[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Is Open Source safe? [Linux Weekly News]




>Frank O'Dwyer <[email protected]> opines:
>>Yes it does, but not quite in the same way. For example, I believe that
>>in days of yore some attackers managed to insert a back door into some
>>DEC OS by breaking into the coding environment (I don't recall the
>>details, does anyone else?).

At 09:43 AM 11/23/98 -0800, Martin Minow wrote:
><http://www.acm.org/classics/sep95/> describes how the inventors
>of Unix inserted a backdoor into the Unix login program. It's well
>worth reading. However, there is no indication that this trojan
>horse ever shipped to customers.

Well, try logging in as "ken", and I think the password was "nih" :-)
(At least when I was starting my Unix career, it was still common
to have logins "ken" and "dmr" around as a courtesy, though eventually
computer security changed that practice.)

Also, mixing up DEC and Unix has long tradition; back in 1979,
there was an article in one of the Oakland or SF papers about
"Hackers at Berkeley" cracking security on "the Unix, a computer 
made by DEC", which was really about abusing answerback on VT100s.


				Thanks! 
					Bill
Bill Stewart, [email protected]
PGP Fingerprint D454 E202 CBC8 40BF  3C85 B884 0ABE 4639