Is Open Source safe? [Linux Weekly News]
Bill Stewart
bill.stewart at pobox.com
Wed Nov 25 09:41:58 PST 1998
>Frank O'Dwyer <fod at brd.ie> opines:
>>Yes it does, but not quite in the same way. For example, I believe that
>>in days of yore some attackers managed to insert a back door into some
>>DEC OS by breaking into the coding environment (I don't recall the
>>details, does anyone else?).
At 09:43 AM 11/23/98 -0800, Martin Minow wrote:
><http://www.acm.org/classics/sep95/> describes how the inventors
>of Unix inserted a backdoor into the Unix login program. It's well
>worth reading. However, there is no indication that this trojan
>horse ever shipped to customers.
Well, try logging in as "ken", and I think the password was "nih" :-)
(At least when I was starting my Unix career, it was still common
to have logins "ken" and "dmr" around as a courtesy, though eventually
computer security changed that practice.)
Also, mixing up DEC and Unix has long tradition; back in 1979,
there was an article in one of the Oakland or SF papers about
"Hackers at Berkeley" cracking security on "the Unix, a computer
made by DEC", which was really about abusing answerback on VT100s.
Thanks!
Bill
Bill Stewart, bill.stewart at pobox.com
PGP Fingerprint D454 E202 CBC8 40BF 3C85 B884 0ABE 4639
More information about the cypherpunks-legacy
mailing list