Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP Path: utzoo!mnetor!seismo!rutgers!ames!amdcad!amd!intelca!mipos3!cpocd2!howard From: howard@cpocd2.UUCP (Howard A. Landman) Newsgroups: comp.arch,comp.org.usenix Subject: Re: Benchmarking the 532, 68030, MIPS, 386...at a Usenix! Message-ID: <691@cpocd2.UUCP> Date: Tue, 19-May-87 18:01:27 EDT Article-I.D.: cpocd2.691 Posted: Tue May 19 18:01:27 1987 Date-Received: Sat, 23-May-87 10:10:34 EDT References: <324@dumbo.UUCP> <809@killer.UUCP> <2417@homxa.UUCP> Lines: 68 Xref: mnetor comp.arch:1371 comp.org.usenix:198 Reply-To: howard@cpocd2.UUCP (Howard A. Landman) Organization: Intel Corp. ASIC Services Organization, Chandler AZ Lines: 63 Xref: mipos3 comp.arch:1331 comp.org.usenix:182 >In article <826@rtech.UUCP> daveb@rtech.UUCP (Dave Brower) writes: >>At last winter's Uniforum, I went around to a number of booths trying to >>run the infamous >> /bin/time bc << ! >> 2^4096 >> ! >>At a distressing number of places the sales creatures in the booth would >>say things like, "I don't believe we're interested in running any >>benchmarks today. Let me show you vi." Now there are some good reasons >>for this, but it sure sounded like there was something being hidden. In article <4329@nsc.nsc.com> grenley@nsc.UUCP (George Grenley) writes: >No, they just don't want to risk a system crash, or other malicious use. >Most show-people aren't Unix gurus, and are hesitant to let a hacker play >with the system on the show floor. > >There are a lot of *ssholes at tradeshows who delight in trying (and >succeeding, occasionally) in crashing systems. Personally, I never let >such a person near a machine, period, no matter how much he protests >the "innocence" of his program. I'm glad SOMEONE has a way to tell a customer from an *sshole. ;-) At Electro a few years back, I was allowed to type on a teensy UNIX box in someone's booth. I decided to see if there was anyone else logged on (it was claimed to be a multi-user system, and there were other terminals scattered about) and try "write" or "talk". There was only one user logged in, however: "root". This kind of idiocy is probably why many "malicious" crashes occur. Far too many sales people leave themselves logged in as root so they don't ever run into permission problems. I was almost tempted to do "rm -r /". DEC uVAX-IIs come from the factory with an account "field" that has no password and has root privileges. I found several machines at DAC last year which still had that account active, with no password, and random users were logging in on them. All it would have taken is "cat /etc/passwd", and ... Also at last year's DAC, it was lots of fun hanging around the booth of a Very Very Large Computer Company and watching their so-called RISC workstation crash. For example, their csh crashed when fed "set i = 1; @ i++; echo $i", which should simply echo "2". (It's the @ i++ that died. To be fair, the latest release of their OS fixes this bug.) And they left one machine dead with a panic message on its screen for over 10 minutes before one of the sales people noticed me peering at it; his solution was to stand between me and the screen! No *ssholes were required, just bugs! A computer needs to be *RELIABLE*. You find out how reliable by, among other methods, stress testing the system, trying to exercise *ALL* the features, not just the ones in the canned demo. If I can crash a system in five minutes doing things that are normal, legal, and *NECESSARY* for everyday function, then I know it can't possibly be reliable. Does this make me malicious? I am reminded of the account in Richard Feynman's biography of his exploits as an amateur safecracker. Once, he told a military officer that his security procedures were lax, because it was possible to figure out the combination of a safe by playing with it while the door was open. He then recommended that people be told to keep their safes closed except when necessary. The officer's solution to the problem was to tell everyone in the facility to change their lock combination each time Feynman had been seen in their area! -- Howard A. Landman ...!intelca!mipos3!cpocd2!howard howard%cpocd2%sc.intel.com@RELAY.CS.NET "You just ask them?"