Re: Write-only devices (Was read only devices)

[neill () en com (neill)]

> On Mon, 24 Jun 1996, Paul C Leyland <pcl () foo oucs ox ac uk> wrote:
> >  Cheap 9-pin printers are simple, reliable and
> > understandable.
> Cheap and understandable I'll accept.  `reliable' I won't - at least
> not at a system level (accepting data and producing a legible paper
> record).  In my experience, dot-matrix pin-printers fail in the
> following ways:
> - the ribbon runs out
> - The ribbon creases or jumps a guide, producing white-on-white printouts
> - the paper runs out
> - the paper mis-stacks, jams the printer and results in a rectangular
>   black blot.
> - the paper feed jams, tearing either the paper or the sprockets.
> - the print-head snags a paper-fold, tearing the paper.
> - ink dries out in the print-head, seizing the pins (this is unlikely in
>   a logging printer though).

You could do what the phone companies do for their billing (well, just
about any) information -- an essential at least for data security --
and use redundancy.. that way, if a ROP chokes, and you have it on
tape, or if both fail, and you have it on another backup system, the
data is still around.. plus you can verify the information on one
loggin system with the information on another for validity. its the
same concept as taking file signatures and storing them remotely
(tripwire, etc..).

The upshot of which is that depending on how serious your security is,
you can usually add enough levels of fail-safe mechanisms in the way
loggin works on your system or network (..and never beat out the
hacker 100%). I agree, all of this falls apart if the intruder
launches a sound denial of service attack on your monitoring
facilities. And unfortunately, it is true that most attacks originate
from within the inside, so to speak, from someone who is at least
casually familiar with your setup and has an advantage over someone
who knows nothing about it.