The 'Security Digest' Archives (TM)

Archive: About | Browse | Search | Contributions | Feedback
Site: Help | Index | Search | Contact | Notices | Changes

ARCHIVE: 'Phage List' - Archives (1988 - 1989)
DOCUMENT: phage #084 [some points to make with the media] (1 message, 1349 bytes)
NOTICE: recognises the rights of all third-party works.


From: bzs@bu-cs.BU.EDU (Barry Shein)
To: phage
Date: Sun 23:54:11 06/11/1988 EST
Subject: some points to make with the media
References: [Thread Prev: 081] [Thread Next: 102] [Message Prev: 132] [Message Next: 085]

I have sort of a half-developed thought that this is bringing out,
perhaps there's something here and needs to be expressed to the press.

I expect that the Unix-haters will be howling about this whole affair
(I've already countered a comment by Ken Olsen in the press with some
of what appears below.) "Unix isn't secure" etc (my first reaction
when I heard about it was "uh oh, must be a VMS tiger team", joke...)

In counter to that sort of thing I would offer the following:

1. Most major operating systems have had these problems in the past
few years (eg. the SPANnet thing with VMS, the DOS viruses etc.)

2. The fact that Unix runs on several hardware platforms provided a
major clue as to what the problem was, particularly when the same worm
caused one machine's fingerd to fork programs and another's to crash.

More importantly, the observation that some Unix systems which
obviously should have been attacked seemed immune was a big clue that
binary code was involved somewhere. Homogeneous systems would not have
provided these clues.

It also meant that people, in an emergency, could be switched to
unaffected hardware platforms in many cases (eg. even if just to get
back on the nets and find out what was happening while their affected
machines were shut down), they knew how to use those machines, they
ran Unix. Same for affected staff (there must be anecdotes like that
out there.)

3. The fact that Unix is widely distributed in (useful) source form
allowed an enormous amount of talent to come to bear on analyzing and
stopping this thing. It also greatly amplified the efficacy of sending
out fixes and validating them.

4. Due to Unix's multi-vendor acceptance there is a great deal of
motivation on the part of the entire industry to improve security and,
hopefully, share fixes in the future.

Encore's machines (eg) were by and large immune yet the concern was
sincere that the image of Unix might be unfairly tarnished and we, as
well as others, could only be harmed by this whole event. The fact
that some vendor's systems were immune (this time) was no comfort,
there was a much bigger issue involved.

	-Barry Shein, ||Encore||