Path: utzoo!utgpu!news-server.csri.toronto.edu!rpi!zaphod.mps.ohio-state.edu!sdd.hp.com!hplabs!hpcc05!hpyhde4!hpycla!hpcuhc!hpda!hpwala!hpwadac!lupienj
From: lupienj@hpwadac.hp.com (John Lupien)
Newsgroups: comp.unix.wizards
Subject: Re: Re: Hacking and "Amateurism"
Keywords: WARNING!
Message-ID: <1916@hpwala.wal.hp.com>
Date: 5 Apr 91 16:44:39 GMT
References: <1991Mar26.015635.23103@mintaka.lcs.mit.edu> <1991Mar26.163720.28379@en.ecn.purdue.edu> <1991Mar27.041126.9886@news.miami.edu>
Sender: netnews@hpwala.wal.hp.com
Reply-To: lupienj@hpwarq.hp.com (John Lupien)
Organization: Hewlett Packard, Waltham, Mass
Lines: 19

In article <1991Mar27.094325.24599@en.ecn.purdue.edu> kidder@en.ecn.purdue.edu (Mark Stephen Kidder) writes:
>PS I learned earlier from another that UNIX does not use a DES
>   encryption method for the password; however, a one-way method
>   is used making decoding a password impossible.
                                       ^^^^^^^^^^^
To borrow a phrase from one of those "Airplane" movies, "You use that
word a lot. I don't think it means what you think it means."

When someone says that something is "impossible", the first thing that
comes to my mind is "how long has it been impossible, and how long will
it stay that way?". Certainly I don't know how to decode an encrypted
UNIX password, but I think it is somewhat foolhardy to assume that nobody
does. There are some very clever people around, and some of them have some
very fast and capable hardware. 


---
John R. Lupien
lupienj@hpwarq.hp.com