----MESSAGE-BEGIN---- [9010020211.AA04777@ucbarpa.Berkeley.EDU] <1990100201555200> From: hobbit@PYRITE.RUTGERS.EDU (*Hobbit*) Newsgroups: misc.security Subject: Another long hiatus Message-ID: <9010020211.AA04777@ucbarpa.Berkeley.EDU> Date: 2 Oct 90 01:55:52 GMT Sender: daemon@ucbvax.BERKELEY.EDU Organization: The Internet Lines: 47 Approved: security@rutgers.edu Posted: Tue Oct 2 02:55:52 1990 I have been very busy moving my entire life and stuff to Boston, and have had utterly *no* time to deal with the list for the last few weeks. I now intend to shovel out all the back messages, but I wanted to ping the readership at large first and get a few opinions about the relative worth of keeping this list going. I have often toyed with the idea of just taking it down completely. I seem to be perpetually too busy to get things out on what you'd call a timely basis. More importantly, most of the recent submissions seem to either be about things that have been discussed in the past, or are questions about very specific and narrow fields of interest that often serve to only confuse the readers who don't know anything about it. Many questions could be answered by digging around through the archives, which are all still online from the lists's inception. Over the years a fairly useful body of knowledge has been captured there, and it's been my suspicion that we've just sort of reached our horizon of getting new knowledge into there. I could be quite wrong about this since new security topics are always coming out, but I see definite repeating patterns here. The other thing is that there is now this alt.security newsgroup. This is a completely unmoderated instant-turnaround group, which sort of flies in the face of this list's original philosophy. Any clown could send in "gee, I found this really cute hole under Buglix 5.2 and here's how to reproduce it", raising a certain flame war as well as possible liability issues or at least the wrath of local system folks. Moderation, it was hoped way back when, was one way to avoid this sort of thing. I even took pains to run the list in such a way that someone couldn't just "VRFY security-outbound" or some such and obtain the distribution list for themselves. Of course anyone could send this sort of message to just about any group, so the question here is: Just what does a moderated list do for people? Should it remain moderated? I have noticed that the signal-to-noise ratio on alt.security is at the typically low Usenet-like level. I do reject a good proportion of mangled, irrelevant, stupid, or redundant messages, but being such a filter is a rather tedious job even with a multitude of tools at one's disposal. So I solicit opinions from the readership. Should the security list become an unmoderated reflector? Should it just shrivel under the onslaught of alt.security and just vanish, leaving only its archives? Should the task [and I don't use the word lightly] of moderation pass on to someone else with more time to do it? I do wish I had the time to do as thorough a job as, say, PGN with RISKS; but with new locations and new jobs and scads of loose ends to wrap up such is not to be the case. Suggestions and such will be accepted at my address, security, security- request, etc; it all points to my mailbox anyway. _H* ----MESSAGE-END---- ----MESSAGE-BEGIN---- [9010192358.AA24764@ucbarpa.Berkeley.EDU] <1990100916334600> From: blk@MITRE.ORG (Brian L. Kahn) Newsgroups: misc.security Subject: Burglar resistance Message-ID: <9010192358.AA24764@ucbarpa.Berkeley.EDU> Date: 9 Oct 90 16:33:46 GMT Sender: daemon@ucbvax.BERKELEY.EDU Organization: The Internet Lines: 25 Approved: security@rutgers.edu Posted: Tue Oct 9 17:33:46 1990 I am interested in making my house resistant to breaking and entering, as opposed to detecting the same with an alarm system. * I am considering burglar bars on the basement casement windows. The main drawback seems to be fire exit. These bars swing open, and are secured with a lock (on the inside). I'm not too concerned about fire exit in this case because the windows would be very difficult to use due to small size and height from the floor, so an extra 30 seconds to unlock seems minor. I'm not sure how strong the wood casement that holds the bars is, however, so this might be more show than effect. * Traditional wood frame doors seem pretty wimpy. Our main doors are kind of drafty in the winter, too. I think I'll put in steel doors/frames with deadbolts. Might pay for themselves after a few winters. * What about the windows? I just saw a reference to mylar security film - anyone know what this is? I don't want bars on the real windows, and plastic plates (lucite?) with explosive bolts for fire exit sounds like too much trouble. The first floor windows on this house are about six feet up from the ground - how vulnerable is this in reality? -- B< Brian Kahn blk@security.mitre.org "may the farce be with you" ----MESSAGE-END---- ----MESSAGE-BEGIN---- <1990101113151900> From: *Hobbit* 12-OCT-1990 22:25:19 To: security Subj: [823] the results are in I got a lot of answers to my ping. Surprise! 55 for keeping the list going, moderated or not [!!] 4 for punting maybe half a dozen "undecided" ... and several vague alternative suggestions, such as "occasional" moderating, finding another moderator, etc. I am quite frankly utterly bowled over -- I didn't really think there was that much support out there! This, coupled with feeling more "settled in" at this point and actually having some time to read my mail and deal with it, tells me that it's to everyone's benefit to continue the list as is. Those of you who felt I should hang it up can always ask to be removed. So things will start flowing again; you'll see a lot of old msgs at first. I may have to fake out the dates on them to get them through various peoples' news systems. Thanks, folks! _H* ----MESSAGE-END---- ----MESSAGE-BEGIN---- <1990101513564400> From: 34AEJ7D@cmuvm.bitnet 16-OCT-1990 23:06:44 To: SECURITY Digest Subj: [212] Re: criminal record >[Moderator tack-on: Speculation is fine, but that's all anyone has sent >in so far. Does anyone have *FACTS* about this? _H*] FACT: They are required by law to respond to a Freedom of Information request. ----MESSAGE-END---- ----MESSAGE-BEGIN---- <1990101514342100> From: rsiatl!jgd@emory.mathcs.emory.edu (John G. DeArmond) 16-OCT-1990 23:44:21 To: misc-security@samsung.com Subj: [414] Public key encryption code needed I'm looking for an implementation of a public key encryption system. I'm not particular to RSA, though that would be fine. Absolute security is not an issue; I simply need to avoid administering a large private key database for a project I'm working on. Either PD or commercial code is OK, though for commercial code, I will require a source license. Any pointers would be appreciated. Thanks in advance John ----MESSAGE-END---- ----MESSAGE-BEGIN---- <1990101515090900> From: jik@athena.mit.edu (Jonathan I. Kamens) 17-OCT-1990 0:19:09 To: security@pyrite.rutgers.edu Subj: [508] AFS and Kerberos A recent posting in this newsgroup claimed that AFS, as shipped by Transarc, does not support Kerberos authentication. In fact, AFS 3.0 *does* support Kerberos authentication, although it can also run without it. For more details, contact Transcarc. (I am not affiliated with Transarc in any way, other than as a user of AFS.) Jonathan Kamens USnail: MIT Project Athena 11 Ashford Terrace jik@Athena.MIT.EDU Allston, MA 02134 Office: 617-253-8495 Home: 617-782-0710 ----MESSAGE-END---- ----MESSAGE-BEGIN---- <1990101515372300> From: dhunt@nasamail.nasa.gov (DOUGLAS B. HUNT) 17-OCT-1990 0:47:23 To: Subj: [602] break-in detection Unfortunately, experience on the SPAN network, for example, shows that most "break-ins" require no "breaking" to speak of. They are the result of users with easily guessed account names and passwords, passwords the same as account names, and system managers who leave the default maintenance passwrods active after installing their systems. Detecting these may be virtually impossible with a careful hacker. Most often you will see the trail of failed access attempts if they roam around the system trying to nose into files. blessings and good luck -- Doug Hunt Planning Research Corporation ----MESSAGE-END---- ----MESSAGE-BEGIN---- <1990101714440400> From: wb8foz@mthvax.cs.miami.edu (David Lesher) 18-OCT-1990 23:54:04 To: security@pyrite.rutgers.edu Subj: [555] Re: cheap Master combo lock If you want a real padlock, I recommend the GSA approved S&G 8770. This a 3 digit combination lock, and each one comes with a change key. (BTW anyone want a few, maybe more than a few?;_] ) ISTM that is presently the ONLY combo padlock approved for the storage of classified. -- A host is a host from coast to coast.....wb8foz@mthvax.cs.miami.edu & no one will talk to a host that's close............(305) 255-RTFM Unless the host (that isn't close)......................pob 570-335 is busy, hung or dead....................................33257-0335 ----MESSAGE-END---- ----MESSAGE-BEGIN---- <1990101715141800> From: katzung@i88.isc.com (Brian Katzung) 19-OCT-1990 0:24:18 To: misc-security%munnari.OZ@uunet.uu.net Subj: [181] Maxi-Guard electro-block hood lock Beware of these nasty little devils. If the clamps that hold the hood release cable sheath let the sheath slip, you can't open your hood. -- Brian Katzung katzung@i88.isc.com ----MESSAGE-END---- ----MESSAGE-BEGIN---- <1990101715420100> From: mark@cbfsa.att.com (Mark R Horton) 19-OCT-1990 0:52:01 To: security@rutgers.edu Subj: [448] Re: cheap Master combo lock It used to be that there were only 100 possible combinations for those locks, relative to the final number which could be easily determined. A skilled person (such as a typical high school student) could run through all 100 in under 5 minutes, using a simple trick. In high school I saw this technique used to borrow a locked ladder to retrieve an errant ball from the gym roof! This was in the early 70's. Did Master ever improve this? Mark ----MESSAGE-END---- ----MESSAGE-BEGIN---- <1990101716090100> From: dalley@vicom.com (Kevin Dalley) 19-OCT-1990 1:19:01 To: misc-security@ames.arc.nasa.gov Subj: [988] Re: criminal record Try the following book: Marwick, Christine M., _Your Right to Government Information_, New York, NY: Bantam Books, 1985. It an ACLU book; you can order it from them if you have their address. The FBI address is Director Federal Bureau of Investigation ATTN: FOIA and Privacy Acts Branch Washington, DC 20535 (202) 324-5520 Under the Freedom of Information Act, the government can charge you a fee for the materials, but more information is available than under the Privacy Act, which can only charge actual costs of copying records. And yes, some agencies will open a file on you if you request information on yourself, though the information in this file is probably limited to the request itself. This book includes sample letters and much more information than I am willing to type in at this time. Of course many agencies other than the FBI may also have information on you. Happy searching. -- Kevin Dalley dalley@vicom.com -or- ...{ ames | apple | sun }!vsi1!dalley ----MESSAGE-END---- ----MESSAGE-BEGIN---- <1990101716324300> From: Ted_Anderson@transarc.com 19-OCT-1990 1:42:43 To: misc-security@ucbvax.berkeley.edu, krfall@ucsd.edu Subj: [1426] Re: "secure nfs" Cc: Craig_Everhart@transarc.com, Mike_Kazar@transarc.com A recent message in this newsgroup regarding Kerberos support in AFS 3.0 was recently brought to my attention. Though I don't regularly read this group I thought it would be helpful to post a correction. I wrote the Authentication Server which is contained in version 3.0 of AFS. The server is RPC based and thus does not look exactly like a Kerberos server; perhaps this is the source of the confusion. However, inter- operability with Kerberos from MIT's Project Athena was one of our primary concerns. To this end, our server uses the Kerberos V4 ticket format and exports the same UDP interface for the authentication and ticket granting services. The admin services are only available via RPC and so these do not match the usual Kerberos semantics. The file servers use Kerberos tickets which can come from either our Auth Server or from a standard Kerberos server. What MIT has done is write a program which copies a ticket for the afs server obtained from their Kerberos server and copies it into the kernel. This allows the cache manager (client side of the file server) to use it when fetching files from the file server. As far as I am aware, MtXinu is distributing a Mach version of AFS 3.0 which has the same behavior WRT Kerberos. Indeed, AFS 4.0 will use Kerberos V5 tickets. I hope this clears up any confusion regarding this issue, without being too long winded. Ted Anderson Transarc Corporation ----MESSAGE-END---- ----MESSAGE-BEGIN---- <1990101717003700> From: nancy!wsrcc!wolfgang@uunet.uu.net (Wolfgang S. Rupprecht) 19-OCT-1990 2:10:37 To: misc-security@wsrcc Subj: [1404] Re: cheap Master combo lock >Use the hacksaw. If it's a cheap Master lock you should be able to cut >through it in under five minutes. Five minutes? You can pick a Master (keyed) padlock in 1/5 that time. They are only 4 pin locks, and the pins are so sloppy that they make a great "learning" lock. The reason that Master's pick so easily is that they made an interesting (but poor, in my opinion) design decision. The Master's I've seen have a two diameter top pin. cylinder split end --- | | | | | | | | | | ----- Spring end The reduced diameter section makes you pick the pins twice. This means that for a four pin lock you must pick the equivalent of an eight pins lock. This is good. The problem is that the first stage picking is trivial - the reduced diameter section is so tall compared to the normal tolerance of a split. The second stage picking is aided by the pin itself. It stops moving up when you get to the right place. Good grief. The moral, buy a real lock for anything you want to secure. Often one can re-pin a cheap lock with mushroom pins or pins with a set of kerfs cut in them to thwart picking. If customers stop buying junk like master padlocks, then we will see a growing trend towards locks that really work. -wolfgang -- Wolfgang Rupprecht uunet!{nancy,usaos,media!ka3ovk}!wsrcc!wolfgang Snail Mail Address: Box 6524, Alexandria, VA 22306-0524 ----MESSAGE-END---- ----MESSAGE-BEGIN---- <1990101717280700> From: "Roger D. Parish" 19-OCT-1990 2:38:07 To: security@pyrite.rutgers.edu Subj: [1943] RSCS Security PRPQ Cc: jej@chinet.chi.il.us In response to the infamous CHISTMAS CARD exec, IBM developed and has now made available as a PRPQ what they term the File Safestor Facility, PRPQ# P81061. Its a no-cost PRPQ that "is a file receipt discipline which guards a user's environment from being changed inadvertently. As such it provides some protection against computer virus-type attacks. (It) flags a file's entrance into a given system (while still in the VM RDR) and "safely" stores it onto disk with the filetype inverted (spelled backwards). Inverting the filetype renders the file non-executable and protects the user against the inadvertent execution of that file and possible propagation of the file to other systems." Another free PRPQ is number P81067, the Gateway Security Modifications. "The Gateway Security Modifications system ... force it (RSCS) to consult a security table for every attempted transaction. The only transactions that are not checked for security are commands issued from the RSCS console, and commands and messages from other RSCS operators to the local RSCS operator console. An RSCS Operator is a user who has an AUTH statement in the RSCS CONFIG file of the Gateway Security Modifications. The last PRPQ is P81068, Selective File Filter. "Upon identifying undesirable files on a selective file filter node, an authorized operator or support programmer can create and update a lookup table containing file name and file type of files deemed undesirable. The lookup table will be updated via a new RSCS command BADFILE. The lookup table is searched every time a file arrives in the RSCS' reader. If the file name and file type are found in the table, the file will be either purged or trandferred to the security machine, and a file counter, identified as potential virus files, will be incremented." It wasn't mentioned in the original request, but there is also a PRPQ for Passthru, #P81070, Access Security Exits. I hope this helps. ----MESSAGE-END---- ----MESSAGE-BEGIN---- [9011071737.AA18557@ucbarpa.Berkeley.EDU] <1990101717510000> From: MALRJ@indsvax1.BITNET Newsgroups: misc.security Subject: RE: break-in detection Message-ID: <9011071737.AA18557@ucbarpa.Berkeley.EDU> Date: 17 Oct 90 17:51:00 GMT Sender: daemon@ucbvax.BERKELEY.EDU Organization: The Internet Lines: 8 Approved: security@rutgers.edu Posted: Wed Oct 17 18:51:00 1990 This is too true. At my site, users often go without passwords if they are not installed... but I am in my own group and have my umask set too 077, so... A user shouldn't be entrusted with the security of a site, that is to say more sites need more usage of groups etc. C'est la vie... some sites just aren't secure, and never will be. ----MESSAGE-END---- ----MESSAGE-BEGIN---- <1990101814035800> From: KARYN@nssdca.gsfc.nasa.gov 19-OCT-1990 23:13:58 To: security@rutgers.edu Subj: [339] PC/DACS information wanted Does anyone have any views: good, bad, or indifferent, on a product made by the PYRAMID Development Corp named PC/DACS? I just got an evaluation copy and was wondering what other people had to say. Karen Pichnarczyk karyn@nssdca.gsfc.nasa.gov (Please send all replies to me, I'll repost to the list if there's enuf interest. Thanks) ----MESSAGE-END---- ----MESSAGE-BEGIN---- <1990101814244600> From: karl@ddsw1.mcs.com (Karl Denninger) 19-OCT-1990 23:34:46 To: security@pyrite.rutgers.edu Subj: [701] Re: confiscations >The situation you are talking about where your equipment was >confiscated because it "should not be in the hands of the general public" is >totaly disgusting. Wrong. Talk to Rich Andrews, of the former Jolnet. He has been charged with no crime. His gear has been gone for about 6 months at this point, with no hope of it's return. All taken, from his house, by the SS. Yes, we have a government which does this kind of thing. Yes, it's wrong. When are we going to put a stop to it? -- Karl Denninger (karl@ddsw1.MCS.COM, !ddsw1!karl) Public Access Data Line: [+1 708 808-7300], Voice: [+1 708 808-7200] Macro Computer Solutions, Inc. "Quality Solutions at a Fair Price" ----MESSAGE-END---- ----MESSAGE-BEGIN---- <1990101814393100> From: blk@mitre.org (Brian L. Kahn) 19-OCT-1990 23:49:31 To: misc-security@linus.mitre.org Subj: [1252] Burglar resistance I am interested in making my house resistant to breaking and entering, as opposed to detecting the same with an alarm system. * I am considering burglar bars on the basement casement windows. The main drawback seems to be fire exit. These bars swing open, and are secured with a lock (on the inside). I'm not too concerned about fire exit in this case because the windows would be very difficult to use due to small size and height from the floor, so an extra 30 seconds to unlock seems minor. I'm not sure how strong the wood casement that holds the bars is, however, so this might be more show than effect. * Traditional wood frame doors seem pretty wimpy. Our main doors are kind of drafty in the winter, too. I think I'll put in steel doors/frames with deadbolts. Might pay for themselves after a few winters. * What about the windows? I just saw a reference to mylar security film - anyone know what this is? I don't want bars on the real windows, and plastic plates (lucite?) with explosive bolts for fire exit sounds like too much trouble. The first floor windows on this house are about six feet up from the ground - how vulnerable is this in reality? -- B< Brian Kahn blk@security.mitre.org "may the farce be with you" ----MESSAGE-END---- ----MESSAGE-BEGIN---- <1990101814562400> From: "Kees de Groot, Information Systems Security" 20-OCT-1990 0:06:24 To: security@pyrite.rutgers.edu Subj: [1276] Information derived from SYSUAF I post the following on behalf of a colleague: Subject: Information derived from SYSUAF I am in an almost desperate search for tools, utilities, examples, anything to derive information from the User Authorization File in various combinations (users versus their UAF-user-record-fields), instead of the standard output provided by Authorize Utility commands like: list/full or list/brief. Combination examples: - All (or selection of) users with CMKRNL privilege - Users versus privileges and their pwdminimum - Users versus LGICMD and Login Flag "Captive" - All users with identifier "xxxxxxx" - Users with Network Access versus their Proxies - etc. etc. etc. (all combinations you can come up with...) I know there are ways with System Services as $GETUAI or with DATATRIEVE but the fact is that I am not a programmer and moreover I haven't got the time to explore right now. So what I need is a well tested, reliable solution capable of running under VMS 5.2. If you have anything for me meeting the above description then please help me out! Thanks for your cooperation anyway. Kees Noppen INTERPHARM BV Holland Please use DEGROOT@HWALHW50 or degroot@rcl.wau.nl to contact me, because I am not on the net. ----MESSAGE-END---- ----MESSAGE-BEGIN---- <1990101815111300> From: __Robby__ 20-OCT-1990 0:21:13 To: security@pyrite.rutgers.edu Subj: [1314] Burglar Alarms -- Beware of cheap parts A little ways back I posed the question to the net as to what may cause spuratic, seemingrandom triggers of an armed alarm on a still day, the alarm being compmosed of two simple loops with only two contact switches and the rest vibration sensors. The responses were quite helpful in pinpointing the problem; it was suggested that resistance was accumulating in the circuit perhaps due to a staple through a wire or a bad switcleading to the eventual threshhold exceedance. Well, after two years with this problem, I narrowed the problem down to a defect inherant in the part! I don't have the catelog no. handy, but a phone conversation with Tandy's engineers in Texas confirmed that the silver mixture used in the contacts of the switch oxidize extremely rapidly. His solution was to either file the contacts every 3-5 months with emery cloth, spray them with a conducting oil (only a temporary solution) or wait till they come up with a replacement part for it (and we all know how long THAT can take) *sigh*. Isn't it comforting to know that defective parts that people rely on for safety and protection remain on the shelves going unnoticed by the consumer AND the dealers? (detect sarcasm) Does anyone know of any good manufactures of vibration-type switches?? Any help would be greatly appreciated. ----MESSAGE-END---- ----MESSAGE-BEGIN---- [9011071818.AA18947@ucbarpa.Berkeley.EDU] <1990102117443500> From: zeleznik@CS.UTAH.EDU (Mike Zeleznik) Newsgroups: misc.security Subject: Re: Burglar resistance Message-ID: <9011071818.AA18947@ucbarpa.Berkeley.EDU> Date: 21 Oct 90 17:44:35 GMT Sender: daemon@ucbvax.BERKELEY.EDU Organization: The Internet Lines: 17 Approved: security@rutgers.edu Posted: Sun Oct 21 18:44:35 1990 I lived in Manhattan (NYC) for back in the late 70's, and had some pretty heavy duty bars on my apartment windows that had fire escape access (they had an internal lock that was pretty easy to open form inside, but would be a bit tuff from outside). HOWEVER, the burglars simply pried them right out of the brick they were anchored in. Perhaps they could have been anchored better, but as they were, they offered little resistance. BUT, the noise of the crowbar and such caused my neighbor to look outside, and on seeing them he yelled, and they fled. So the bars DID work! Mike Michael Zeleznik Computer Science Dept. University of Utah zeleznik@cs.utah.edu Salt Lake City, UT 84112 (801) 581-5617 ----MESSAGE-END---- ----MESSAGE-BEGIN---- [9011121938.AA11660@ucbarpa.Berkeley.EDU] <1990102119101200> From: peter@thirdi.UUCP (Peter Rowell) Newsgroups: misc.security Subject: Request for Risk Assessment Message-ID: <9011121938.AA11660@ucbarpa.Berkeley.EDU> Date: 21 Oct 90 19:10:12 GMT Sender: daemon@ucbvax.BERKELEY.EDU Organization: The Internet Lines: 36 Approved: security@rutgers.edu Posted: Sun Oct 21 20:10:12 1990 My wife is the publications editor for a charitable organization. In connection with a journal they are working on, they will be receiving floppies from authors all over the U.S. (and possibly elsewhere). They may also be sending out floppies for review by content editors, etc. I expressed concern that they might very well be laying themselves wide open to god-knows-what in the way of viruses/worms/whatever. I also thought that they could act as a very efficient spreader of these same nasties to other unsuspecting victims. Their local "expert" told them that they had nothing to worry about, but that if "something happened" to call him and he would "fix it". QUESTIONS: Is my concern valid, even if they only read/write files in MS Word format (or Wordperfect or ??)? If it is valid: What is out there that they need to look out for? How do they detect it? How do they fix it? Can they (should they?) perform checking/sanitizing on a machine on the net or on an isolated machine? Is there a source of information on this (book/mag/etc)? The environment in question is a network of machines (mostly HP Vectras + some others) connected by ethernet, running DOS and applications such as Word, Wordperfect, Lotus 1-2-3, some-sort-of-e-mail, etc. Please e-mail any help you can offer. ---------------------------------------------------------------------------- Peter Rowell peter@thirdi.uucp Third Eye Software, Inc. ...!{apple,pyramid,sun}!thirdi!peter 750 Menlo Avenue, Suite 300 (415) 321-0967 Menlo Park, CA 94025 ----MESSAGE-END---- ----MESSAGE-BEGIN---- <1990102212474300> From: Richard H. Miller 23-OCT-1990 21:57:43 To: security@pyrite.rutgers.edu Subj: [375] Re: Different security ratings Also, [as far as evaluated systems go], OS-1100 for Unisys 1100/2200 machines has been evaluated and certified at the B2 level. Richard H. Miller Email: rick@bcm.tmc.edu Asst. Dir. for Technical Support Voice: (713)798-3532 Baylor College of Medicine US Mail: One Baylor Plaza, 302H Houston, Texas 77030 ----MESSAGE-END---- ----MESSAGE-BEGIN---- <1990102213303800> From: wlw2286@ultb.isc.rit.edu (W.L. Ware ) 23-OCT-1990 22:40:38 To: security@pyrite.rutgers.edu Subj: [454] Wanted: Simple Voice Scrambler Schematic. I am looking for a simple voice scrambler to use over standard us telephones. The requirements are quite easily met as well (I hope) it beeds to encrypt/decrypt both sides of the conversation at the same time. And I would prefer not to have a clip-on type device, it would be great if it could go between the handset and telephone, or phone and wall jack, or internal to the handset. References to books/magazine articles are welcome. Lance ----MESSAGE-END---- ----MESSAGE-BEGIN---- <1990102214042900> From: haynes@ucscc.ucsc.edu (99700000) 23-OCT-1990 23:14:29 To: misc-security@ames.arc.nasa.gov Subj: [648] Re: F Y I (Sun Security announcement) We might note with satisfaction that this is a Good Thing resulting from a Usenix workshop on Unix security held in Portland two years ago. Sun had a person there (Chuck McManis, maybe others), and asked the group for recommendations. At the time Sun had people in charge of each software component, but nobody assigned to "security" over the whole software system. The group recommended that vendors should have a single point-of-contact for security problem reports. haynes@ucscc.ucsc.edu haynes@ucscc.bitnet ..ucbvax!ucscc!haynes "Any clod can have the facts, but having opinions is an Art." Charles McCabe, San Francisco Chronicle ----MESSAGE-END---- ----MESSAGE-BEGIN---- <1990102214264000> From: EVERHART@arisia.dnet.ge.com 23-OCT-1990 23:36:40 To: Security@pyrite.rutgers.edu Subj: [635] AFS betas The CMU undergrad who wrote of his troubles with AFS perhaps was reacting to beta software because that lab last summer WAS running beta AFS and until this year it was not stable on Ultrix kernels (owing to the unusual Ultrix extensions for networked files). Nevertheless, AFS does support large (thousands of systems) nets sharing files transparently and globally. Internal experience here is that it's death to try this with NFS even operationally. Since cross-mounting over bridges is a problem, the spoofing problem NFS is open to is not considered widely (a dead network is perfectly secure...just perfectly useless also.) glenn ----MESSAGE-END---- ----MESSAGE-BEGIN---- <1990102214530200> From: GREENY 24-OCT-1990 0:03:02 To: Subj: [1786] re: Chubb locks [problems] > Anyone got any ideas? yep.....several 1) Check the ground again. Make sure it is good. If not, then fix the situation (longer copper rod in the ground, or if you are in a part of the country that has a problem getting a good ground, adding salt around the ground rod on a regular basis sometimes helps... 2) Open the CPU for the controllers.....has anything made it's/their home in there? You wouldn't believe what one spider can do 3) Are any pipes running over the CPU? I once had condensation *SOMETIMES* drip from the damn pipe, into the air vent, and onto a chip. The water droplet would temp. short out two legs on the chip, and cause telephones connected to the CPU (KSU) to ring non-stop until the water evaporated. Insulating the pipe corrected the problem. 4) Is your power goofy like everyone's? Try a good quality surge supressor, and failing that, hook the thing up to a zero-transfer time UPS (try Best Power Systems...). You'd be amazed at how many "glitches" disappear when the power is cleaned 5) A component is failing. Try the usual freon blast to cool the suckers to see if it has an effect. 6) The CPU PC board has a cracked trace. When the board is cool, the trace is making contact. As the board heats, the crack in the trace expands, creating your problem. Intermittants are hard to track down, but analyzing the surrounding circumstances/environment/physical location help enormously.... Bye for now but not for long Greeny BITNET: MISS026@ECNCDC Internet: MISS026%ECNCDC.BITNET@CUNYVM.CUNY.EDU GEnie: GREENY AOL: GREENY1 Compu$erve: 72567,457 WARNING: The node "ECNCDC" will go super-nova on 9/30/90 and become a white dwarf star with node name "BOGECNVE". Please make a note of it! ----MESSAGE-END---- ----MESSAGE-BEGIN---- [9011071930.AA19950@ucbarpa.Berkeley.EDU] <1990102223040000> From: KAPLAN@CCIT.ARIZONA.EDU Newsgroups: misc.security Subject: Serious VMS security bug Message-ID: <9011071930.AA19950@ucbarpa.Berkeley.EDU> Date: 22 Oct 90 23:04:00 GMT Sender: daemon@ucbvax.BERKELEY.EDU Organization: The Internet Lines: 109 Approved: security@rutgers.edu Posted: Tue Oct 23 00:04:00 1990 (cross posted to INFO-VAX) This first came to my attention on the "for pay" DECUServe BBS of the U.S. Chapter of DECUS. Seems to me that the most responsible thing to do is widely distribute it ASAP. As usual, and with considerable justification, DEC is not volunteering this information. If you want confirmation of its authentisity, call your DEC software support number and ask for it specifically since they will not volunteer it. If this is a duplicate of previously distributed information, please accept my appologies. As I said, I think that this deserves immediate action and wide disemination to the community. Please tell everyone you know. (since I can not contact the author of this particularly articulate summary for permission to post it, I have edited it to conceal his identity) Summary:: Critical VMS Security Problem Facts ---------------------------------------------------------------------------- PROBLEM: VMS security problem with the ANALYZE/PROCESS_DUMP command PLATFORM: DEC VMS systems (all versions 4.0 to 5.3 including MicroVMS) DAMAGE: Allows system privileges to non-privileged users (including the user decnet on older VMS systems) WORKAROUND: Disable ANALYZE/PROCESS_DUMP for non-privileged users PATCH: Not currently available, but DEC is aware of the problem SYSTEM IMPACT: The workaround will disallow the use of analyze/process_dump for non-privileged users. Other program debuggers are unaffected ---------------------------------------------------------------------------- A serious security problem on Digital Equipment Corp. (DEC) VMS systems has been detected. The potential damage of this problem is that users may gain unauthorized system privileges through the use of the ANALYZE/PROCESS_DUMP dcl command. In addition, systems that have set up the FAL and default DECNET account to use the same directory have a potential to allow system access to other VMS machines connected to the network. DEC is currently working on a permanent solution to this problem. As a interim measure, DEC recommends that this command be disabled for all non-privileged users. This may be accomplished using the following procedure: 1. Log into the system account. 2. $ SET PROC/PRIV=ALL 3. a) For VMS systems prior to V5.0, Modify SYS$MANAGER:SYSTARTUP.COM to include the following lines as the first two lines in the file: $ SET NOON $ MCR INSTALL ANALIMDMP.EXE/DELETE b) For VMS system V5.0 and later, Modify SYS$MANAGER:SYSTARTUP_V5.COM to include the following as the first two lines of the file: $SET NOON $ MCR INSTALL ANALIMDMP.EXE/DELETE c) For MicroVMS systems, The image ANALIMDMP.EXE is not installed by default, but SYSTARTUP.COM contains a suggestion of installing the image if you have multiple users on your system. You mus ensure that this image is not installed in SYSTARTUP.COM. You can use the following command to verify that the image is not installed: $MCR INSTALL ANALIMDMP/LIST If you receive the message similar to the following: %INSTALL-W-FAIL, failed to LIST entry for ANALIMDMP.EXE then you do not have the image installed. Otherwise, proceed as step 3.a above. 4. $ MCR INSTALL ANALIMDMP/DELETE This command removes the installed image from the active system. 5. (Optional) Restart your systems and verify that the image is not installed using the following command: $MCR INSTALL ANALIMDMP/LIST If you receive the message similar to the following: %INSTALL-W-FAIL, failed to LIST entry for ANALIMDMP.EXE -INSTALL-E-NOKFEFND, Known File Entry not found then you do not have the image installed and your system does not have the security problem. Please feel free to contact me with questions - but it would be better if you posted them here so everyone can learn from them. Ray 8-|)} Ray Kaplan - I know what I don't know W) Computer Center - University of Arizona - Tucson, AZ, 85751 - (602) 621-2857 H) P.O. Box 32647 - Tucson, Arizona 85751 - (602) 323-4606 BITNET: KAPLAN@ARIZRVAX INTERNET: KAPLAN@RVAX.CCIT.ARIZONA.EDU ------------------------------------------------------------------------------ >> THESE ARE MY VIEWS. They do not necessarily reflect those of others ... >> ------------------------------------------------------------------------------ ----MESSAGE-END---- ----MESSAGE-BEGIN---- [9011081009.AA29523@ucbarpa.Berkeley.EDU] <1990102313522300> From: AGME003@unlvm.BITNET (Gregg Grosshans) Newsgroups: misc.security Subject: Re: cheap Master combo lock Message-ID: <9011081009.AA29523@ucbarpa.Berkeley.EDU> Date: 23 Oct 90 13:52:23 GMT Sender: usenet@ucbvax.BERKELEY.EDU Organization: The Internet Lines: 12 Approved: security@rutgers.edu Posted: Tue Oct 23 14:52:23 1990 In our campus rec locker room, all lockers are required to have a campus rec lock on them, they are the Master locks with the otional keyed facility on back to allow a master key to unlock any of the locks. Are these locks just as vulnerable as to what was described above? What are the name brands of "GOOD" locks? Gregg Grosshans agme003@unlvm [Moderator tack-on: The administrators of my old high school were not particularly amused to discover that my key to same worked better than theirs did... _H*] ----MESSAGE-END---- ----MESSAGE-BEGIN---- [9011121828.AA10806@ucbarpa.Berkeley.EDU] <1990102500040000> From: davo@homer.corp.sgi.com (Dave Ferrise) Newsgroups: misc.security Subject: Re: Information derived from SYSUAF Message-ID: <9011121828.AA10806@ucbarpa.Berkeley.EDU> Date: 25 Oct 90 00:04:00 GMT Sender: daemon@ucbvax.BERKELEY.EDU Organization: The Internet Lines: 10 Approved: security@rutgers.edu Posted: Thu Oct 25 01:04:00 1990 I have taken a look at a few 3rd party offerings that do this (among other things) most notably SECUREPAK from DEMAX (was DEMAC) and will soon be looking at SECURITY TOOLKIT from Clyde Digital. Coopers & Lybrand evaluated several and posted their results recommending Security Toolkit. There are probably some utilities on the DECUS tapes, also. - davo - davo@homer.corp.sgi.com Dave Ferrise ----MESSAGE-END---- ----MESSAGE-BEGIN---- [9011152332.AA24485@ucbarpa.Berkeley.EDU] <1990102703544500> From: PA163514@tecmtyvm.BITNET Newsgroups: misc.security Subject: Re: Different security ratings Message-ID: <9011152332.AA24485@ucbarpa.Berkeley.EDU> Date: 27 Oct 90 03:54:45 GMT Sender: daemon@ucbvax.BERKELEY.EDU Organization: The Internet Lines: 21 Approved: security@rutgers.edu Posted: Sat Oct 27 04:54:45 1990 Hello. Do you know something about system 88? This is an IBM computer. I'm looking for some information about fire, flood, storm etc. Really, CONTINGENCY PLANNING STRATEGIES For example: Halon Considerations Fire protection consideration or information about national fire protections Association References are welcome. Juan Manuel Gonzalez Nava Informatic Research Center ITESM, Mexico ----MESSAGE-END----