@mattblaze AFAIK the only group to discover Ken’s hack was us in PWB/UNIX. One of the other guys noticed C prepreprocessor had gotten bigger, looked at binary namelist, found symbol not in source code. I got onto Ken’s system, found the code, very clever.
@mattblaze A bit latet, I was in Lab 127’s terminal room, talking to dmr or bwk, and overheard amusing conversation between ken and Robert Morris Sr, who sometimes consulted for NSA.
(RM Jr of worm fame was just a kid then.)
@mattblaze They were chortling away over cleverness of exploit. Then one (must have been ken) said “think we could put this over on NSA?” (which already had UNIX systems... we did favors now and then).
More chortling, then (must have been Bob): uhh, NSA really doesn’t have sense of humor.
@mattblaze PWB crew ran 1st real UNIX computer center & we were hyper-sensitive, partly because someone had called at night, told operator he was Ken Thompson & needed root password ... and got it. Turned out to be high schooler ... proving that social engineering tactics have been eternal.
@mattblaze Years later, as many BTL Directors were buying PDP11-70s for labs as general service systems, some PWB crew were asked to do security audits, given experience running biggest UNIX site. One lab was very proud of enhanced password software.
We did audit, agreed with that, BUT:
@mattblaze We told them, unfortunately:
1) Many terminals had yellow stickies with root password.
2) They’d reused unused lab space w/o adequate HVAC, room got hot, so they often left door open.
As usual, good tech helps, but human error/laziness must always be guarded against.
@mattblaze If anyone wants some nostalgia history, here's a paper written in 1976 about PWB/UNIX computer center.
We were running ~16 concurrent users on 248KB PDP-11/45 and ~48 on 1MB 11/70 ... thankfully more 11/70s came soon after.
ics.uci.edu/~andre/ics228s…
@mattblaze BTL Directors could spend $250K w/o much approval, enough to buy PDP 11/70, disks, tapes, run their own computer center w/o having to negotiate with regular BTL computer centers.
Same thing happened later with workstations & then PCs: user depts got impatient with central IT.
@mattblaze There's often been pendulum swing between centralized & distributed IT handling.
Just as happened later with workstations/PCs, BTL Directors found that running own computer center well was a pain. The main computer centers then offered to do facilities management, with good HVAC,
@mattblaze 24-hour operators who could run tape backups, and centralized purchasing. If a Director wanted more disk space for their system(s), they just told central IT, not have to haggle over disk allocation.
I recall centralized mainframe service bureaus of 1960s,reborrn as cloud🙂
@mattblaze I did hear later (but couldn't verify) that NSA sometimes ran source-code mungers to change variable names to prevent such tricks, where the hack had to recognize code in login and in itself.

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with John Mashey

John Mashey Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @JohnMashey

6 Aug
CB0.1 Two fine books arrived Tuesday, the first recommended to me a few days earlier by @ProfPCDoherty, the other I’d pre-ordered months ago. I was amused to find on the first page of their Preface, @CT_Bergstrom and @jevinwest a quote Frankfurt's book, a classic I'd missed.
CB0.2 These will join the stack I sometimes use as examples of influential books on critical thinking.
As @CT_Bergstrom has noted, there are issues with Huff’s book for current use, but I included it for historical significance.
CB0.3 The following has substantial excerpts, Table of Contents is shown here:
penguinrandomhouse.com/books/563882/c…
The authors teach to (lucky) UW college students, but it could be good start for a high school course that *everyone* now needs.
I'd call it "Defense against the dark arts."
Read 23 tweets
29 Jun
@Cloudflare SSV1/More to the SIGSEGV story.
UNIX 1970/71 was implemented on PDP-11/20s, which had no memory mapping of protection, although BTL research later got an 11/20 with the KS-11 mapping option:
bell-labs.com/usr/dmr/www/pi…
bell-labs.com/usr/dmr/www/od…
@Cloudflare SSV2/UNIX Third Edition apparently didn’t have signal(II)
bitsavers.org/pdf/att/unix/3… Unsurprisingly as few PDP-11/20s in Bell Labs would have had KS-11s.
@Cloudflare SSV3/Ken & Dennis got early PDP-11/45, which had real memory management, rewrote kernel in C, and signal was in 4th Edition, the one I started with in Fall 1973, ~same week as we got our 11/45 for PWB/UNIX. Sadly I’ve misplaced/lost that manual, but:
dspinellis.github.io/unix-v4man/v4m…
Read 23 tweets
10 Apr
i1/ 04/09/20 @Bob_Wachter @UCSF Grand Rounds
(April 2 = typo), about 80 minutes.
He mentions past 2 Ground Rounds have gotten about 100K Views! Desire for good information.
This whole session is relatively low in medical jargon.
youtube.com/watch?v=Odngvc… Image
i2/ Update on COVID-19, at UCSF and around the Country
This is mostly status report, which change rapidly.
Image
i3/ What do we need to do to return to the “life we aspire to”
This is really important, and not often seen in status slides.
Watch this discussion if nothing else.
youtube.com/watch?v=Odngvc… Image
Read 14 tweets
8 Apr
h1/ Trump needs COVID Conqueror PR scheme for reelection:
Hydroxychloroquine (HCQ) for masses, avoid controlled clinical trials.
Most people have mild cases or recover anyway, but many who take HCQ will swear Trump saved them,
although sugar pill might have worked as well. Image
h2/ Visual representation of COVID Conqueror scheme.
HCQ has side -effects, requires great care with dosage.
Real experts are very cautious, want trials.
Trump makes it harder:
Doctor: trial? We’ll randomly give you HCQ or placebo.
NO, I want Trump’s drug! (already occurred). Image
h3/ I’ve done follow-the-money exercises, with Trump always worth checking, don't think I discount that,
but getting reelected is worth FAR more than any possible $gimmickry with a few drug companies.
Bondi
TrumpU
Read 9 tweets
4 Apr
f1/ Trump keeps pushing people to (Hydroxy)Chloroquine.
I’ve been collecting & annotating credible information from @UCSF experts on COVID-19, as it appears, in the subthreads of
CV1-
This thread selects those relevant specifically to HCQ & CQ.
f2/ 03/19/20 @annieluet discussed potential treatments of COVID-19, in internal meeting primarily geared for doctors. I’ve annotated to help general public.
Take a quick look at the tweets, then watch video of her presentation.
a5-a10.2, a13
f3/ 03/24/20 This is part of a 28-minute interview @Bob_Wachter did with @annieluet, very useful as she had time to explain more, easily accessible to general audience. I learned from whole thing:
b1-12
but see especially b5-b6 on CQ/HCQ : NEED TRIALS.
Read 10 tweets
2 Apr
CV1/ COVID-19 TREATMENTS & TRIALS, VIA EXPERTS
(Temp replacement for )
I try to summarize recent info by Infectious Disease (ID) experts amidst rapid change
This is not on vaccines (~year off), but proposed treatments to lessen likelihood or severity. Image
CV2/@UCSF’s Chair of Dept of Medicine @Bob_Wachter daily tweets helpful COVID Chronicles, enumerated here:
FOLLOW HIM
Also, read his books.
CV3/These drugs are in the news.
AZT Azithromicin
CQ Chloroquine
HCQ Hydroxycloroquine
Real experts are very cautious about efficacy/safety of these for COVID-19, especially if used outside well-controlled trials.
A-S
Read 13 tweets

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!

Follow Us on Twitter!