HN Reader

Unless you needed Ethernet, you could have done the same thing with a null modem RS-232 cable with the TX pin cut on one end.

There are reasons that the US Government is super serious about certifying data diodes and cross domain solutions because you need to be absolutely sure what you are doing doesn’t accidentally leak data where it doesn’t need to go.

Real data diode and cross domain solutions are super expensive for this reason.

Those wires are certainly long enough to be antennas.

A "diode" is not an air gap. If there is any flow in either direction, you don't have an air gap. This isn't hard to understand.

I'm assuming you don't have any audit requirements for this application. The stupid pricing for hardware often isn't in the hardware, it's in the compliance.

Why not use optical ethernet as ‘real’ cross domain solutions do? Probably cheaper if you don’t mind eBay, and gives you an easy upgrade path to 10Gbps or more in future.

Two port NIC on the low side. Port 2 has its TX side connected to Port 1’s RX, just so the port will see a carrier and show link up. Port 1 TX goes to the high side machine’s RX, with TX left open.

From here, you have a whole ton of protocol options.

For things like syslog, you can just use a static ARP entry on the low side to forward events to the high side’s IP address via UDP.

For reliable transport, there are lots of options for reliable multicast now using erasure coding etc that don’t require a reverse channel.

The main function of this gear is preventing the ingress of control to a sensitive network, whilst also allowing a controlled outflow of data for monitoring. I think the design choices made were all quite reasonable. Given that it passed an audit, it seems reasonably trustworthy.

The stock raspberry pi doesn't have wireless ports to serve as potential side channels. The use of an opto-isolator means that data is constrained by physics to only flow in the desired direction, no matter what happens in either Raspberry Pi.

It should be possible to replicate this for less that $200 in hardware.

> An opto coupler, also known as an opto isolator, allows an electrical signal to pass from one device to another using light, preventing direct electrical connection. *This ensures data flows in a single direction, maintaining the integrity of the air gap.*

I would like to know how they come to such a conclusion as this is either a misunderstanding or an AI solution. The opto isolator does not maintain the air gap. It only provides galvanic isolation which is likely unnecessary in this situation.

Galvanic isolation is useful in situations where you want to isolate circuits from electrical potential issues (ground loops and so on) or isolation from noise and faults.

If galvanic isolation is necessary, there are "digital isolators" (that's a good search term if you are interested) that are much faster than optocouplers and that don't suffer from the same sort of degradation (over a few years, the LED gets dimmer and dimmer).

But there's probably no galvanic isolation going on here anyway, so a wire, or at most a simple logic buffer, would probably suffice.

If I'm connecting two things from different power domains, I like to use gates (or level shifters, if necessary) that are designed for the task. These will keep stray currents from causing electromigration problems when one is powered on and the other is powered off, and some of these are very fast, over 100 MB/s.

I feel like it's easier to just have Ethernet and a strict HW firewall with the admin interfaces totally disabled (have to full reset to get back in).

You can either just block packets in one direction, or you can add a small amount of risk and allow UDP and TCP with zero payload in one direction. That would allow you to reliably stream in one direction and request from either direction, albeit with a slightly exploitable channel (timing, reliability or the space of values allowed in the protocol).

You already have to trust the RPI hardware to not enable WiFi on either side, so why not trust a router?

I don't see how this is airgapped. You literally connect a full Pi to the RXing computer. What audit has RX Pi device gone through?

I wrote this to share my experience building a secure one-way data transfer solution for air-gapped systems. Happy to answer technical questions about why we chose this architecture and the challenges we faced, lots of ways to solve this problem, but this is my way.

Is raspberry pi a good choice for this? How auditable is the SOC on this thing? As I understand it, there is an administrative core that you can't reprogram and that has DMA to the user core and provide DRM decoding. It could be doing anything.

Once I have a reliable network diode in place, is there an open source software stack to help me move the various kinds of OS updates, repos, and mirrors that I need? I can do this kind of stuff, but I know I’m reinventing the wheel.

You can find a collection of data diode information at the Github vrolijk. Https://www.github.com/vrolijk/osdd

Everyone commenting about the strict definition is a very smart boy. Good job and gold stars all around for the productive conversation! You're solving the real problems of our times here.

This is pretty neat, but is what you pictured the final product? It doesn't strike me as sufficiently robust for deployment. More like an engineering concept...

Commercial data diodes tend to use fiber optics and disable the transmitter on one end and the receiver on the other end.

Could've used a speaker and microphone with an appropriate noise-resistant digital encoding.

Just use DNS.