Re: Hey old people

[Roland Dobbins <rdobbins () cisco com>]

I already mentioned that one.

;>

On Dec 22, 2005, at 1:48 PM, Drsolly wrote:

> Remember the vulnerability in Enigma, which considerably hastened the
> end of the war.
>
> On Thu, 22 Dec 2005, Blue Boar wrote:
>
> > Tom Van Vleck wrote:
> > > Wow. Bob Fiske was one of my room mates freshman year at MIT (1961).
> > > And another friend of mine dated Goheen.
> >
> > I'm seriously considering tracking some people down for interviews at
> > some point, any idea if they are still around and locatable?  I'll be
> > taking a hard look at the multicians for some of this.
> >
> > > These are not nearly old enough though.
> > > But one gets into the question of the definition of vulnerability.
> > > e.g. it was well known that one could disable the 7094 FMS  
> > > supervisor's
> > > job time limit counter and accounting by storing zero in a certain
> > > location in core.  (No, I'm not going to say which one on an open
> > > channel.)
> > > That was a vulnerability in a system with no memory protection where
> > > only one job was running at a time, circa 1962.
> >
> > I've had some private conversations with the osvdb guys, and I  
> > think we
> > have semi-agreed that we're looking for a documented privilege
> > escalation or bypass bug, and and OS/hardware combination with some
> > protection mechanism, probably a supervisor mode at least.  I suspect
> > for this exercise, they would exclude things like a crypto crack.
> > Original link for those that missed it:
> >
> > http://www.osvdb.org/blog/?p=77
> >
> > So I don't think a system with no memory protection would qualify in
> > this instance.  Not that I still wouldn't love details.
> >
> > I *think* this means that for this definition, the earliest  
> > possible is
> > early '60s?
> >
> > > A little later, there was a documented bug in CTSS where programs
> > > that increased their memory allocation size would get non-zeroed  
> > > core.
> > > So a programmer in the system group wrote a little program to start
> > > small, get big, scan its new memory for passwords.  Quickly got  
> > > root,
> > > that is, Dick Mills's password.  This would be 1965 or so.
> >
> > I've known that one as folklore for a long time.  (It's older than my
> > personal experience, I was born in 1969.)  That's one I'm looking for
> > documentation on.  In the '72 paper, that (class of) bug is already
> > treated as an old-time bug.
> >
> > > You folks have looked at Donn Parker's book, right, and you are  
> > > looking
> > > for things earlier than his earliest?
> >
> > I don't think so, I think we're a bunch of newbs approaching this  
> > from a
> > position of ignorance.  That's the case for myself, anyway.  I see
> > Amazon knows of lots of books by him.  Is it one of these?
> >
> > Crime by computer 1976
> >
> > Manager's Guide to Computer Security (Paperback) 1983
> >
> > Computer abuse perpetrators and vulnerabilities of computer  
> > systems 1975
> >
> > Computer abuse assessment 1975
> >
> > (The list goes on, he's done quite a few)
> >
> >                                                 BB
> >
> > _______________________________________________
> > Fun and Misc security discussion for OT posts.
> > https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
> > Note: funsec is a public and open mailing list.
>
> _______________________________________________
> Fun and Misc security discussion for OT posts.
> https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
> Note: funsec is a public and open mailing list.

--------------------------------------------------------------------
Roland Dobbins <rdobbins () cisco com> // 408.527.6376 voice

 Algorithm agility is an essential feature in any Internet protocol.

                     -- Bruce Schneier



_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.