Hi, folks. I want to talk to you in this video about Communication Channels. Now, an Overt Communication Channel is defined as something that's designed specifically to allow communication between two different entities, like me now speaking with you across a video and you watching, that is an overt means for me to communicate with you. If I were to take out my iPhone and tap your number in and call you, that is an overt communication channel designed specifically for us to communicate. If I were to send an e-mail to you, or we meet in public over coffee at a coffee shop, and we're chatting face-to-face, speaking, my vocal cords making noise, your ear drum vibrating, that is an overt means for communication, was intended for communication. Now, if I told you that it was important, for whatever reasons, some legal policy, security, some sort of reason, that Alice, some Alice somewhere, absolutely should not be communicating with some Bob somewhere. Well, how you would you do it? You'd say, "Okay, you guys can communicate. Alice, no making videos and sending it to Bob." And she goes, "Okay." You say, "Alice, no phone calls to Bob." And Alice says, "All right, no phone calls." You say, "Alice, no e-mail to Bob and Alice no meeting face-to-face over coffee." and on and on and on. You make a big long list of all the overt communication channels. And once you've exhausted your list, you come to the conclusion that in your mind, Alice and Bob can't communicate. And you can potentially say that if the policy is Alice can't communicate with Bob, you'd say we've met that policy because I've torn away the ability of Alice and Bob to use overt communication channels. Let me back up and tell you a little bit about when I was a little kid, my bedroom in my home, shared an adjacent wall with my sister's. Her bedroom's here. My bedroom's there. Adjacent wall. And my mother would say, "All right, you kids. Wait a little. Settle down. Time to go to sleep. No more talking. No more noise. No more anything." And in her mind, that meant no more me making noise with my vocal cord and my sister hearing it. It was bedtime. No more talking. Be quiet. We didn't have cell phones then, so I wasn't texting her, but it was probably more like saying something. But what we would do instead, is when my mother would leave, is I'd go over to the wall and I do like boom, boom, boom, boom, boom to the wall and my little sister would go, boom, boom. Now, is that communicating? You bet, it is. Every kid does that. It's fun and always the same sort of cadence, right? It's always boom, boom, boom, boom, boom, boom, boom. I don't know where that came from but every kid does that. Now, what is that? Is that an overt communication channel? Is the wall an overt communication channel? When you're building a home, do you say, "Oh, it's a beautiful bedroom. Here's the door. There's the windows. Here's all the overt communication channel walls." It's ridiculous. You don't think of a wall that way. It wasn't designed that way. And yet, we were using it for communication. And it's an example of something we call a covert communication channel. Meaning, it's a way of communicating via some shared mechanism, a shared resource that allows for some sort of signaling between Alice and Bob. Interesting question, right? How you would shut the covert channels down, right? I mean, in my home, in my wall, how does my mother stop us from doing it? She could run in and say, "No knocking on the wall." but are there other things she can do? It does turn out that there's two categories. Category one is what I said. You can just absolutely prevent me from touching that covert, or shared wall. And that's not always so easy to do like in a dumb example like my sister and I in a room with the wall, mom can say, "Don't do it." But suppose the shared resource is something like a CPU on a shared, let's say you're tube guest operating systems on a shared piece of hardware through hypervisor. And you don't want this guest operating system to be communicating with this one. And you say, under no circumstances so, I shut out all the overt communication channels, any term of interprocess communication, or sending messages or whatever between the two processes on running on these respective guest OSs in a virtual operating system. Well, one possibility is that this one guest OS at some prearranged time might have agreed with the other one, "Hey, listen we both share a CPU here, here's what I'll do. I'll launch this crazy job that will make the CPU just come to a screeching halt and you'll see it, you'll notice it because we share a CPU here. It's all virtual but we got something common. At one o'clock today, just watch. If you watch the system just go way down every response time flow, that's me and that's me sending you a one. But if I don't do that, that's me sending you a zero. And let's do that every minute. Like every minute, I'll either bring the CPU down, or not." And what would happen is that if you can get that working, I've got a one bit per minute covert channel. Isn't that cool? How do you stop that, right? I mean, you can't launch jobs on a CPU. It's hard to block that. A common mechanism that you're probably going to hate, but I'll tell you anyway, common mechanism that's been discussed at least in the context of theoretical cyber-security, which is where we are right now, we're doing theory, is get this, you put noise in the system, random cookie noise. So, if the CPU is constantly just getting dragged down randomly, then you don't know anymore whether it was Alice doing it or the system did it randomly. Isn't that crazy? Or be like my mother getting a drum pedal with a motor and just randomly, it's just tapping on the wall all night long, random taps. So, if I want to go boom, boom, boom, boom, boom, that's interspersed with all the noise coming from that dumb drum pedal on the wall. It's insane. Welcome to the computer science theory. A lot of it does tend to be a little insane. But it's kind of interesting, right? Because it closes the covert channel. So, the question is, if I want to respect the policy and I want Alice to not be able to communicate with Bob, which is a perfectly reasonable obligation, or goal in cyber-security. I shut all the overt channels down and then I shut all the covert channels down. It's kind of an odd concept, right, to be searching around for covert channels? Theoreticians do it all the time. And in our next video, I'm going to show you something that I think is research from outer space. I mean, it is really interesting and different. It's like nothing you've ever seen, where we're going to take a couple of systems. I'm going to convince you that Alice can't signal Bob. I'll show you first that Alice can signal Bob, then we take out the ability of Alice and Bob to signal, and I'm going to another system like that, and we're going to analyze them and look at some of the properties. Really interesting. So, I hope you'll stay with us. We'll see you on the next video.
