Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP Path: utzoo!utgpu!water!watnot!watmath!clyde!cbatt!ucbvax!usenet From: usenet@ucbvax.UUCP Newsgroups: mod.protocols.tcp-ip Subject: Re: My Broadcast Message-ID: <12292273571.8.MRC@PANDA> Date: Mon, 6-Apr-87 02:15:26 EST Article-I.D.: PANDA.12292273571.8.MRC Posted: Mon Apr 6 02:15:26 1987 Date-Received: Wed, 8-Apr-87 00:25:16 EST References: Distribution: world Organization: The ARPA Internet Lines: 52 Approved: tcp-ip@sri-nic.arpa Dan - I'm afraid you (and I, and any of the other old-timers who care about security) are banging your head against a brick wall. The philsophy behind Unix largely seems quite reminiscent of the old ITS philsophy of "security through obscurity;" we must entrust our systems and data to a open-ended set of youthful hackers (the current term is "gurus") who have mastered the arcane knowledge. The problem is further exacerbated by the multitude of slimy vendors who sell Unix boxes without sources and without an efficient means of dealing with security problems as they develop. I don't see any relief, however. There are a lot of politics involved here. Some individuals would rather muzzle knowledge of Unix security problems and their fixes than see them fixed. I feel it is *criminal* to have this attitude on the DDN, since our national security in wartime might ultimately depend upon it. If there is such a breach, those individuals will be better off if the Russians win the war, because if not there will be a Court of Inquiry to answer... It may be necessary to take matters into our own hands, as you did once before. I am seriously considering offering a cash reward for the first discoverer of a Unix security bug, provided that the bug is thoroughly documented (with both cause and fix). There would be a sliding cash scale based on how devastating the bug is and how many vendors' systems it affects. My intention would be to propagate the knowledge as widely as possible with the express intension of getting these bugs FIXED everywhere. Knowledge is power, and it properly belongs in the hands of system administrators and system programmers. It should NOT be the exclusive province of "gurus" who have a vested interest in keeping such details secret. -- Mark -- PS: Crispin's definition of a "somewhat secure operating system": A "somewhat secure operating system" is one that, given an intelligent system management that does not commit a blunder that compromises security, would withstand an attack by one of its architects for at least an hour. Crispin's definition of a "moderately secure operating system": a "moderately secure operating system" is one that would withstand an attack by one of its architects for at least an hour even if the management of the system are total idiots who make every mistake in the book. -------