Hacker News new | ask | show | jobs
by joelwilliamson 1059 days ago
How do you remote access an air-gapped workstation? Seems like you'd need to be constantly switching whether your laptop is on the internet-connected network or the isolated network. If the laptop can switch between them automatically, wouldn't that make it possible for an attacker to jump the gap?

Even just having hosts that are sometimes internet connected and sometimes on the airgap network will greatly weaken the isolation. Stuxnet could cross an airgap with just static media, allowing thousands of computers that sometimes connect to the internet across the airgap seems like a fatal weakness.
1 comments
quietbritishjim 1059 days ago
The other key detail missing is presumably that the workstation is not air gapped at all, just prevented from accessing the internet with some firewall rules.

For those that don't know: air gapped means completely disconnected, as in literally pull the network cable out the back and never back in again. File transfers have to happen using some physical medium (traditionally write-once CDs/DVDs). You can have an air gapped network so long as the machines are just connected to each other and there's no physical route whatsoever to the internet.

link