Re: Hey old people

[Roland Dobbins <rdobbins () cisco com>]

Along those lines, wouldn't the Enigma-machine bugs which allowed  
decryption of German communications during WWII be considered  
germmane (pardon the pun)?  There was even a hardware-swapout  
involved, of new rotors.

Same for the Japanese machines which were used to encipher their  
diplomatic traffic using the 'Purple' code.

The mistake of re-using the same one-time pads by the NKVD (later  
KGB) during WWII and afterwards, which led to the successful  
decryption of what came to be called the Venona transcripts.

It's also arguable that the use of clear-text messaging by the  
Confederacy during the American Civil War led directly to the South  
losing the war.  In 1862, the interception of Special Orders 191 by  
the 27th Indiana Infantry (the orders were accidentally dropped by a  
courier, who had used them to wrap some cigars) gave away Lee's plan  
for the invasion of Maryland, which was intended to shock the North  
into asking for terms.  Due to the intelligence gleaned from the  
intercept, the Union army halted Lee's advance at Sharpsburg, and  
forced the Confederate army back across the Potomac, thus ending  
Lee's hope to knock the Union out of the war early on via 'shock and  
awe'.


On Dec 21, 2005, at 12:45 PM, Brown, James wrote:

> Along about 1975 I remember hearing about an issue with IBM punch  
> cards.
> Phone bills in those days arrived with a punch card in the  
> envelope.  You wrote
> your check, and put it in the return envelope along with the punch  
> card that
> had your account number and bill amount.
>
> Seems some enterprising soul took his card to the puch card  
> terminal and
> put in the IBM EOJ  (end of job) character before sending it in,  
> stopping the
> entire billing run.  I don't know if this is true, but seems  
> plausible given the
> state of 'data validation' back then.  Can anyone verify this?
>
> I remember this whenever I hear about 'smart cards' and stuff like  
> that.
>
> Best Regards,
> Jim B.
>
>
> From: funsec-bounces () linuxbox org on behalf of Blue Boar
> Sent: Wed 12/21/2005 1:44 AM
> To: funsec () linuxbox org
> Subject: [funsec] Hey old people
>
> http://www.osvdb.org/blog/?p=77
>
> Any of you guys remember any really old vulnerabilities?
>
>                                         BB
> _______________________________________________
> Fun and Misc security discussion for OT posts.
> https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
> Note: funsec is a public and open mailing list.
>
>
>
> Note: The information contained in this message may be privileged  
> and confidential and protected from disclosure. If the reader of  
> this message is not the intended recipient, or an employee or agent  
> responsible for delivering this message to the intended recipient,  
> you are hereby notified that any dissemination, distribution or  
> copying of this communication is strictly prohibited. If you have  
> received this communication in error, please notify us immediately  
> by replying to the message and deleting it from your computer.  
> Thank you. ThruPoint, Inc.
>
> _______________________________________________
> Fun and Misc security discussion for OT posts.
> https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
> Note: funsec is a public and open mailing list.

--------------------------------------------------------------------
Roland Dobbins <rdobbins () cisco com> // 408.527.6376 voice

 Algorithm agility is an essential feature in any Internet protocol.

                     -- Bruce Schneier



_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.