1998-11-25 - Re: Is Open Source safe? [Linux Weekly News]
Header Data
From: Bill Stewart <bill.stewart@pobox.com>
To: Martin Minow <cypherpunks@cyberpass.net
Message Hash: 368943a090b3f0669a780a78d39ddd2fdf13d774cc08870b1ff8b88825f29411
Message ID: <3.0.5.32.19981124135414.008dec10@idiom.com>
Reply To: <36595F29.C39B997A@brd.ie>
UTC Datetime: 1998-11-25 17:41:58 UTC
Raw Date: Thu, 26 Nov 1998 01:41:58 +0800
Raw message
From: Bill Stewart <bill.stewart@pobox.com>
Date: Thu, 26 Nov 1998 01:41:58 +0800
To: Martin Minow <cypherpunks@cyberpass.net
Subject: Re: Is Open Source safe? [Linux Weekly News]
In-Reply-To: <36595F29.C39B997A@brd.ie>
Message-ID: <3.0.5.32.19981124135414.008dec10@idiom.com>
MIME-Version: 1.0
Content-Type: text/plain
>Frank O'Dwyer <fod@brd.ie> opines:
>>Yes it does, but not quite in the same way. For example, I believe that
>>in days of yore some attackers managed to insert a back door into some
>>DEC OS by breaking into the coding environment (I don't recall the
>>details, does anyone else?).
At 09:43 AM 11/23/98 -0800, Martin Minow wrote:
><http://www.acm.org/classics/sep95/> describes how the inventors
>of Unix inserted a backdoor into the Unix login program. It's well
>worth reading. However, there is no indication that this trojan
>horse ever shipped to customers.
Well, try logging in as "ken", and I think the password was "nih" :-)
(At least when I was starting my Unix career, it was still common
to have logins "ken" and "dmr" around as a courtesy, though eventually
computer security changed that practice.)
Also, mixing up DEC and Unix has long tradition; back in 1979,
there was an article in one of the Oakland or SF papers about
"Hackers at Berkeley" cracking security on "the Unix, a computer
made by DEC", which was really about abusing answerback on VT100s.
Thanks!
Bill
Bill Stewart, bill.stewart@pobox.com
PGP Fingerprint D454 E202 CBC8 40BF 3C85 B884 0ABE 4639
Thread
Return to November 1998
- Return to “Adam Back <aba@dcs.ex.ac.uk>”
- Return to “Bill Stewart <bill.stewart@pobox.com>”
- Return to ““Frank O’Dwyer” <fod@brd.ie>”
- Return to “Jim Burnes - Denver <jim.burnes@ssds.com>”
- Return to “Jim Choate <ravage@einstein.ssz.com>”
- Return to “Martin Minow <minow@pobox.com>”
Return to “Vlad Stesin <rmiles@Generation.NET>”
- 1998-11-23 (Mon, 23 Nov 1998 11:57:42 +0800) - Is Open Source safe? [Linux Weekly News] - Jim Choate <ravage@einstein.ssz.com>
- 1998-11-23 (Mon, 23 Nov 1998 13:08:13 +0800) - Re: Is Open Source safe? [Linux Weekly News] - Vlad Stesin <rmiles@Generation.NET>
- 1998-11-23 (Mon, 23 Nov 1998 21:49:11 +0800) - Re: Is Open Source safe? [Linux Weekly News] - “Frank O’Dwyer” <fod@brd.ie>
- 1998-11-23 (Tue, 24 Nov 1998 02:43:29 +0800) - Re: Is Open Source safe? [Linux Weekly News] - Jim Burnes - Denver <jim.burnes@ssds.com>
- 1998-11-23 (Tue, 24 Nov 1998 03:59:32 +0800) - Re: Is Open Source safe? [Linux Weekly News] - “Frank O’Dwyer” <fod@brd.ie>
- 1998-11-23 (Tue, 24 Nov 1998 03:24:49 +0800) - how to insert plausibly deniable back-doors (Re: Is Open Source safe? [Linux Weekly News]) - Adam Back <aba@dcs.ex.ac.uk>
- 1998-11-25 (Thu, 26 Nov 1998 01:41:58 +0800) - Re: Is Open Source safe? [Linux Weekly News] - Bill Stewart <bill.stewart@pobox.com>
- 1998-11-23 (Tue, 24 Nov 1998 02:43:29 +0800) - Re: Is Open Source safe? [Linux Weekly News] - Jim Burnes - Denver <jim.burnes@ssds.com>
- 1998-11-23 (Tue, 24 Nov 1998 02:39:43 +0800) - Re: Is Open Source safe? [Linux Weekly News] - Martin Minow <minow@pobox.com>
- 1998-11-23 (Tue, 24 Nov 1998 03:55:39 +0800) - Re: Is Open Source safe? [Linux Weekly News] - “Frank O’Dwyer” <fod@brd.ie>
- 1998-11-23 (Mon, 23 Nov 1998 21:49:11 +0800) - Re: Is Open Source safe? [Linux Weekly News] - “Frank O’Dwyer” <fod@brd.ie>
- 1998-11-24 (Tue, 24 Nov 1998 14:40:24 +0800) - Re: Is Open Source safe? [Linux Weekly News] - Martin Minow <minow@pobox.com>
- 1998-11-23 (Mon, 23 Nov 1998 13:08:13 +0800) - Re: Is Open Source safe? [Linux Weekly News] - Vlad Stesin <rmiles@Generation.NET>