Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

PGP Cracked ?

4 views
Skip to first unread message

Harry Solomon

unread,
Nov 5, 1999, 3:00:00 AM11/5/99
to
A security expert at my place of work states that PGP can be cracked. He
says that today being Friday he will give me my passphrase by cracking the
code the following Tuesday, Is this possible?

Matt Curtin

unread,
Nov 5, 1999, 3:00:00 AM11/5/99
to
>>>>> On Fri, 5 Nov 1999 16:58:41 -0000,
"Harry Solomon" <ha...@solomon.fsnet.co.uk> said:

Harry> A security expert at my place of work states that PGP can be
Harry> cracked. He says that today being Friday he will give me my
Harry> passphrase by cracking the code the following Tuesday, Is this
Harry> possible?

It sounds like he has access to your key and is going to try a brute
force search against your passphrase. Or perhaps he has another means
of getting access to your passphrase.

In any case, PGP hasn't been "broken", but a weakness in how it's
being used is the target of the attack. (This is a valid attack for
determining security, not of PGP, but how it's being used.)

--
Matt Curtin cmcu...@interhack.net http://www.interhack.net/people/cmcurtin/

jerome

unread,
Nov 5, 1999, 3:00:00 AM11/5/99
to
On Fri, 5 Nov 1999 16:58:41 -0000, Harry Solomon wrote:
>A security expert at my place of work states that PGP can be cracked. He
>says that today being Friday he will give me my passphrase by cracking the
>code the following Tuesday, Is this possible?

highly improbable.

to test him, create a key on your home computer and give him a crypted
messaged and your public key, if he comes back with the plain text or
the private key, it is a expert.

Patrick Juola

unread,
Nov 5, 1999, 3:00:00 AM11/5/99
to
In article <TCHS52...@techserver.comodo.net>,

Harry Solomon <ha...@solomon.fsnet.co.uk> wrote:
>A security expert at my place of work states that PGP can be cracked. He
>says that today being Friday he will give me my passphrase by cracking the
>code the following Tuesday, Is this possible?


Only if you picked a bad passphrase.

-kitten


Jim Gillogly

unread,
Nov 5, 1999, 3:00:00 AM11/5/99
to
Matt Curtin wrote:
> "Harry Solomon" <ha...@solomon.fsnet.co.uk> said:
>
> Harry> A security expert at my place of work states that PGP can be
> Harry> cracked. He says that today being Friday he will give me my
> Harry> passphrase by cracking the code the following Tuesday, Is this
> Harry> possible?
>
> It sounds like he has access to your key and is going to try a brute
> force search against your passphrase. Or perhaps he has another means
> of getting access to your passphrase.

Sounds to <me> like he already has your passphrase, and he gave himself
until next Tuesday to make it look tough. I would expect your site's
security expert to have lan-sniffing software available, and he probably
used it to watch keystrokes as you decrypted one of your messages.

> In any case, PGP hasn't been "broken", but a weakness in how it's
> being used is the target of the attack. (This is a valid attack for
> determining security, not of PGP, but how it's being used.)

One live PGP key was broken in Spring 1995 by four people working in private:
Paul Leyland, Arjen Lenstra, Alec Muffett and Jim Gillogly. It was a 384-bit
key, which was then the shortest recommended key-length. So far as I know
this is the only "live" PGP key ever broken. You can find details by doing
a web search on "BlackNet" coupled with one or more of our names. However,
this crack did not get us a passphrase, but rather factored the public key
involved, from which we were able to construct an equivalent private key.

This guy's claiming something else: in effect, breaking IDEA (used to
encrypt the private key) and then reverse-engineering the
cryptographic hash function MD5 used to produce that IDEA key from
your passphrase, which is not stored either encrypted or unencrypted.
Seems unlikely, and would probably be acceptable as the core
of a PhD dissertation.

Check your machine for sniffers, change your passphrase when
disconnected from the network, and from now on use your
un-connected laptop or palmtop for all your PGP transactions that
involve typing your passphrase. Your threat model as of today should
include a sysadmin who watches your desktop machine carefully. If he
can deliver on his boast to produce your passphrase, you need to
revoke your current key, which has been compromised, and create
a new one with a new passphrase -- off-line!

--
Jim Gillogly
15 Blotmath S.R. 1999, 18:00
12.19.6.12.3, 4 Akbal 11 Zac, Ninth Lord of Night

Johnny Bravo

unread,
Nov 5, 1999, 3:00:00 AM11/5/99
to
On 05 Nov 1999 12:10:26 -0500, Matt Curtin <cmcu...@interhack.net>
wrote:

>>>>>> On Fri, 5 Nov 1999 16:58:41 -0000,

> "Harry Solomon" <ha...@solomon.fsnet.co.uk> said:
>
>Harry> A security expert at my place of work states that PGP can be
>Harry> cracked. He says that today being Friday he will give me my
>Harry> passphrase by cracking the code the following Tuesday, Is this
>Harry> possible?
>
>It sounds like he has access to your key and is going to try a brute
>force search against your passphrase. Or perhaps he has another means
>of getting access to your passphrase.

If you created the key at work, or use it there, he might just have
used a keyboard logger to get your password. In which case he
probably already has your passphrase and is just stringing you along.
If he doesn't have a keyboard logger, and you have been using your key
at work for a long time (and you have a simple passphrase), he might
have brute forced it while ago. It is trivial to set up the DOS
version of PGP to try repeated keys, I've even heard of a microsoft
basic program that can run a dictionary attack against PGP.

Create a key at home, bring it in on a floppy and let him try that
one, make sure your password is secure enough to resist a casual
dictionary attack (6 random words, about 77 bits) should be enough to
stop your attacker for three days. :)

Best Wishes,
Johnny Bravo


John E. Kuslich

unread,
Nov 5, 1999, 3:00:00 AM11/5/99
to
I agree.

It is very easy to write a stealth application which will run in
background under Windows or NT which will record all passphrases used by
PGP. We did it!

This points out again the ridiculous situation we are in re. computer
security.

We have the equivalent of ten ton steel doors on our computers (PGP) but
the windows (no pun intended) are made from rice paper.

Now, if you were a bad guy, which would you attack first, the ten ton
door or the rice paper window??

JK

Jim Gillogly wrote:


>
> Matt Curtin wrote:
> > "Harry Solomon" <ha...@solomon.fsnet.co.uk> said:
> >
> > Harry> A security expert at my place of work states that PGP can be
> > Harry> cracked. He says that today being Friday he will give me my
> > Harry> passphrase by cracking the code the following Tuesday, Is this
> > Harry> possible?
> >
> > It sounds like he has access to your key and is going to try a brute
> > force search against your passphrase. Or perhaps he has another means
> > of getting access to your passphrase.
>

--
John E. Kuslich
Password Recovery Software
CRAK Software
http://www.crak.com

John Kennedy

unread,
Nov 5, 1999, 3:00:00 AM11/5/99
to
On Fri, 5 Nov 1999 16:58:41 -0000, "Harry Solomon"
<ha...@solomon.fsnet.co.uk> wrote:

>A security expert at my place of work states that PGP can be cracked. He
>says that today being Friday he will give me my passphrase by cracking the
>code the following Tuesday, Is this possible?

The chance that he can crack PGP is roughly zero. If he could, he'd
have the opportunity to be instantly famous instead of just showing
off at work.

Whether or not he can give you your pass phrase on Tuesday is another
matter. If your pass phrase is weak it could be found shortly by a
dictionary search. There are many other ways your pass phrase could be
swiped in an environment you don't control. Intercepting your
keystrokes with a program running in the background is an obvious
method. He could already have it.


-

John Kennedy
The Wild Shall Wild Remain!
http://members.xoom.com/rational1/wild/


SCOTT19U.ZIP_GUY

unread,
Nov 5, 1999, 3:00:00 AM11/5/99
to
In article <TCHS52...@techserver.comodo.net>, "Harry Solomon" <ha...@solomon.fsnet.co.uk> wrote:
>A security expert at my place of work states that PGP can be cracked. He
>says that today being Friday he will give me my passphrase by cracking the
>code the following Tuesday, Is this possible?
>
>

well give it to him and find out.

David A. Scott
--

SCOTT19U.ZIP NOW AVAILABLE WORLD WIDE
http://www.jim.com/jamesd/Kong/scott19u.zip

Scott famous encryption website NOT FOR WIMPS
http://members.xoom.com/ecil/index.htm

Scott rejected paper for the ACM
http://members.xoom.com/ecil/dspaper.htm

Scott famous Compression Page WIMPS allowed
http://members.xoom.com/ecil/compress.htm

**NOTE EMAIL address is for SPAMERS***

Dan Day

unread,
Nov 5, 1999, 3:00:00 AM11/5/99
to
On Fri, 05 Nov 1999 13:56:09 -0500, John Kennedy <kenne...@hushmail.com>
wrote:

>The chance that he can crack PGP is roughly zero. If he could, he'd
>have the opportunity to be instantly famous

Or unknown and rich.

Or dead, I suppose. As the line in "Sneakers" goes (from memory),
"there's not a government on the planet that wouldn't kill everyone
in this room for that box..."


--
"How strangely will the Tools of a Tyrant pervert the
plain Meaning of Words!"
--Samuel Adams (1722-1803), letter to John Pitts, January 21, 1776

John Kennedy

unread,
Nov 5, 1999, 3:00:00 AM11/5/99
to
On Fri, 05 Nov 1999 21:49:10 GMT, d...@firstnethou.com (Dan Day) wrote:

>On Fri, 05 Nov 1999 13:56:09 -0500, John Kennedy <kenne...@hushmail.com>
>wrote:
>>The chance that he can crack PGP is roughly zero. If he could, he'd
>>have the opportunity to be instantly famous
>
>Or unknown and rich.
>
>Or dead, I suppose. As the line in "Sneakers" goes (from memory),
>"there's not a government on the planet that wouldn't kill everyone
>in this room for that box..."

Yeah well, if the security guy at this guy's company could crack PGP,
and is putting it round to folks at work, I safely assume the secret
must be on the verge of becoming widely known.

But we both know he can't.

Trevor Jackson, III

unread,
Nov 5, 1999, 3:00:00 AM11/5/99
to
Harry Solomon wrote:

> A security expert at my place of work states that PGP can be cracked. He
> says that today being Friday he will give me my passphrase by cracking the
> code the following Tuesday, Is this possible?

A classic magician trick is to announce that you will perform some magical
change, using the future tense, when in fact that change has already taken
place.

If I were your associate, I would only make a boast such as his if I had
already obtained your password. Almost certainly by methods other than by
cracking PGP.

ME

unread,
Nov 6, 1999, 3:00:00 AM11/6/99
to
If he does this in the form of keys or key rings:
- use a new keyring
- make sure the public keys are yours - sign a document before, then verify
the signature with your copy of the keyring, after he returns the keyring
and or passphrase.

It is trivial to create a new keyring with an existing passphrase - he's the
LAN administrator, and can access anything on your machine.

Lyal

Harry Solomon wrote in message ...

zentara

unread,
Nov 6, 1999, 3:00:00 AM11/6/99
to
On Fri, 5 Nov 1999 16:58:41 -0000, "Harry Solomon"
<ha...@solomon.fsnet.co.uk> wrote:

>A security expert at my place of work states that PGP can be cracked. He
>says that today being Friday he will give me my passphrase by cracking the
>code the following Tuesday, Is this possible?
>

I know the answers that the real experts here are giving is that
he got your passphrase by some keystroke recorder....either
via the network you are on, or some "tempest" style keyboard
"bugging" device.

But did you ever consider that PgP or GpG are controlled
by very high-ranking military and government people? And that
at a certain security level, there are people who can generate
a "secret key" from the freely available "public key"? They are sworn
to a very high secrecy level.

They would just have to exploit some know weakness in the compilers
to leave "markers" here and there in the encrypted files. It's
probably something along the lines of complementary matrices
of vectors, and if you have one, with the "markers in place", the
other matrix can be regenerated.

Of course, this is just speculation. But your pgp programs come
as pre-compiled binaries don't they? Even GpG, which you can compile
yourself, has complex enough sorce code, that even a decent C
programmer, would not know if little "markers" are being placed
here and there. Especially if it was a weakness in the compiler that
was being exploited, like a tendency to leave a stray bit here and
there in the final binary.

I'm not claiming that any of this is true. BUT, it seems very
plausible to me. Maybe it explains where the government
comes up with those "anonymous sources" of information.

Johnny Bravo

unread,
Nov 6, 1999, 3:00:00 AM11/6/99
to
On Sat, 06 Nov 1999 08:05:37 GMT, zen...@gnat.net (zentara) wrote:

>They would just have to exploit some know weakness in the compilers

LOL, this again? My compiler is open source too. Or are you
actually proposing that every compiler in the world has been corrupted
as well as the PGP source. This 'urban legend' is about as old as PGP
is.

>Of course, this is just speculation. But your pgp programs come
>as pre-compiled binaries don't they?

No, they come as source code, which I am free to examine at my
leisure. If 100 people each check 1% of the code, the chances of an
error of this type passing unnoticed are roughly 1 in 3, If 1000
people each check 5% of the code, you drop to 1 in 5e-23.

>Even GpG, which you can compile
>yourself, has complex enough sorce code, that even a decent C
>programmer, would not know if little "markers" are being placed
>here and there.

We are all not as bad at reading C as you seem to be.

>Especially if it was a weakness in the compiler that
>was being exploited, like a tendency to leave a stray bit here and
>there in the final binary.

You can't just add stray random bits to a binary executable and
expect it to keep working at all, sooner or later you will get a
program that just doesn't run, then you know your compiler is broken.


Much less write source code that can both predict which final bits
would be effected, and then to top it off predict that they will
effect the binary in a manner you desire. You should learn a bit more
about compilers before you make such sweeping, and uninformed
statements.

>I'm not claiming that any of this is true. BUT, it seems very
>plausible to me. Maybe it explains where the government
>comes up with those "anonymous sources" of information.

Maybe it seems plausible because you don't know anything about the
topic. There are much easier methods of getting information that
trying to corrupt the source code of every compiler ever written, even
those written before PGP was created.

Best Wishes,
Johnny Bravo


Trevor Jackson, III

unread,
Nov 6, 1999, 3:00:00 AM11/6/99
to
zentara wrote:

> On Fri, 5 Nov 1999 16:58:41 -0000, "Harry Solomon"
> <ha...@solomon.fsnet.co.uk> wrote:
>
> >A security expert at my place of work states that PGP can be cracked. He
> >says that today being Friday he will give me my passphrase by cracking the
> >code the following Tuesday, Is this possible?
> >
>
> I know the answers that the real experts here are giving is that
> he got your passphrase by some keystroke recorder....either
> via the network you are on, or some "tempest" style keyboard
> "bugging" device.
>
> But did you ever consider that PgP or GpG are controlled
> by very high-ranking military and government people? And that
> at a certain security level, there are people who can generate
> a "secret key" from the freely available "public key"? They are sworn
> to a very high secrecy level.

And they just happenned to let you know about it? Do tell.

> They would just have to exploit some know weakness in the compilers

> to leave "markers" here and there in the encrypted files. It's
> probably something along the lines of complementary matrices
> of vectors, and if you have one, with the "markers in place", the
> other matrix can be regenerated.
>

> Of course, this is just speculation. But your pgp programs come

> as pre-compiled binaries don't they? Even GpG, which you can compile


> yourself, has complex enough sorce code, that even a decent C
> programmer, would not know if little "markers" are being placed

> here and there. Especially if it was a weakness in the compiler that


> was being exploited, like a tendency to leave a stray bit here and
> there in the final binary.
>

> I'm not claiming that any of this is true.

So you are wasting our time.

> BUT, it seems very
> plausible to me. Maybe it explains where the government
> comes up with those "anonymous sources" of information.

No, but it certainly explains where silliness like yours originates.


fungus

unread,
Nov 6, 1999, 3:00:00 AM11/6/99
to

Johnny Bravo wrote:
>
> On Sat, 06 Nov 1999 08:05:37 GMT, zen...@gnat.net (zentara) wrote:
>

> >They would just have to exploit some know weakness in the compilers
>

> LOL, this again? My compiler is open source too. Or are you
> actually proposing that every compiler in the world has been corrupted
> as well as the PGP source. This 'urban legend' is about as old as PGP
> is.
>

It's not a UL, it was actually done by Dennis Ritchie on a PDP-11.
The compiler had extra code to check when it was recompiling
itself and inserted some extra instrucions.

It also knew when it was recompiling the Unix "login" source
and inserted a back door accordingly.


Stretching this jolly jape to a worldwide conspiracy theory
regarding PGP is a bit more difficult though.

--
<\___/>
/ O O \
\_____/ FTB.

lordcow77

unread,
Nov 6, 1999, 3:00:00 AM11/6/99
to
In article <38247C63...@egg.chips.and.spam.com>, fungus

<sp...@egg.chips.and.spam.com> wrote:
> It's not a UL, it was actually done by Dennis Ritchie on a PDP-11.
> The compiler had extra code to check when it was recompiling
> itself and inserted some extra instrucions.
> It also knew when it was recompiling the Unix "login" source
> and inserted a back door accordingly.
> Stretching this jolly jape to a worldwide conspiracy theory
> regarding PGP is a bit more difficult though.

Ah, yes that is a rather legendary piece of coding. The only problem
with this model is that I've used a variety of compilers, both
open-source and not, to compile different versions of PGP. The kicker
is this: how would a compiler be able to pattern match a code string
performing a cryptographic function when the compiler was written
*before* the PGP source code? Are you suggesting the a) the compiler
writers predicted exactly the code used in future versions of PGP or b)
that compiler technology has advanced to the point of arbitrary
isomorphic function matching across translation boundaries?

To give an example of b), a compiler would have to treat
a=(2-b)*(1+3*b)/2;
as equivalent to
a=b+1;
if (a==3) a=0;

To summarize in a phrase: not going to happen.


* Sent from RemarQ http://www.remarq.com The Internet's Discussion Network *
The fastest and easiest way to search and participate in Usenet - Free!


Jerry Coffin

unread,
Nov 6, 1999, 3:00:00 AM11/6/99
to
In article <38247C63...@egg.chips.and.spam.com>,
sp...@egg.chips.and.spam.com says...

[ ... ]

> It's not a UL, it was actually done by Dennis Ritchie on a PDP-11.
> The compiler had extra code to check when it was recompiling
> itself and inserted some extra instrucions.
>
> It also knew when it was recompiling the Unix "login" source
> and inserted a back door accordingly.

Somewhere between Urban Legend, and your version above lies the truth.
The reality is that most of us don't know for sure whether it was ever
done, and if it was it probably was NOT by Dennis Ritchie.

Ken Thompson gave a talk outlining how you'd do this. TTBOMK, he's
NEVER said it was actually DONE. Likewise, Dennis Ritchie may easily
have mentioned this general scheme after Ken's talk, but I've never
heard him saying anything about involvement in cooking up the scheme.
Like Ken, AFAIK, he's never said _anything_ to confirm (or,
admittedly, deny) that it was actually done.

--
Later,
Jerry.

The universe is a figment of its own imagination.

Dennis Ritchie

unread,
Nov 7, 1999, 3:00:00 AM11/7/99
to
fungus wrote:

> It's not a UL, it was actually done by Dennis Ritchie on a PDP-11.
> The compiler had extra code to check when it was recompiling
> itself and inserted some extra instrucions.
>
> It also knew when it was recompiling the Unix "login" source
> and inserted a back door accordingly.

It was Ken. See

http://www.acm.org/classics/sep95/

Dennis

Douglas A. Gwyn

unread,
Nov 7, 1999, 3:00:00 AM11/7/99
to
Jerry Coffin wrote:
> Like Ken, AFAIK, he's never said _anything_ to confirm (or,
> admittedly, deny) that it was actually done.

I could swear that they have said the experiment was actually done,
just that it was not in any of the UNIX distributions.

Dennis Ritchie

unread,
Nov 7, 1999, 3:00:00 AM11/7/99
to
Douglas A. Gwyn wrote, quoting Jerry Coffin:

I could so swear too.

Dennis

Jim Gillogly

unread,
Nov 7, 1999, 3:00:00 AM11/7/99
to

So could Ken. Here's an extract of a note he wrote on
23 Apr 1995:

fyi: the self reproducing cpp was
installed on OUR machine and we
enticed the "unix support group"
(precursor to usl) to pick it up
from us by advertising some
non-backward compatible feature.
that meant they had to get the
binary and source since the source
would not compile on their binaries.

they installed it and in a month or
so, the login command got the trojan
hourse. later someone there noticed
something funny in the symbol table
of cpp and were digging into the
object to find out what it was. at
some point, they compiled -S and
assembled the output. that broke
the self-reproducer since it was
disabled on -S. some months later
the login trojan hourse also went
away.

the compiler was never released
outside.

ken

I wonder whether the funny business in the cpp
symbol table was a symptom of the Trojan horse,
or whether it was a fortuitous accident.

--
Jim Gillogly
Hevensday, 17 Blotmath S.R. 1999, 04:24
12.19.6.12.5, 6 Chicchan 13 Zac, Second Lord of Night

fungus

unread,
Nov 7, 1999, 3:00:00 AM11/7/99
to

Jim Gillogly wrote:
>
> Sounds to <me> like he already has your passphrase, and he gave himself
> until next Tuesday to make it look tough. I would expect your site's
> security expert to have lan-sniffing software available, and he probably
> used it to watch keystrokes as you decrypted one of your messages.
>

Yep...


...change your passphrase (hell, generate a whole new key pair for
him) and give him that instead. See if he can decrypt a message then.

zentara

unread,
Nov 7, 1999, 3:00:00 AM11/7/99
to
On Sat, 06 Nov 1999 14:54:53 -0500, "Trevor Jackson, III"
<full...@aspi.net> wrote:

>zentara wrote:
>
>> But did you ever consider that PgP or GpG are controlled
>> by very high-ranking military and government people? And that
>> at a certain security level, there are people who can generate
>> a "secret key" from the freely available "public key"? They are sworn
>> to a very high secrecy level.
>
>And they just happenned to let you know about it? Do tell.
>

>So you are wasting our time.

>No, but it certainly explains where silliness like yours originates.

Sorry, I just wanted to raise the issue of the "possibility" that it
could not be as secure as everyone likes to believe, by design
of the originators of arpanet.
Discrediting me by saying it is total foolishness, makes me suspect
that you are part of the coverup operation. :-)

Trevor Jackson, III

unread,
Nov 7, 1999, 3:00:00 AM11/7/99
to
zentara wrote:

You are free to believe anything you want. But if you wish to propogate your
beliefs you have to provide persuasive support rather than idle speculation.
For instance, we need to understand the link between your speculations, crop
circles, and Lady Diana's death. Inquiring minds want to know


Jerry Coffin

unread,
Nov 7, 1999, 3:00:00 AM11/7/99
to
In article <3824F277...@null.net>, DAG...@null.net says...

> Jerry Coffin wrote:
> > Like Ken, AFAIK, he's never said _anything_ to confirm (or,
> > admittedly, deny) that it was actually done.
>
> I could swear that they have said the experiment was actually done,
> just that it was not in any of the UNIX distributions.

Well, obviously I haven't followed him around for the last 30 years to
verify everything he's ever said about it, but I just re-read the text
of the talk, and there he talks about what you _could_ do, how you
_would_ do, and so on, but carefully never says that it was ever
actually done. Since Mr. Ritchie has been kind enough to jump in
already, perhaps he'll be kind enough to clarify this as well; even if
he wasn't responsible for it in the first place, my guess is that if
it was done, he at least knew something about it...

Jerry Coffin

unread,
Nov 7, 1999, 3:00:00 AM11/7/99
to
In article <382549b5...@news.gnat.net>, zen...@gnat.net says...

[ ... ]

> >> But did you ever consider that PgP or GpG are controlled
> >> by very high-ranking military and government people?

[ ... ]

> Sorry, I just wanted to raise the issue of the "possibility" that it
> could not be as secure as everyone likes to believe, by design
> of the originators of arpanet.

It IS possible at least in theory, but I doubt it in this case. The
problem is that if the source code to the application is available (as
it is with both PGP and GPG) then somebody can find where things have
been done to compromise the security. Now, it's true that not
everybody who uses these gets the source and builds it themselves.
It's also true that many who get the source don't examine it closely
enough to ensure that it hasn't be compromised.

This isn't terribly relevant though: it only takes ONE person
examining the source code to find where it's been compromised. They
can then publish what they found, and everybody else knows about it
almost immediately.

Of course, if the security breach could be traced back to the
originator, this would almost certainly cause them a LOT more harm
than the most good they could have hoped to achieve to start with.
IOW, at least in my estimation, the risk outweighs the possible reward
so it would be a lousy investment.

I don't think most government agencies can or will take the kind of
long-term view of things necessary to even consider such an approach
to things. The reality is that they might take a couple of hours to
tell lies to Congress, trying to keep reasonable encryption out of
most people's hands, but they're just too lazy to do much more than
that.

Right now, it seems pretty clear to me that the government isn't even
trying to do do things that would be perfectly legal and wouldn't
require any of this sort backhanded nonsense at all. Just for
example, I just did a quick search for "I will kill" using Alta Vista.
It came up with over ten thousand hits. In most places, "assault" is
defined as something like "a credible threat of violence." In think
it's safe to guess that the majority of these sites are in places that
assault is illegal.

IOW, just about any law enforcement agency that cares can probably
find at least enough evidence to investigate and likely prosecute at
least a few people for assault. It's pretty clear to me that the
majority are completely ignoring things that are easily available, so
postulating that they'd go to a great deal of trouble to make a little
more of the same available seems pretty far-fetched.

Patrick Juola

unread,
Nov 7, 1999, 3:00:00 AM11/7/99
to
In article <3824F9...@bell-labs.com>,

Dennis Ritchie <d...@bell-labs.com> wrote:
>Douglas A. Gwyn wrote, quoting Jerry Coffin:
>
>> > Like Ken, AFAIK, he's never said _anything_ to confirm (or,
>> > admittedly, deny) that it was actually done.
>>
>> I could swear that they have said the experiment was actually done,
>> just that it was not in any of the UNIX distributions.
>
>I could so swear too.

So, sir, did you do it, did Ken, was it a joint project, or
someone altogether different?

-kitten


zentara

unread,
Nov 8, 1999, 3:00:00 AM11/8/99
to

Well, it really dosn't matter to me, because I know how easy it is to
"bug" somone's keyboard; this makes it very easy to get your
key's and passwords. So the "cracking of the code" isn't really
needed. So as to whether the generals at the Joint Chiefs have a
masterkey, it don't matter in terms of practicality.

You would have to come and talk to me in person to get the link
between this and crop circles, it's kind of complicated, ;-).

Harry Neumann

unread,
Nov 8, 1999, 3:00:00 AM11/8/99
to

Not to preempt Dennis Ritchie, but Ken Thompson has commented on this
before: have a look at http://x31.deja.com/getdoc.xp?AN=200800703

--Harry Neumann


Tony Wingo

unread,
Nov 8, 1999, 3:00:00 AM11/8/99
to
In article <MPG.128e9c6e5...@news.mindspring.com>,
jco...@taeus.com (Jerry Coffin) wrote:

>> It's not a UL, it was actually done by Dennis Ritchie on a PDP-11.
>> The compiler had extra code to check when it was recompiling
>> itself and inserted some extra instrucions.
>>
>> It also knew when it was recompiling the Unix "login" source
>> and inserted a back door accordingly.
>

>Somewhere between Urban Legend, and your version above lies the truth.
>The reality is that most of us don't know for sure whether it was ever
>done, and if it was it probably was NOT by Dennis Ritchie.
>
>Ken Thompson gave a talk outlining how you'd do this. TTBOMK, he's
>NEVER said it was actually DONE. Likewise, Dennis Ritchie may easily
>have mentioned this general scheme after Ken's talk, but I've never
>heard him saying anything about involvement in cooking up the scheme.

>Like Ken, AFAIK, he's never said _anything_ to confirm (or,
>admittedly, deny) that it was actually done.

Once, when discussing Thompson's paper on alt.folklore.computers I
received an email from Ritchie stating that Thompson had actually
implemented the Trojan Horse he described.

-t

Dennis Ritchie

unread,
Nov 9, 1999, 3:00:00 AM11/9/99
to
Patrick Juola asked

> So, sir, did you do it, did Ken, was it a joint project, or
> someone altogether different?

If you can't piece together the basic story between
Ken's Turing address and the netnews material dug up
by Gillogly and Harry Neumann, you aren't a very good
reconstructor.

I do wish Ken had spelled "horse" right, but otherwise
his account is accordance with memory.

Dennis

jsa...@ecn.ab.ca

unread,
Nov 9, 1999, 3:00:00 AM11/9/99
to
Jim Gillogly (j...@acm.org) wrote:

: Dennis Ritchie wrote:
: > Douglas A. Gwyn wrote, quoting Jerry Coffin:

: > > > Like Ken, AFAIK, he's never said _anything_ to confirm (or,


: > > > admittedly, deny) that it was actually done.

: > > I could swear that they have said the experiment was actually done,


: > > just that it was not in any of the UNIX distributions.

: > I could so swear too.

: So could Ken. Here's an extract of a note he wrote on
: 23 Apr 1995:

: fyi: the self reproducing cpp was
: installed on OUR machine and we
: enticed the "unix support group"
: (precursor to usl) to pick it up
: from us by advertising some
: non-backward compatible feature.
: that meant they had to get the
: binary and source since the source
: would not compile on their binaries.

: they installed it and in a month or
: so, the login command got the trojan
: hourse. later someone there noticed
: something funny in the symbol table
: of cpp and were digging into the
: object to find out what it was. at
: some point, they compiled -S and
: assembled the output. that broke
: the self-reproducer since it was
: disabled on -S. some months later
: the login trojan hourse also went
: away.

: the compiler was never released
: outside.

So this clears it up; this "backdoor" was never a universal feature of
Unix, but the technique was tested - and at least partially inflicted on
some users as well.

: Jim Gillogly


: Hevensday, 17 Blotmath S.R. 1999, 04:24
: 12.19.6.12.5, 6 Chicchan 13 Zac, Second Lord of Night

Dare I guess you're posting from inside Emacs (which, having these date
capabilities, can safely be assumed to by Y2K compliant...)? Although I
didn't realize that even Emacs handled the Shire Reckoning, but I suppose
that was inevitable. (Since the Third Age is now long in the past,
however, I would have thought the year would be long after 1999 in their
epoch.)

John Savard

Jim Gillogly

unread,
Nov 9, 1999, 3:00:00 AM11/9/99
to
jsa...@ecn.ab.ca wrote:

>
> Jim Gillogly (j...@acm.org) wrote:
>
> : Jim Gillogly
> : Hevensday, 17 Blotmath S.R. 1999, 04:24
> : 12.19.6.12.5, 6 Chicchan 13 Zac, Second Lord of Night
>
> Dare I guess you're posting from inside Emacs (which, having these date
> capabilities, can safely be assumed to by Y2K compliant...)? Although I

I'm not. The Shire Reckoning is done with a Perl program, and the
Mayan is in C. They each run off of a named pipe (fifo) stuffed into
my .signature.

> didn't realize that even Emacs handled the Shire Reckoning, but I suppose
> that was inevitable. (Since the Third Age is now long in the past,
> however, I would have thought the year would be long after 1999 in their
> epoch.)

Yes, the year is whimsical at best. I need to have <some> year so
that it can be seen to be different between Yule and our New Year.

How confident are you that it's <not> 1999 in the current Age, whatever
that may be?

--
Jim Gillogly
Highday, 19 Blotmath S.R. 1999, 16:18
12.19.6.12.7, 8 Manik 15 Zac, Fourth Lord of Night

jsa...@ecn.ab.ca

unread,
Nov 11, 1999, 3:00:00 AM11/11/99
to
Jim Gillogly (j...@acm.org) wrote:
: How confident are you that it's <not> 1999 in the current Age, whatever
: that may be?

A good point, especially considering that Frodo's achievement was intended
as a type of the Crucifixion.

John Savard

CoyoteRed

unread,
Nov 17, 1999, 3:00:00 AM11/17/99
to
zentara said...

> You would have to come and talk to me in person to get the link
> between this and crop circles, it's kind of complicated, ;-).

Everyone knows that crop circles are a hoax, it has to be because
there /are/ no extraterrestrials.

It was done by people from Atlantis.

--
CoyoteRed
CoyoteRed <at> bigfoot <dot> com
http://go.to/CoyoteRed
PGP key ID: 0xA60C12D1 at ldap://certserver.pgp.com


zi...@gulliver.endicott.ibm.com

unread,
Nov 17, 1999, 3:00:00 AM11/17/99
to
Dennis Ritchie (d...@bell-labs.com) wrote:
: Patrick Juola asked

: > So, sir, did you do it, did Ken, was it a joint project, or
: > someone altogether different?

: If you can't piece together the basic story between

: Ken's Turing address and the netnews material dug up
: by Gillogly and Harry Neumann, you aren't a very good
: reconstructor.

: I do wish Ken had spelled "horse" right, but otherwise
: his account is accordance with memory.

: Dennis

If he'd spelled it as 'hource'(sic) instead of 'hourse' (sic)
I'd have called him a good punster rather than an inveterate
Anglophile :-).

0 new messages