Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP Path: utzoo!linus!decvax!brl-bmd!Human-Nets-Request@rutgers From: Human-Nets-Request%rutgers@brl-bmd.UUCP (Human-Nets-Request@rutgers) Newsgroups: fa.human-nets Subject: HUMAN-NETS Digest V6 #83 Message-ID: <745@brl-bmd.UUCP> Date: Thu, 22-Dec-83 20:10:39 EST Article-I.D.: brl-bmd.745 Posted: Thu Dec 22 20:10:39 1983 Date-Received: Sat, 24-Dec-83 04:43:47 EST Lines: 351 HUMAN-NETS Digest Thursday, 22 Dec 1983 Volume 6 : Issue 83 Today's Topics: Query - Split Horizon Routing, Response to Query- Input Devices, Computer Security - Passwording (3 msgs), Computers and People - Big Computer is Watching You & Augmented Global Consciousness?, Computer Networks - Usenet <=> Arpanet (2 msgs), Computers and the Media - EPROMs victim of newspeak? ---------------------------------------------------------------------- Date: Wed 14 Dec 83 22:33:30-EST From: Robert Montay Subject: question about split horizon Can anyone give me a quick explanation of split horizon routing. I came across this while reading about digital communication networks. I have been unable to find background material. Thanks much, Bob Montay (MONTAY@COLUMBIA-20) ------------------------------ Date: 15 December 1983 22:20 est From: Makey.DODCSC at MIT-MULTICS Subject: Non-QWERTY keyboards For years I have heard about non-QWERTY keyboards but have never seen one. In vol. 6 no. 78 of Human-Nets, Stan Barber mentioned a "DVORAK" keyboard. Assuming that it is one of those (non-QWERTY) animals, could someone explain (with a translation table or a diagram) what it looks like? Also, what are the advantages of such a keyboard? :: Jeff Makey ------------------------------ Date: 11 Dec 1983 0820-PST From: CAULKINS%USC-ECL@MINET-CPO-EM Subject: Passwords I was involved in setting password rules for one of the systems I'm on. The results were as follows: 1) Passwords must be at least 6 characters long, and contain at least one char each from the following sets: 1.1) a-z 1.2) A-Z 1.3) 0-9 1.4) Special characters (#$%^&, etc.) 2) A password must not appear in a dictionary or be a common name. The result of all these are things with deliberate misspellings, and 'cutesy' enough to have strong mnemonic properties. An example of a recently retired password is "n0Ways". Dave C PS Ooops - that should have been "n0Ways!" ------------------------------ Date: Thu 15 Dec 83 07:45:55-CST From: Werner Uhrig Subject: some suggestions about passwords ... I don't remember seeing or using a system which really provided any help to the users in terms of passwords and security. So here are a few things I thought of, which (I feel) would help: 1) allow me to set a parameter of a certain time-period, after which the system would, automatically, require me to change the password. 2) to make longer and unpronouncable passwords more acceptable to me, allow me to define a prompting sentence which I can request from the system, when I can't remember the password anymore. This prompt might be protected by a second password of my choice, with another, much more stable and simpler password, and with another prompt, if need be. After requesting to get a "prompt" from the system, I should be given only 1 chance (maybe 2) to get things right. The event should always be reported to the systems support staff, and if I miss, my account should be deactivated, and the attempt to login should result in a request to call/appear in person and should again be captured in a "security-log" which the support staff should read at great frequency. (!!!) These and other "strange" events should also be reported to me by phone or hardcopy. 3) A log of all sessions of my account should be kept in a DB and available to me online, with facilities for me to scan. I would like to be able to define a parameter to cause a report of recent usage at each login. I'd also like to receive a periodical hardcopy report of usage automatically. 4) As a user of many different systems, but only few I use very frequently, I would like the password to change after a certain short time period of nonuse (say a week) to another, much longer password I get to define for that purpose. That way, my "dormant" accounts could be protected by a verse of my favorite poem or song, something not very easy to crack, but very annoying to type when the account is used frequently but acceptable when used rarely. 5) I'd like to be able to "booby-trap" certain commands, so that their use would cause a prompt for a different password, which if missed, would cause a "security-violation" resulting in deactivation of the account. The command listing the complete directory would be a good candidate. Along with that booby-trap I'd like to be able to define a "personal" alias-name for the booby-trapped command, which would avoid that I'd have to provide the password. Of course these are just half-baked ideas, so, please, don't critisize them "too" severely, but, on the other hand, maybe, contributing them will result in some improvements somewhere ( pleaes make footnotes in the documentation giving me credit :-) ) In summary, I certainly agree with the statements in Greg's message yesterday, in that I find the password-security set-up in systems I know "primitive" and lacking imagination. Seems as if nobody ever tried to improve on the simplistic set-ups inherited from the early systems. The cause, I believe, is that managers with the power (and, ergo, responsibility) to change Operating Systems, have not had their nose rubbed on the grind-stone of criticism enough to make them assign a wizard to improve things. I think most of us, given the task, could implement significant improvements. Unfortunately, it seems, that the manager's manager, would need to have a "technical" understanding to cause that to happen. Possibly, we are talking here of such "elevated" managerial levels, who do not get reprimanded ever, but reassigned or retired, at most, and who need an technical assistant for any topic not involving use of the company plane. There you have it. Always abrasive before my first cup of coffee ... UUCP: ut-ngp!werner via {decvax!eagle, ucbvax!nbires, gatech!allegra!eagle, ihnp4, kpno!ut-sally} or ihnp4!kpno!utastro!werner ) ARPA: werner@ (utexas or utexas-20 or ut-ngp) ------------------------------ Date: Thu 15 Dec 83 13:47:51-PST From: Richard Treitel Subject: password choice Other variations on the scheme mentioned by REM (I think) include taking a real word, or proper name, and permuting the letters, or replacing each by the next letter in the alphabet, or running the first half of one word together with the second half of another (as long as they aren't your parents' first names, I suppose). I favour permuting the letters in such a way as to produce an easily pronounceable, or rememberable, or typeable result. It's usually easy. - Richard Before you start trying to guess my password, be warned that the word[s] out of which it was constructed are (i) proper names; (ii) not English; (iii) not personally connected with me, but with an organisation I used to belong to; (iv) most members of that organisation are not themselves aware of the connection; (v) not all of (i)-(iv) are true anyway. ------------------------------ Date: 11 December 1983 19:01 est From: DBrown.TSDC at HI-MULTICS Subject: Block Modelling for detecting cliques Well, it could work quite nicely if you don't have a "bcc" command in your mailer. I send mail to "person", cc to "associates" and bcc to "my clique". Bcc means *blind* cc to my mailer, and so the mail carries only the "to" and "cc" addresses, never the "bcc" ones. --dave (cliques? I don't belong to any cliques!) brown ------------------------------ Date: 12-Dec-83 12:04 PST From: Kirk Kelley Subject: augmented global consciousness Lets call the process of creating and maintaining the available knowledge, about the processes controlling the earth, the "global consciousness". If we add techniques and methodologies for increasing the capabilities of this process, we have an "augmented global consciousness". The use of "augment" comes from Doug Engelbart's experiments to augment the human intellect that led to the invention of the mouse, etc. Given that we live in a unique time in the history of communication, and many of us occupy a unique position for shaping the future development of communication technology, it may be important for us to ask, "What techniques and methodologies would lead to the most viable global consciousness?" To begin a means of focussing R&D on this and related questions, what if as many of us from around the world as is feasible, collaborated on a project to simulate the life-time of the collaboration? Such a simulation would involve potentially infinite refinement of a model for testing a potentially infinite supply of theories and proposals that could range from third world modems to the global mean temperature and human mortality rates. Simulation, for all its faults, is most useful when focusing research for a decision analysis and as such could provide a key methodology for a viable global consciousness. The project itself would be a form of global consciousness, augmented by the tools of tele-collaborated simulation. It would be asking itself if itself could become a viable form of global consciousness. Does any of this make sense so far? -- kirk ------------------------------ Date: Thu, 15 Dec 83 10:26:01 EST From: A.S.Sethi Subject: Traffic Problems caused by Mailing Lists The traffic problem mentioned in today's digest in connection with the Human-nets/USENET gateway is caused because hundreds of copies of the same digest are mailed individually to recipients on another network via a common gateway. As mailing lists grow, and as more networks are interconnected, this problem is bound to increase. Even within a single network, there is a waste of resources when many recipients on the same host receive separate copies of the same digest which have travelled independently over the network. This problem could be solved if the mailing system were redesigned to send only one copy of a message for multiple recipients sharing a common path (e.g. host, gateway, etc.). The message would carry a list of addresses, and the host, gateway, etc. would make multiple copies and fork them out on the different paths. This scheme could be extended to create a hierarchy of forks in the form of a tree to take maximum advantage of common paths. ------------------------------ Date: Thu, 15 Dec 83 16:20:57 pst From: dual!fair@Berkeley Subject: Re: HUMAN-NETS Digest V6 #82 Re: USENET Gateways OK, here's the scoop: For a long time Berkeley was the primary USENET <-> ARPANET gateway, dating back to the days when @BERKELEY meant the INGRES project PDP-11/70 running V6 UNIX, and talking to Ernie CoVax over a 9600 baud BerkNet link. At the present time, Berkeley is serving as a mail gateway only, primarily because the netnews software is broken, and there is no one especially inclined to fix it. By & large, most USENET people have been good about not directly subscribing to ARPAnet digests, so excessive traffic has not been a problem, except in a few isolated cases. Right now, SRI-UNIX is serving as a USENET gateway for news articles and digests, with some exceptions. The only articles that we have in digest form (the `fa' groups) are from these two addresses: dual!amd70!decwrl!decvax!brl-bmd!Human-Nets-Request@rutgers dual!amd70!decwrl!decvax!brl-bmd!Telecom-Request@usc-eclc Clearly, we have been getting HUMAN-NETS and TELECOM through BRL-BMD, although I don't know if they're forwarding at this very moment... Things like net.micro (INFO-MICRO) are being gatewayed on a per letter basis, since the ARPAnet side isn't digested. Mike Muuss, are you listening? On a slightly related subject, is there any hope of ARPA officially recognizing an organized anarchy that is slowly infesting its beautiful INTERNET? I find it very amusing to note that CSNET, an officially recognized network has two gateways, and USENET/UUCP, a `no-one-but-us- chickens' network, has about twenty (or so) gateways to the INTERNET. networks are so much FUN, Erik E. Fair ucbvax!fair fair@ucb-arpa.ARPA fair@dual.UUCP.BERKELEY.ARPA (maybe?) dual!fair@BERKELEY (yes!) {ucbvax,amd70,zehntel,unisoft,onyx,its}!dual!fair Dual Systems Corporation, Berkeley, California ------------------------------ Date: Tue, 20 Dec 83 8:21:07 EST From: Mark S. Day Subject: EPROMs victim of newspeak? After the "cellular radio" debacle (a news writer claiming that cellular radio was so named for the power cells used) I noticed another example of the butchery of technology by writers not doing their homework (I think). >From the Boston Globe, December 15, 1983: IS OUTER SPACE READY FOR 'NEW WAVE RUBY FALLS?' [An article describing the plans of Joseph Davis to put a package on board the space shuttle to paint the sky using ion beams] [...] Davis says it will all fit, thanks to technological miniaturization. For instance, the 14-step program necessary for the project to function is contained entirely on a single E-prong computer chip. [...] Is there actually such a thing as an E-prong chip, or is it a sound-alike for EPROM (Erasable Programmable Read-Only Memory)? Ever vigilant, --Mark ARPA: mday@BBN-UNIX USENET: ...ihnp4!decvax!bbncca!mday ------------------------------ End of HUMAN-NETS Digest ************************