| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: nick at virus-l.demon.co.uk (Nick FitzGerald) Subject: Re: Microsoft to give holes info to Uncle Sam first Bruce Ediger wrote: > On a more anecdotal level, just after the 1988 Internet Worm, > I participated in a discussion at a US defense contractor where a > fellow with several clearances claimed that the NSA had dossiers on > each operating system, and they knew all the holes in each of them, > "Even in VMS". Would anyone be surprised by that?? The US military and its contractors were long-interested in ways to break software _long_ before the Morris Worm made the notion at all real-world or media-worthy... In fact, they had teams of folk employeed to investigate just these kinds of things and if you know the right folk they will even confirm this (off the record of course). It is not, hoiwever, too difficult to find references to some of their work, as being the military everything was documented and recorded and indexed and many early "mainstream" computer security papers refer to various US Army/Navy/Air Force reports that no-one outside the military actually seems to have copies of. Now, if the US military was doing it, do you think that the NSA was not doing it too? (Or at least not making sure it had access to all the material learned in this research??) And does anyone really think it's entirely coincidental that the creator of the Morris worm (Robert Tappan (sp?) Morris Jr.) was the son of Robert T. Morris, the chief scientist of the NSA's National Computer Security Center? (No conspiracy theory here, but the old adage "like father, like son" springs to mind...) Regards, Nick FitzGerald
Powered by blists - more mailing lists