funsec mailing list archives

Re: Hey old people

From: Tom Van Vleck <thvv () multicians org>
Date: Thu, 22 Dec 2005 15:27:37 -0500

On Dec 21, 2005, at 12:48 PM, Blue Boar wrote:

Valdis.Kletnieks () vt edu wrote:
Certain larger models of the IBM S/360 had "imprecise interrupts"- meaning that
a program check could be recognized after the instruction had already
completed. This was particularly a problem on the mod 95, whichhad a 6-deep instruction
Now you're talking! In fact, I have a reference to a vulnerabilitythat sounds just like what you describe, but it doesn't name the OSor hardware. Do you know if the problem was *known* in '69? Doyou have any kind of documentation that was written up at thetime? Sounds like you know it yourself pretty well... possiblyyour word might qualify.
Alternately, anyone have a copy of this?
Goheen, S.M., and Fiske, R.S., OS/360 Computer Security PenetrationExercise, Mitre Corp., Bedford Mass., October 1972.
(Christie at Mitre is supposed to be looking for us... but in caseany of you have it handy, or you know... over in the universitylibrary ;) )


Wow. Bob Fiske was one of my room mates freshman year at MIT (1961).
And another friend of mine dated Goheen.

These are not nearly old enough though.
But one gets into the question of the definition of vulnerability.
e.g. it was well known that one could disable the 7094 FMS supervisor's
job time limit counter and accounting by storing zero in a certain

location in core. (No, I'm not going to say which one on an openchannel.)

That was a vulnerability in a system with no memory protection where
only one job was running at a time, circa 1962.

A little later, there was a documented bug in CTSS where programs
that increased their memory allocation size would get non-zeroed core.
So a programmer in the system group wrote a little program to start
small, get big, scan its new memory for passwords.  Quickly got root,
that is, Dick Mills's password.  This would be 1965 or so.

You folks have looked at Donn Parker's book, right, and you are looking
for things earlier than his earliest?



_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.

Current thread:

Re: Hey old people, (continued)
- - Re: Hey old people Blue Boar (Dec 21)
    - Re: Hey old people Roland Dobbins (Dec 21)
    - Re: Hey old people Blue Boar (Dec 21)
    - Re: Hey old people David Lodge (Dec 21)
    - Re: Hey old people Blue Boar (Dec 21)
    - Re: Hey old people Roland Dobbins (Dec 21)
    - Re: Hey old people Blue Boar (Dec 21)
    - Re: Hey old people Tom Van Vleck (Dec 22)
    - Re: Hey old people Drsolly (Dec 21)
    - Re: Hey old people Valdis . Kletnieks (Dec 21)
    - Re: Hey old people Tom Van Vleck (Dec 22)
    - Re: Hey old people dudevanwinkle () gmail com (Dec 22)
    - Re: Hey old people Blue Boar (Dec 22)
    - Re: Hey old people Drsolly (Dec 22)
    - Re: Hey old people Roland Dobbins (Dec 22)
    - Re: Hey old people Tom Van Vleck (Dec 22)
- Re: Hey old people David Dagon (Dec 21)
- RE: Hey old people Brown, James (Dec 21)
  - Re: Hey old people Roland Dobbins (Dec 21)
    - Re: Hey old people Blue Boar (Dec 21)
  - Re: Hey old people Jeff Kell (Dec 21)

(Thread continues...)