Talk:Covert channel

good movie

This article needs major revisions. It is not a good summary of existing work on covert channel. Even the definition part is not complete, making the following part confusing/misleading. In the literature, the term "covert channel" has several definitions that are not equivalent. Some of them, including the widely accepted one defined in the Orange Book, do not consider steganography as covert channels. In this sense, without clarifying the assumed definition, this article is flawed. —Preceding unsigned comment added by 71.198.122.69 (talk) 08:20, 26 March 2008 (UTC)

Major Flaws
This article is so incorrect that there may not be any sentences that can be salvaged. I made a pass at fixing the main introduction. It is written from the POV of cross domain solutions and trusting all the software to find the object hiding; not from sound COMPUSEC awareness. We need to convert it to real covert channels. Hopefully there is someone educated who can help. John (talk) 04:35, 10 December 2009 (UTC)

Examples May Help
Now the intro is more correct. I believe 3 examples would help:

1. a covert storage channel

2. a covert timing channel

3. a channel that is NOT a covert channel, whereby an object is hidden or encoded in a data structure of an object that is transported on a legitimate channel.

Data Hiding Sections Need To Go
Data hiding is an attack based on misuse of a legitimate data channel, categorically not a covert channel. All the "Data Hiding" sections are misplaced in this article and I plan to delete them unless someone objects. They may be excellent for another article. John (talk) 06:24, 20 January 2010 (UTC)

I agree that the data hiding sections should be removed - they lack citations for the material discussed, lack mainstream citations for the topic, and confuse data hiding with covert channels. A concise section on so-called network covert channels should be included, instead. Also, the term data hiding should be not be retained, as it is easily confused with both information hiding (a design strategy for representation-independent interfaces) and steganography. (Timlevin (talk) 20:05, 21 December 2013 (UTC))

Take a look at this SANS paper which classifies Steganography as a covert channel A Discussion of Covert Channels and Steganography. I am not stating that the idea of "data hiding" is synonymous with covert channels, however this paper indicates that Steganography is considered to be a covert channel by the SANS institute. Would be interested in thoughts! — Preceding unsigned comment added by Shrout1 (talk • contribs) 16:27, 26 February 2015 (UTC)

External links modified
Hello fellow Wikipedians,

I have just modified one external link on Covert channel. Please take a moment to review my edit. If you have any questions, or need the bot to ignore the links, or the page altogether, please visit this simple FaQ for additional information. I made the following changes:
 * Added archive https://web.archive.org/web/20141018041347/http://faculty.kfupm.edu.sa/COE/mimam/Papers/96%20Hiding%20Data%20in%20the%20OSI%20Network%20Model.pdf to http://faculty.kfupm.edu.sa/COE/mimam/Papers/96%20Hiding%20Data%20in%20the%20OSI%20Network%20Model.pdf

When you have finished reviewing my changes, you may follow the instructions on the template below to fix any issues with the URLs.

Cheers.— InternetArchiveBot  (Report bug) 22:51, 13 August 2017 (UTC)

Port knocking
Please verify the sentence: "A similar case is port knocking. In usual communications the timing of requests is irrelevant and unwatched. Port knocking makes it significant." I would fix to: "A similar case is port knocking. In usual communications the timing of requests is irrelevant and unwatched. Covert channel makes it significant."Truman (talk) 16:51, 4 March 2019 (UTC)

Wrong definition?
"a covert channel is a type of attack that creates a capability to transfer information objects between processes that are not supposed to be allowed to communicate by the computer security policy." But Covert channel is not an attack, or not only an attack, it is a vulnerability. I would fix to: "a covert channel is a vulnerability that allows to transfer information objects between processes that are not supposed to be allowed to communicate by the computer security policy. This can be due to a wrong design or to a specific attack."Truman (talk) 17:24, 4 March 2019 (UTC)