Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Posting-Version: version B 2.10.3 alpha 4/15/85; site ucbvax.ARPA
Path: utzoo!watmath!clyde!burl!ulysses!ucbvax!info-vax
From: info-vax@ucbvax.ARPA
Newsgroups: fa.info-vax
Subject: Re: Secure-server and autobaud
Message-ID: <7464@ucbvax.ARPA>
Date: Fri, 24-May-85 15:21:42 EDT
Article-I.D.: ucbvax.7464
Posted: Fri May 24 15:21:42 1985
Date-Received: Sat, 25-May-85 08:15:36 EDT
Sender: daemon@ucbvax.ARPA
Organization: University of California at Berkeley
Lines: 16

From: Gail Rubin <grubin@bbn-spca>

The reason for this feature is to avoid the problem of someone writing
a program that LOOKS LIKE LOGINOUT and thereby capturing account names
and passwords. At secure sites, users are supposed to type BREAK before
starting the login sequence to make sure they are talking to the real
LOGINOUT, not some program.

I'm sure this MUST be documented somewhere; I know I heard it many times
before vms 4 came out. Probably in some section on security, or the release
notes.

-- Gail Rubin
(GRubin @ bbn-spca or @bbn-unix)

See you at Decus.