Hello,
Several days back, I posted a message on this forum in relation to a software security issue. I had hoped to get some feedback on a potential solution, but it seems that perhaps my post was a bit too broad in its scope. I have since come up with a different approach that might be simpler and easier to achieve--albeit it is now not strictly speaking a networking issue. If anyone has any feedback on this, I would be very, very grateful. I really need help on this.
I will begin with a bit of background information:
I am using a program (Program-Z) that receives a continuous stream of data via the internet for several hours a day and so requires an active internet connection during those hours. Program-Z displays the information on a graph as the data arrives and also allows me to statistically analyse the data. My main concern is that I cannot be sure that the program isn’t surreptitiously sharing my statistical analysis with the developers of the program. In other words, the program could be engineered to take advantage of its constant access to the internet and participate in some sort of unauthorized transfer of data without my knowledge.
Program-Z has built in data-export and data-import features. To export data, I simply have to click on a menu and input the start and end date of the data I wish to export. The program then saves the data for that time period to a text file.
Theoretically, it would be possible to export data at regular intervals (possibly as low as once a second) and transport the data file that was created to a second computer that was not connected to the internet. The second computer would also have a copy of Program-Z on it, but no internet access. I could then import the data using the program's import facility and have a graph that would be constantly updated within an acceptable timeframe.
The big drawback to this approach is that to do this manually would be physically impossible. However, such an approach might be practical if it were automated. Do you think that it would be possible to write a computer program that could tell Program-Z to export the data and then have the file sent via Ethernet to the second computer? A similar program on the second computer could then automate the data import process on the copy of Program-Z on the second computer.
The copy of Program-Z on the second computer could function completely in offline mode without the need of an internet connection as it would rely on importing data rather than receiving it in real time. If one completely blocked any outbound Ethernet traffic via a firewall, such an approach would be as close as one could come to having a physical barrier between the two computers and therefore provide a very high level of security.
It would be similar to a macro in a word processing program--although I would imagine that it would have to be a kind of external macro and run "on top of" Program-Z. Perhaps the programming behind system-wide keyboard shortcuts or the safe shutdown software used when the electric power is cut would hold clues as to how this could be implemented?
As I have said, I would indeed be grateful if anyone has any feedback on this.