UNIX-WIZARDS Digest V3#078

Rex Black black at ee.UCLA.EDU
Tue Mar 10 16:09:29 AEST 1987 

> 	Would you wizards out there please send me (Chairman of local ACM)
> some detailed possible attacks on holes in UNIX OS's? I will pass the info
> on to our attack team, and to no one else (as I am also manager of an academic
> facility machine, I have a vested interest in maintaining such info secure).

I feel that Gould was *extremely* ill-advised to post such a challenge,
much less allow someone to take them up on it.  This so-called contest
really boils down into nothing more than an extremely advanced seminar
in how to destroy a Unix system.  By the time this ACM "attack team"
is finished with their "project", every one of these people is going
to be a veritable black-belt in system destruction.  It speaks pretty
poorly of Gould that they feel no compunction about encouraging people
to obtain this type of knowledge.  

Suppose that a nuclear energy facility had developed what they considered
an "unbreakable" security system for a plutonium reprocessing plant.
Would it then behoove the company to seek out a collection of Palestinian 
terrorists and dare them to steal 150 kilos of weapons-grade Pu?  I dare 
say that any company doing this would soon find that its management was 
cooling their heels in a max. sec. prison.  With Unix branching out into more
and more critical operations (banking, hospitals, national security, etc.),
what possible right does Gould have to assemble a team of "super-hackers",
no matter how reliable these people are?

I hope that Dr. Tullis is very careful in the screening of who gets into
his attack team...I personally would refuse because I *know* the temptation
would be too much for me; I wonder if every person to whom such power
would be an immense temptation would have the same scruples.  (Just how
often would *you* drive 55 if you had a Ferrari?)

Rex Black
	
black at ee.ucla.edu                                          ARPA        
...!{ihnp4,ucbvax,sdcrdcf,trwspp}!ucla-cs!uclaee!black     UUCP

Disclaimer:  The following are my own opinions and may or may not reflect
the official view of the University of California or any of its employees.

More information about the Comp.unix.wizards mailing list