From: Matthew J Ghio <mg5n+@andrew.cmu.edu>
Date: Thu, 3 Feb 94 12:24:46 PST
To: cypherpunks@toad.com
Subject: Re: New remailer up.
In-Reply-To: <9402031548.AA23590@igi.psc.edu>
Message-ID: <UhIJlGi00awHMorUcc@andrew.cmu.edu>
MIME-Version: 1.0
Content-Type: text/plain


"Jon 'Iain' Boone" <boone@psc.edu>

> Yes, but the trophy is hardly worth the effort.  Even though it wouldn't
> cost $50,000 in terms of actual equipment or time, it might well take
> such a sum to cause Perry to take the risk of being caught.  Unless the
> netcom folks are real slouches, I would think that they would notice
> that their kernel had been re-compiled and the machine rebooted.  Good
> luck not being detected...  Of course, there is always the off chance
> that they already have NIT compiled into the kernel...

Ah, yes, but if you were a skilled machine lanugage hacker you could use
a dissassembler to patch the code while it was in RAM.  Very difficult
to do, but also very difficult to detect.  In theory, if you could steal
their kernal (or had a similiar one) and you compiled it on your own Sun
station, you could could probably isolate the routines you needed to
patch, write a program to locate the processes running on root, scan
memory looking for that subroutine, and then let you insert your own. 
The Netcom folks would have to look pretty hard to catch on to that type
of attack...and if they rebooted - poof! - the evidence disappears!  :)

It's certainly more than $20 worth of work tho...  and you'd still have
to find a way to get to root (or at least grab control of the cpu chip
for a few microseconds).

What kind of cpu do Suns use anyway?  (I've never used a sun before, and
I don't know much about them.)  I know NeXT used the 680x0...  What
about DEC?
(I'm just a PC user type showing my ignorace about other systems. :-)