lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <4D31A64C.7050800@ntlworld.com>
Date: Sat, 15 Jan 2011 13:51:08 +0000
From: Jacqui Caren-home <jacqui.caren@...world.com>
To: full-disclosure@...ts.grok.org.uk
Subject: Re: Fwd: Re "getting off the patch"

On 15/01/2011 01:53, Glenn Everhart wrote:
>
>
> If you have a system that is built well secured in the first place (existence proof: VMS)
> then patches are comparatively rare.

This is a joke right?

When I first used VMS there was a bug that when a directory was deleted all files within the
directory were lost - the only way until the fix to recover the lost blocks was to reformat the drives.

Also a very good friend of mine (with me watching) use the $MAIL hack to get SYS$ADMIN privs.
We when added csr-up's in the system logs to hide evidence of our access - when viewed on a CRT.
My friend eventually got kicked of the VMS systems for two weeks for this :-(

FYI the very early Windows NT NTFS filesystem had the same/similar delete problem as that early
VMS release...

Later when I worked at Cray some I worked with who used to work for DEC would explain how as
a non drinker his job of a friday afternoon was to get back from the pub lunch before everyone
else as write protect the developer disk packs...

VMS was just as bug ridden and badly designed as many other systems in the early releases.

Jacqui

p.s. my fave hackable system was VULCAN - replace ma.e and you ended up with a lot of files
hidden from sysadmins :-)

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ