just ignore it and go through your usual process since 99/100 it's likely to be a false alarm? Or hey, the delivery guy was a day late on the 1-day shipping you used to limit the time frame the agencies could use to get a warrant, and now it's outside your predetermined acceptable window. Do you have the discipline to take the loss and refuse the package?
You get the idea. It's exhausting and people make one stupid mistake and get called out on the internet for being a moron.
Like, things and emergencies come up just like they do in a normal business but you have to go all the way back into secure mode to address them.
That process takes time and effort. Cleaning runs to location where you connect, switching hardware, activating all the vpn chains or tor connection, etc etc. Coordinating occasional OTP key exchanges, time/location randomization, etc. ...you didn't slip up and get lazy with the entropy generating your "secure" encryption key did you? You have to find drop shipping locations and those expire or go wrong.
Or there was a car at location X which is a choke point that is technically on your list of triggers for counter surveillance but it's 7PM on a Friday and that cute girl you're supposed to meet is waiting. Do you assume the worst and burn everything, re-do your secure connection point or just ignore it and go through your usual process since 99/100 it's likely to be a false alarm? Or hey, the delivery guy was a day late on the 1-day shipping you used to limit the time frame the agencies could use to get a warrant, and now it's outside your predetermined acceptable window. Do you have the discipline to take the loss and refuse the package?
You get the idea. It's exhausting and people make one stupid mistake and get called out on the internet for being a moron.