1993-08-31 - Re: Commercial PGP: Verifying Trustworthiness
Header Data
From: doug@netcom5.netcom.com (Doug Merritt)
To: Marc Horowitz <bbyer@BIX.com
Message Hash: 3abc4edae0fe6a591a8acf794e99266d82d2c14f6c91ffe53e0f7f03f27c2321
Message ID: <9308311433.AA11758@netcom5.netcom.com>
Reply To: <marc@Athena.MIT.EDU>
UTC Datetime: 1993-08-31 14:39:03 UTC
Raw Date: Tue, 31 Aug 93 07:39:03 PDT
Raw message
From: doug@netcom5.netcom.com (Doug Merritt)
Date: Tue, 31 Aug 93 07:39:03 PDT
To: Marc Horowitz <bbyer@BIX.com
Subject: Re: Commercial PGP: Verifying Trustworthiness
In-Reply-To: <marc@Athena.MIT.EDU>
Message-ID: <9308311433.AA11758@netcom5.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain
--- Forwarded mail from Marc Horowitz <marc@Athena.MIT.EDU>
>From owner-cypherpunks@toad.com Mon Aug 30 23:40:01 1993
Received: from relay2.UU.NET by mail.netcom.com (5.65/SMI-4.1/Netcom)
id AA14421; Mon, 30 Aug 93 23:39:57 -0700
Received: from toad.com by relay2.UU.NET with SMTP
(5.61/UUNET-internet-primary) id AA10745; Tue, 31 Aug 93 02:40:50 -0400
Received: by toad.com id AA14781; Mon, 30 Aug 93 23:33:56 PDT
Received: by toad.com id AA14701; Mon, 30 Aug 93 23:31:26 PDT
Return-Path: <marc@Athena.MIT.EDU>
Received: from Athena.MIT.EDU ([18.72.1.1]) by toad.com id AA14688; Mon, 30 Aug 93 23:31:23 PDT
Received: from OLIVER.MIT.EDU by Athena.MIT.EDU with SMTP
id AA00837; Tue, 31 Aug 93 02:28:59 EDT
Received: by oliver.MIT.EDU (AIX 3.2/UCB 5.64/4.7) id AA14903; Tue, 31 Aug 1993 02:28:52 -0400
Message-Id: <9308310628.AA14903@oliver.MIT.EDU>
To: bbyer@BIX.com
Cc: honey@citi.umich.edu, cypherpunks@toad.com
Subject: Re: Commercial PGP: Verifying Trustworthiness
In-Reply-To: Your message of Tue, 31 Aug 93 00:14:18 -0400.
<9308310014.memo.72462@BIX.com>
Date: Tue, 31 Aug 93 02:28:52 EDT
From: Marc Horowitz <marc@Athena.MIT.EDU>
Marc Horowitz <marc@Athena.MIT.EDU> said:
>> I dunno. The early versions of UNIX had a back door in the login [...]
>I've let a lot of stupid comments go by, but I have to respond to this one.
>
>It is true that Dennis Ritchie (I believe, if not him, one of the
>other original UNIX authors) proposed such a login/compiler virus.
>But it wasn't in any early version of UNIX.
Stupid? Watch the flame bait...he merely overstated a touch. The back doors
weren't part of any of the full distributions, it's true, but they
were quite a bit more than proposals. Ken Thompson actually distributed
those back doors via a compiler update, warning of a security problem
and urging all sites to recompile. Most did, which inserted the back doors
into the programs. That's close enough to the original claim.
See the Ken Thompson & Dennis Ritchie Turing Award Lecture, which goes
into detail about this. The level of sneakiness involved was amazing.
Compilers are the ultimate security breach.
Doug
Thread
Return to August 1993
Return to “doug@netcom5.netcom.com (Doug Merritt)”
Unknown thread root
- 1993-08-31 (Tue, 31 Aug 93 07:39:03 PDT) - Re: Commercial PGP: Verifying Trustworthiness - doug@netcom5.netcom.com (Doug Merritt)