Beta

Slashdot: News for Nerds

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

How Allan Scherr Hacked Around the First Computer Password

timothy posted more than 2 years ago | from the used-his-onion dept.

Security 89

New submitter MikeatWired writes "If you're like most people, you're annoyed by passwords. So who's to blame? Who invented the computer password? They probably arrived at MIT in the mid-1960s, when researchers built a massive time-sharing computer called CTSS. Technology changes. But, then again, it doesn't, writes Bob McMillan. Twenty-five years after the fact, Allan Scherr, a Ph.D. researcher at MIT in the early '60s, came clean about the earliest documented case of password theft. In the spring of 1962, Scherr was looking for a way to bump up his usage time on CTSS. He had been allotted four hours per week, but it wasn't nearly enough time to run the detailed performance simulations he'd designed for the new computer system. So he simply printed out all of the passwords stored on the system. 'There was a way to request files to be printed offline by submitting a punched card,' he remembered in a pamphlet (PDF) written last year to commemorate the invention of the CTSS. 'Late one Friday night, I submitted a request to print the password files and very early Saturday morning went to the file cabinet where printouts were placed and took the listing.' To spread the guilt around, Scherr then handed the passwords over to other users. One of them — J.C.R. Licklieder — promptly started logging into the account of the computer lab's director Robert Fano, and leaving 'taunting messages' behind."

cancel ×

89 comments

More on CTSS (5, Interesting)

Anonymous Coward | more than 2 years ago | (#38847477)

CTSS is notable for a lot of things. Like having the first e-mail, and the first spam.

http://opinionator.blogs.nytimes.com/2011/06/19/did-my-brother-invent-e-mail-with-tom-van-vleck-part-one/

The first documented hacking occurred earlier, to make certain networking-esque programs work.

PRIVACY IS THEFT! (1)

Jeremiah Cornelius (137) | more than 2 years ago | (#38847483)

Or something like that.

Re:PRIVACY IS THEFT! (-1, Troll)

Ethanol-fueled (1125189) | more than 2 years ago | (#38847531)

The summary:

To spread the guilt around, Scherr then handed the passwords over to other users. One of them â" J.C.R. Licklieder â" promptly started logging into the account of the computer lab's director Robert Fano, and leaving 'taunting messages' behind."

Is that our own [slashdot.org] JCR? Only a pompous faggot would have the letters "J," "C," and "R" in their username.

Re:PRIVACY IS THEFT! (0)

Anonymous Coward | more than 2 years ago | (#38847661)

Jesus ChRist!

Re:PRIVACY IS THEFT! (0)

Anonymous Coward | more than 2 years ago | (#38848033)

Better than A.P.K. Dickleader

Learn your history... (5, Informative)

Gription (1006467) | more than 2 years ago | (#38849271)

J. C. R. Licklider is about the most important person in the development of the Internet. He worked in the Pentagon and had three different dedicated terminals to three different systems in his office and each had its different connection procedure. He asked the question of "Why can't these things be connected together?" (probably to save office space...)
He took his question across the hall and in 5 minutes had the funding to start what became the ARPAnet. He was as close as the computer world gets to an expeditionary explorer.
In other words: He funded the startup of the Internet.

For a really great read get a copy of "Where Wizards Stay Up Late: The Origins Of The Internet". Besides learning about the incredible minds that built the foundations, you can read a number of entertaining anecdotes. (Like AT&Ts refusal to believe that it was possible long after it was working!!!)

Re:Learn your history... (2)

SteveFoerster (136027) | more than 2 years ago | (#38849823)

In other words: He funded the startup of the Internet.

Well, he, my parents, and all the other American taxpayers at the time. But as government projects go, it does seem to have turned out rather well.

Penis (-1)

Anonymous Coward | more than 2 years ago | (#38847485)

my penis is best penis ^.^

so penis penis penis

Re:Penis (2, Informative)

Anonymous Coward | more than 2 years ago | (#38848005)

Warning! Your password is too short.

Hacked (-1, Offtopic)

Anonymous Coward | more than 2 years ago | (#38847489)

Oh yeah, that's right Anonymous Coward, I printed your password. Better believe it.

Re:Hacked (2)

bejiitas_wrath (825021) | more than 2 years ago | (#38848533)

Is it true that if you type your password in a posting on /. it will be asterisked out?

Re:Hacked (0)

Anonymous Coward | more than 2 years ago | (#38848991)

hunter2

No I can see it.

Re:Hacked (2)

Canazza (1428553) | more than 2 years ago | (#38849001)

yeah, it is, If I type in "God" it gets asterisked out for me, but when I log out it shows in clear text. It's an easy way to remember your password if you forget it! Just find one of your old posts that you typed your password into!

submitter maths fail (1)

RalfM (10406) | more than 2 years ago | (#38847511)

Twenty-five years after the fact?

Try fifty...

Re:submitter maths fail (5, Informative)

MightyYar (622222) | more than 2 years ago | (#38847529)

I know I shouldn't tell someone with a 5-digit id to RTFA, but here I go anyway... FTFA:

Scherr left MIT in May 1965 to take a job at IBM, but 25 years later he confessed to Professor Fano in person. “He assured me that my Ph.D. would not be revoked.”

Re:submitter maths fail (4, Funny)

martin-boundary (547041) | more than 2 years ago | (#38847797)

He assured me that my Ph.D. would not be revoked

Uh, uh. But now the DHS knows what he did...

Re:submitter maths fail (1)

houstonbofh (602064) | more than 2 years ago | (#38847817)

But it was before they wrote any computer crime statutes, so he is good.

Re:submitter maths fail (1)

rapidreload (2476516) | more than 2 years ago | (#38849419)

He assured me that my Ph.D. would not be revoked

Uh, uh. But now the DHS knows what he did...

Allan Scherr: [holds up his doctorate] Ph.D immunity!

[DHS slowly rolls its head on its neck, takes aim, and fires - his bullet goes through Allan's wallet, and then his head]

DHS: It's just been revoked!

Re:submitter maths fail (4, Insightful)

93 Escort Wagon (326346) | more than 2 years ago | (#38847955)

I know I shouldn't tell someone with a 5-digit id to RTFA, but here I go anyway... FTFA:

Scherr left MIT in May 1965 to take a job at IBM, but 25 years later he confessed to Professor Fano in person. “He assured me that my Ph.D. would not be revoked.”

Okay, so to sum up:

Slashdot just posted a 25-year-old story.

Re:submitter maths fail (1)

fotoguzzi (230256) | more than 2 years ago | (#38850003)

I know I shouldn't tell someone with a 5-digit id to RTFA, but here I go anyway... FTFA:

Scherr left MIT in May 1965 to take a job at IBM, but 25 years later he confessed to Professor Fano in person. “He assured me that my Ph.D. would not be revoked.”

Okay, so to sum up:

Slashdot just posted a 25-year-old story.

Actually, a 22-year-old story about an incident which took place 25 years previously. Something to tell your grandkids about.

Re:submitter maths fail (1)

hawk (1151) | more than 2 years ago | (#38860281)

You must be new around here . . . :)

hawk

Re:submitter maths fail (1)

osu-neko (2604) | more than 2 years ago | (#38848903)

I know I shouldn't tell someone with a 5-digit id to RTFA...

Yeah, you should. These younger users are often hard of reading...

Re:submitter maths fail (0)

Anonymous Coward | more than 2 years ago | (#38851239)

so whens the 3 digi gonna tell you to get off his lawn?

Re:submitter maths fail (1)

Zibodiz (2160038) | more than 2 years ago | (#38848311)

What are you talking about? My mom was born in the early '60s, and everyone knows she's 25. Just ask her!

Re:submitter maths fail (2)

pjt33 (739471) | more than 2 years ago | (#38848841)

If you think that's impressive, TFS also says that CTSS was built in the "mid-1960s", and Scherr stole the password file "in the early '60s", specifically "in the spring of 1962". Hacking into a system that hasn't been built yet is pretty impressive. I wasn't surprised when I checked the "editor" and saw that it was Timothy.

'hacking' (-1, Troll)

girlintraining (1395911) | more than 2 years ago | (#38847513)

And so it has been throughout history that whenever an adult takes another adult's toys, they scrawl sexual missives and taunts out to the first adult. Children, being much less mature than adults, feel guilty and turn themselves in, and then share the toy in question.

I can see the advent of the personal computer has done nothing to change this basic dynamic: The older you get, the less responsible with other people's things you become. By the time you're in your mid to late 30s, reaching the epoch of your career, you're probably regularly destroying company property, selling our shareholders, pissing in the sink of the unisex handicap stall (after taking a nice fat dump of course!), and generally misusing everything that's there for you to share with others.

I guess then you should be really careful with your password, otherwise some middle-aged pathologically irresponsible dude will throw feces at it, I guess, is my only point. :}

Re:'hacking' (-1, Troll)

Ethanol-fueled (1125189) | more than 2 years ago | (#38847617)

5/10.

Less Ellen Degeneres and more A. Wyatt Mann. Context also harms your post - regular readers know that your persona is that of a lesbian, hence your username, and your starting off talking about toys only evokes fantasies of lesbian roommates fighting over their communal dildos. Instead of fighting over "Red Rex," why not just go buy another Red Rex? Or, better, go buy a double-sided Red Rex so that you can share with a stranger without mixing juices with them.

I guess then you should be really careful with your password, otherwise some middle-aged pathologically irresponsible dude will throw feces at it, I guess, is my only point.

I guess you should be really careful with your troll posts, otherwise some middle-aged pathologically irresponsible dude will throw critical feces at them.

Re:'hacking' (1)

houstonbofh (602064) | more than 2 years ago | (#38847821)

Bitter much?

Re:'hacking' (1)

jimmydevice (699057) | more than 2 years ago | (#38847921)

You sound like a slashdot type girl-in-training.

Fantasy vs Reality (0)

Anonymous Coward | more than 2 years ago | (#38847945)

Fantasy: Strawberry Panic!
Reality: girlintraining

what is a password? (0)

j-stroy (640921) | more than 2 years ago | (#38847519)

On a telephone switch is a phone number a password?

In encryption is a keyphrase a password?

Regarding a bank account is your signature a password?

Is the file system address to a specific terminal a password?

I am so confuse.

Re:what is a password? (4, Interesting)

pbjones (315127) | more than 2 years ago | (#38847573)

it's a route, the way to connect to your phone. A password is more like a key, if you have one then you can get into your whatever.

Worst password/pin. A telephone system at a major event many years ago, each journalist was given a unique 4 digit pin, they enter it and get dialtone and dial. Took about 10 seconds for them to workout that they could just pump in 4 digit codes until they got dial tone and they were then using other peoples accounts. Or the Video store software that stored passwords in plain text in a file called PW.TXT.

Re:what is a password? (2)

Quince alPillan (677281) | more than 2 years ago | (#38847651)

....or the crippleware my high school used on Windows 98 to prevent unauthorized users from modifying anything. Except, it allowed the user to set the wallpaper from Internet Explorer, but not the display console.

Fun ensued when the students set the goatse man as the wallpaper and the teachers couldn't change it because they didn't have the password.

I quickly learned that the password was stored in plain text in the registry (that I could view, but not edit) and would change the wallpaper back to a blank background.

Re:what is a password? (1)

bartoku (922448) | more than 2 years ago | (#38847699)

While the registry trick was a nice find, why not just use Internet Explorer to set the wallpaper to something else?

Re:what is a password? (1)

Quince alPillan (677281) | more than 2 years ago | (#38849439)

Because you had to set the wallpaper to something with Internet Explorer. They wanted the background to be a solid blue. Typically, I would set the wallpaper using Internet Explorer to remove the offending image and then set it to blue afterwords.

Re:what is a password? (1)

Sulphur (1548251) | more than 2 years ago | (#38849667)

Because you had to set the wallpaper to something with Internet Explorer. They wanted the background to be a solid blue. Typically, I would set the wallpaper using Internet Explorer to remove the offending image and then set it to blue afterwords.

The blue screen background of happiness.

Re:what is a password? (1)

wierd_w (1375923) | more than 2 years ago | (#38847779)

Sadly, when I was a tyke in HS, we were the last pre-internet generation.

However, hilarity *did* ensue when I showed the other gifted kids how to change the desktop pictures and system sounds on the native powermacs the school was using.

Never did I ever imagine the inventiveness that schoolkids could invoke from something as horrible as clarisworks.... never in a million years. It was like graphitti in a newyork subway. Every workstation in the school was vandalized in a different and unique way.

It wasn't long afterward that some serious lockout smackdowns happened.

Re:what is a password? (1)

EETech1 (1179269) | more than 2 years ago | (#38848527)

The gifted kids getting to spend extra (un-monitored) time in the computer lab was a great idea. We were the only ones that could make it work anyways.

With practically no one having a computer, much less a clue how to use it, the teachers needed input on how to incorporate them into a class, so they let us have our way with it, to figure out what a student could do with it. Which lessons were fun, any thoughts on what a 6th grade kid could put in a database. How come this won't save. We were middle school IT department #1.

They gave us access to all the documentation, even the teachers editions to help figure out how it all worked. Networked Apple ][ GS with the school server and Appletalk network.

One of the girls came up with a diary, so part of what everyone did for computer class was keep a diary on your floppy disk, and we used to copy them over appletalk after the class would start working on something else:)

Miss Irene, My floppy drive is running, oh it stopped, never mind.

Thank goodness we RTFM and knew everything our new computer lab could do, and were given a few hours a day access to it with no one but ourselves to watch us.

Ahhh The Memories...
Of my entire middle school, still on a floppy in my firesafe! In a database:)

Which reunion will I bust that out at:)

Cheers!

Re:what is a password? (1)

pjt33 (739471) | more than 2 years ago | (#38848843)

Do you have a floppy drive in that safe too? If not, rush out to the shops now.

Re:what is a password? (1)

EETech1 (1179269) | more than 2 years ago | (#38849869)

Not in the safe, but in my box o goodies. Too bad you couldn't buy a good one for the last 10 years or so. Mine is fairly new, but I've seen plenty of them die under very light use. Just don't build them the same when you don't run them for 6 hours straight installing the OS from 49 different disks:)

I did try reading them in my old DOS box, and they still worked! I copied them into my circle of backups so I have the data in more than one place now!

Cheers

Re:what is a password? (1)

Fancia (710007) | more than 2 years ago | (#38851753)

Glad you backed them up. Floppies have a pretty short lifespan! Worries me when I see people keeping around old floppies assuming they'll be able to get the data off them later when they eventually want to.

Why is a password not a route (1)

j-stroy (640921) | more than 2 years ago | (#38848075)

A phone number could be considered a "key" to a specific phone

Re:Why is a password not a route (0)

Anonymous Coward | more than 2 years ago | (#38848471)

A password is a key to a lock: it doesn't help you find where it belongs, but it lets you in once you get there. A phone number is an address.

Rant (-5 insightful) (-1, Offtopic)

UnresolvedExternal (665288) | more than 2 years ago | (#38847555)

Is this the Slashdot without CmdrTaco?

Bloody hell, I am even RTFA's now - and that was the most yawnworthy bullshit I have subjected my tired eyes to in a long time

Anyone care to let me know where all those wise intellegnt people that I used to enjoy reading have gone to?

Under the spreading chestnut tree....

Re:Rant (-5 insightful) (0)

UnresolvedExternal (665288) | more than 2 years ago | (#38847583)

Gee - modded down within 30 seconds - hit a nerve there did I?

Re:Rant (-5 insightful) (1)

UnresolvedExternal (665288) | more than 2 years ago | (#38847623)

All your mod points are belong to me!

Re:Rant (-5 insightful) (1)

Anonymous Coward | more than 2 years ago | (#38847665)

Yeah, a nerve among people who can't stand smug idiots.

Re:Rant (-5 insightful) (2)

datavirtue (1104259) | more than 2 years ago | (#38848277)

It is true. /. has taken a nose dive in intelligence. Just look at me, my karma has shot through the roof. Back in the day I couldn't get a word in edgewise.

Re:Rant (-5 insightful) (5, Informative)

Anonymous Coward | more than 2 years ago | (#38847629)

Re:Rant (-5 insightful) (1)

UnresolvedExternal (665288) | more than 2 years ago | (#38847701)

Hats of to you AC; and with an XKCD reference no less!

Re:Rant (-5 insightful) (1)

Ethanol-fueled (1125189) | more than 2 years ago | (#38847723)

Being serious here - On what date was that cartoon posted?

Re:Rant (-5 insightful) (0)

Anonymous Coward | more than 2 years ago | (#38848475)

2007-08-10 according to the mouseover on the Archive page.

Re:Rant (-5 insightful) (1)

EETech1 (1179269) | more than 2 years ago | (#38848553)

That date seems about right...

I can't get off your lawn good sir, it seems your lawn's long gone, quite sure...

Re:Rant (-5 insightful) (1)

colinrichardday (768814) | more than 2 years ago | (#38849985)

The cartoon on 1/27/12 was numbered 1009. This means that that cartoon was 708 cartoons ago. There are three xkcd cartoons a week, which puts it 236 weeks ago. That is about four years and 28 weeks ago, which would put it roughly July of 2007.

I wish he hadn't published this... (4, Funny)

Alien Being (18488) | more than 2 years ago | (#38847683)

The next thing you know, cardpunches will be declared to be terrorist tools.

Re:I wish he hadn't published this... (3, Funny)

dbc (135354) | more than 2 years ago | (#38847845)

A card punch launched from a trebuchet could do some serious damage. They are big and heavy.

Tell you what, though, the chad is an *outstanding* terrorist tool :) Going through the student keypunch room with a garbage bag, emptying all the chad bins, gets you enough annoying confetti to last a long time. Go through somebody's closet, and put chad in every pocket of everything he owns. Months later he will still be picking the stuff out. Sprinkle it liberally into the pages of various books. And 2 or 3 handfuls in the bed is always a winner.

My sister the artist still laments the passing of card punches. Back in the days of card punches she was into paper mache, and the chad makes excellent paper mache, and is zero labor. Just chuck a few handfuls into the paste and get to work.

Re:I wish he hadn't published this... (0)

Anonymous Coward | more than 2 years ago | (#38848059)

A card punch launched from a trebuchet could do some serious damage. They are big and heavy.

But they have poor external ballistics; if you have iron or stone roundshot available, the card punch might better serve as a counterweight...

Re:I wish he hadn't published this... (1)

datavirtue (1104259) | more than 2 years ago | (#38848289)

Oh.... the pedantry

Re:I wish he hadn't published this... (0)

Anonymous Coward | more than 2 years ago | (#38850837)

It's a trebuchet counterweight, so it's actually pendantry.

Re:I wish he hadn't published this... (0)

Anonymous Coward | more than 2 years ago | (#38849055)

In Soviet Russia, card punches launch trebuchets

Reminds me of an old IBM joke (1)

Kupfernigk (1190345) | more than 2 years ago | (#38850001)

From the paper data days. Journalist visits IBM. As he ascends, the floors get more and more luxurious. On the ground floor are the helots in accounts keeping track of the piles of money. On the first floor are the punching and verifying rooms. On the second floor are the computer operators. On the third floor are the programmers. On the fourth floor are the analysts. On the fifth floor are the system architects. On the sixth floor are the computer scientists. On the 7th floor are the research fellows. On the 8th floor are the managers. On the 9th floor is the VP suite. On the 10th floor is the office of the chief executive. On the 11th floor is a penthouse suite. There is an enormous teak desk at which sits a man gazing into space. The journalist asks his guide "Who's he?". "He's the man that found a use for chads."

Re:I wish he hadn't published this... (1)

ceoyoyo (59147) | more than 2 years ago | (#38850417)

I once saw the cab of a pickup entirely stuffed full of them....

Re:I wish he hadn't published this... (1)

datavirtue (1104259) | more than 2 years ago | (#38848283)

I just got a visual of Osama bin Ladin crouched down in a cave sheepishly holding a punchcard up to a camera and mouthing the words "Fuck you."

Re:I wish he hadn't published this... (0)

Anonymous Coward | more than 2 years ago | (#38848513)

I, on the other hand, now have a visual of Osama bin Laden being eaten by crabs at the bottom of the Arabian sea.

allen (0)

turkeydance (1266624) | more than 2 years ago | (#38847733)

ludden?

... and not many people know that (1)

goldaryn (834427) | more than 2 years ago | (#38847811)

Robert Fano's password was hunter2 [bash.org] . True* fact.

Re:... and not many people know that (0)

Anonymous Coward | more than 2 years ago | (#38847831)

i c wut u did thar.

Re:... and not many people know that (1)

PhunkySchtuff (208108) | more than 2 years ago | (#38848067)

but that just shows up as *******

So... (1)

Anonymous Coward | more than 2 years ago | (#38847819)

"Taunting Messages"... so he was anonymous and did it for the lulz?

Spreading the guilt (3, Funny)

Dan East (318230) | more than 2 years ago | (#38847823)

Back in high school our band performed at EPCOT, and that night, to keep all the kids in their hotel rooms, the chaperones put tape on each door. If a student left their room, then the tape on the outside of the door would be broken loose and they would get in trouble. However there was a fatal flaw. Late that night when we were sneaking around the hotel, we simply removed the tape from a dozen other rooms.

Re:Spreading the guilt (1)

black6host (469985) | more than 2 years ago | (#38847873)

Back in high school our band performed at EPCOT, and that night, to keep all the kids in their hotel rooms, the chaperones put tape on each door. If a student left their room, then the tape on the outside of the door would be broken loose and they would get in trouble. However there was a fatal flaw. Late that night when we were sneaking around the hotel, we simply removed the tape from a dozen other rooms.

An excellent example of how when we pay attention to the obvious, someone else has a different interpretation of obvious. A cause of many a security breach, I'm sure.

There was a way to request files to be printed of (0)

Anonymous Coward | more than 2 years ago | (#38847917)

'There was a way to request files to be printed offline by submitting a punched card,'

Thanks to the damn full disclosure clowns...
Oracle had to finally acknowledge that same bug with their systems and should have a patch ready for this next year.

Wait wait wait (0)

Anonymous Coward | more than 2 years ago | (#38848107)

I thought we didn't have any computers until NASA invented them in 1969? You know, because bouncing around on the moon in asbestos underwear was just sooo important?

Reminds me of middle school (0)

Anonymous Coward | more than 2 years ago | (#38848129)

When I was in middle school, there was only a handful of computers. The teachers of the day were all luddites. The program with everyones marks was on a 5.25" floppy disk in plain sight... labeled with the name of the program.

First keylogger? (5, Interesting)

djchristensen (472087) | more than 2 years ago | (#38848329)

I'm sure not the first time it happened, but while in college in the mid '80s, the computer lab was set up with 68k-based evaluation boards to use for embedded systems programming assignments. The boards had two serial ports, one to the ASCII terminal and another to the Sun server. The boards normally operated in a transparent pass-through mode when they weren't being used, and a hot-key was used to access the board directly.

We realized that we could easily install code to look for "login:" and "password:" coming from the server and catch the replies and save them in memory. We'd check back towards the end of the day and harvest the results. We were on very good terms with the head of the CS department, so when we told him about our little exploit and proved it with his password, he was more amused than anything else.

We didn't keep or use any of the passwords, but thinking back on it, it could have been quite lucrative to sell them to a certain group of CS students who were quite prone to cheating. Those were the ones that you could put their assignment printouts together (I worked as a TA for a while) and hold them up to the light to see they were identical except for the variable names. One of them also set fire to the pile of final assignments that had been left on the floor outside a professor's office in a 100+ year old building, figuring if nobody's assignment got turned in, the professor couldn't grade them (yeah, too dumb to realize all those programs were still on the server). That was a very narrowly avoided tragedy. Ah, memories.

Re:First keylogger? (1)

audubon (577473) | more than 2 years ago | (#38849997)

At my university during the early '80s, each student's VAX-11/780 username and password both consisted of the student's Social Security number. When exam results were posted on the bulletin board, they were listed by SSN.

Re:First keylogger? (1)

mannd (841376) | more than 2 years ago | (#38852651)

On the Dartmouth Time Sharing System GE-200 series computer, I wrote a program that emulated the login using BASIC. I left it running on teletypes for users to login to. When the user hit Enter a control character was printed which turned off the teletype (I forget what control character that was) and the data was saved in a file. This was in 1969. I collected a bunch of user names and passwords just for fun. I think it was a fairly early password stealing program. Hopefully statue of limitations has run out by now.

By 1970, the FBI was arresting hackers (3, Interesting)

Anonymous Coward | more than 2 years ago | (#38848401)

When I was attending a small techical college which had government contracts, one student got passwords to several research accounts and used them for homework and for the primitive games of the time. He started with guessing simple ones and shoulder surfing. After a couple of catch-and-release sequences, he seemed to self-destruct. He started running CPU and memory intensive do-nothing programs to deliberately tie up the computer. He was finally arrested, expelled, tried, convicted, and jailed.
He was sure proud he could do it. He was sure resentful that computer time wasn't free.

Re:By 1970, the FBI was arresting hackers (0)

Anonymous Coward | more than 2 years ago | (#38850011)

Your story sounds fishy. What federal computer laws did he break back then in the 70's? What the the name of the school? What was the name of the alleged hacker?

Re:By 1970, the FBI was arresting hackers (1)

reynaert (264437) | more than 2 years ago | (#38851333)

Computer crimes used to be prosecuted as "theft of electricity".

ITS didn't have passwords (0)

Anonymous Coward | more than 2 years ago | (#38848417)

ITS, the successor to CTSS, didn't even have passwords. I guess they learned their lesson.

the login 2 step (1)

bzipitidoo (647217) | more than 2 years ago | (#38848545)

A while back I was curious about the origin of the customary way of logging in by first entering a user ID/name, then entering in your password. Where was this first done? Why that order? Why not ask for the password first, or ask for only the password? Maybe it used to be done differently? I knew of Multics, and thought there might be older OSes. A bit of searching turned up CTSS, and the source code. I looked at enough of the CTSS source to see that it did the login 2 step we all know.

What I'm not sure of is how it handled incorrect input. Haven't gone through the source enough to suss that out. I think if a nonexistent user ID was given, those early systems would not ask for a password, they would reject the input on the spot. Today, systems always ask for passwords before rejecting a login attempt, so that a cracker can't use the login to find valid user IDs.

User IDs were not supposed to be secret information suitable for use in authentication. You kind of needed to know them in order to send messages to other users. Now people are frequently advised to keep their usernames secret, and the username has degenerated into being part of the password.

CTSS may be the origin of the login 2 step that we still do today. That's a legacy I feel has been uncritically accepted for far too long.

Re:the login 2 step (2)

Novus (182265) | more than 2 years ago | (#38848677)

The problem with using only passwords to log in is that you then have to prevent users from having the same password. This can lead to serious security implications as discussed in this article [thedailywtf.com] .

Re:the login 2 step (1)

bzipitidoo (647217) | more than 2 years ago | (#38849767)

This is not a technically hard problem. The way they did it in that story you linked was terrible. Perhaps the simplest way to solve it is to have the system generate part or all of every password, instead of letting (or making?) users create their own passwords. Naturally, the system is programmed to make sure its part is unique.

However, that solution might not be so good from a social point of view. I thought a half and half approach might work. The user makes their own password, however weak, and the system adds to it. And rather than a short string of gibberish, the system picks a few real words and short numbers to add to the password, something like "smith0001", which is easier for a person to remember, though writing it down is not discouraged. (Why did we ever have any system that limited passwords to no more than 8 characters, which forces the use of hard to remember gibberish to achieve strength?) A scheme like what I outlined could scale to millions of accounts without collision problems.

And thus... (1)

metacell (523607) | more than 2 years ago | (#38848971)

To spread the guilt around, Scherr then handed the passwords over to other users. One of them — J.C.R. Licklieder — promptly started logging into the account of the computer lab's director Robert Fano, and leaving 'taunting messages' behind."

And thus, the first trolling was born.

J.C.R. Licklieder?!? (1)

dtmos (447842) | more than 2 years ago | (#38849255)

Um, no. J.C.R. Licklider [memex.org] .

I think the submitter copied the typo in the title of this blog [wordpress.com] . But really! It's not like he's some unknown guy.

Passcode to the planet (0)

Anonymous Coward | more than 2 years ago | (#38849613)

Ok, ok, I'll tell you the passcode to the planetary defense grid. It's "1", "2", "3", "4", "5".

Check for New Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Create a Slashdot Account

Loading...