RE: [SG2] APFCs in Stargrunt

Glover, spake thusly upon matters weighty: 

> >True security (at least from an digital-data perspective) is based on
> >mathematics, not secrecy.  So in addition to broadcasting the signal
on the
> >right frequency, Require the 'query' command to be encrypted.  If the
> >receiver decrypts the correct command, then the response is sent,
otherwise
> >it stays silent.
> 
> Sadly, from a Security perspective, the largest weakness in any
classified
> project is the Personnel Security. I would be very confident in
expecting
> that if any compromise were to occur on such a mass produced device as
> Personal IFF devices and systems, that it would likely occur through
someone
> providing the detail or info. The likelihood of this occuring is even
> greater if the encryption aspects are of a very high quality.

True enough, and of course bureaucratic foulups ("what do you mean 
you dropped the IFF codes in the trash bin! Who knows whose got them 
now, and its too damn late to change them - the Ops in progress!"). I 
have an InfoSec book that spends about two chapters on computers and 
the rest of the work on organizational setup and protocols because 
the soft squishy parts of the system are most likely to be the 
security weakpoints.  
/************************************************
Thomas Barclay		     
Voice: (613) 831-2018 x 4009
Fax: (613) 831-8255

 "C makes it easy to shoot yourself in the foot.  C++ makes
 it harder, but when you do, it blows away your whole leg."
 -Bjarne Stroustrup
**************************************************/