Human-Nets-Request%rutgers@brl-bmd.UUCP (Human-Nets-Request@rutgers) (12/23/83)
HUMAN-NETS Digest Thursday, 22 Dec 1983 Volume 6 : Issue 83
Today's Topics:
Query - Split Horizon Routing,
Response to Query- Input Devices,
Computer Security - Passwording (3 msgs),
Computers and People - Big Computer is Watching You &
Augmented Global Consciousness?,
Computer Networks - Usenet <=> Arpanet (2 msgs),
Computers and the Media - EPROMs victim of newspeak?
----------------------------------------------------------------------
Date: Wed 14 Dec 83 22:33:30-EST
From: Robert Montay <MONTAY@COLUMBIA-20.ARPA>
Subject: question about split horizon
Can anyone give me a quick explanation of split horizon routing.
I came across this while reading about digital communication networks.
I have been unable to find background material.
Thanks much,
Bob Montay (MONTAY@COLUMBIA-20)
------------------------------
Date: 15 December 1983 22:20 est
From: Makey.DODCSC at MIT-MULTICS
Subject: Non-QWERTY keyboards
For years I have heard about non-QWERTY keyboards but have
never seen one. In vol. 6 no. 78 of Human-Nets, Stan Barber
mentioned a "DVORAK" keyboard. Assuming that it is one of those
(non-QWERTY) animals, could someone explain (with a translation
table or a diagram) what it looks like? Also, what are the
advantages of such a keyboard?
:: Jeff Makey
------------------------------
Date: 11 Dec 1983 0820-PST
From: CAULKINS%USC-ECL@MINET-CPO-EM
Subject: Passwords
I was involved in setting password rules for one of the systems
I'm on. The results were as follows:
1) Passwords must be at least 6 characters long, and contain at least
one char each from the following sets:
1.1) a-z
1.2) A-Z
1.3) 0-9
1.4) Special characters (#$%^&, etc.)
2) A password must not appear in a dictionary or be a common name.
The result of all these are things with deliberate misspellings,
and 'cutesy' enough to have strong mnemonic properties. An
example of a recently retired password is "n0Ways".
Dave C
PS Ooops - that should have been "n0Ways!"
------------------------------
Date: Thu 15 Dec 83 07:45:55-CST
From: Werner Uhrig <CMP.WERNER@UTEXAS-20.ARPA>
Subject: some suggestions about passwords ...
I don't remember seeing or using a system which really provided any
help to the users in terms of passwords and security.
So here are a few things I thought of, which (I feel) would help:
1) allow me to set a parameter of a certain time-period, after which
the system would, automatically, require me to change the
password.
2) to make longer and unpronouncable passwords more acceptable to me,
allow me to define a prompting sentence which I can request
from the system, when I can't remember the password anymore.
This prompt might be protected by a second password of my
choice, with another, much more stable and simpler password,
and with another prompt, if need be.
After requesting to get a "prompt" from the system, I should
be given only 1 chance (maybe 2) to get things right. The
event should always be reported to the systems support staff,
and if I miss, my account should be deactivated, and the
attempt to login should result in a request to call/appear in
person and should again be captured in a "security-log" which
the support staff should read at great frequency. (!!!)
These and other "strange" events should also be reported to me
by phone or hardcopy.
3) A log of all sessions of my account should be kept in a DB and
available to me online, with facilities for me to scan.
I would like to be able to define a parameter to cause a
report of recent usage at each login. I'd also like to
receive a periodical hardcopy report of usage automatically.
4) As a user of many different systems, but only few I use very
frequently, I would like the password to change after a
certain short time period of nonuse (say a week) to another,
much longer password I get to define for that purpose. That
way, my "dormant" accounts could be protected by a verse of my
favorite poem or song, something not very easy to crack, but
very annoying to type when the account is used frequently but
acceptable when used rarely.
5) I'd like to be able to "booby-trap" certain commands, so that their
use would cause a prompt for a different password, which if
missed, would cause a "security-violation" resulting in
deactivation of the account. The command listing the complete
directory would be a good candidate. Along with that
booby-trap I'd like to be able to define a "personal"
alias-name for the booby-trapped command, which would avoid
that I'd have to provide the password.
Of course these are just half-baked ideas, so, please, don't critisize
them "too" severely, but, on the other hand, maybe, contributing them
will result in some improvements somewhere ( pleaes make footnotes in
the documentation giving me credit :-) )
In summary, I certainly agree with the statements in Greg's message
yesterday, in that I find the password-security set-up in systems I
know "primitive" and lacking imagination. Seems as if nobody ever
tried to improve on the simplistic set-ups inherited from the early
systems. The cause, I believe, is that managers with the power (and,
ergo, responsibility) to change Operating Systems, have not had their
nose rubbed on the grind-stone of criticism enough to make them assign
a wizard to improve things. I think most of us, given the task, could
implement significant improvements. Unfortunately, it seems, that the
manager's manager, would need to have a "technical" understanding to
cause that to happen. Possibly, we are talking here of such
"elevated" managerial levels, who do not get reprimanded ever, but
reassigned or retired, at most, and who need an technical assistant
for any topic not involving use of the company plane.
There you have it.
Always abrasive before my first cup of coffee ...
UUCP: ut-ngp!werner
via {decvax!eagle, ucbvax!nbires, gatech!allegra!eagle,
ihnp4, kpno!ut-sally}
or ihnp4!kpno!utastro!werner )
ARPA: werner@ (utexas or utexas-20 or ut-ngp)
------------------------------
Date: Thu 15 Dec 83 13:47:51-PST
From: Richard Treitel <TREITEL@SUMEX-AIM.ARPA>
Subject: password choice
Other variations on the scheme mentioned by REM (I think) include
taking a real word, or proper name, and permuting the letters, or
replacing each by the next letter in the alphabet, or running the
first half of one word together with the second half of another (as
long as they aren't your parents' first names, I suppose). I favour
permuting the letters in such a way as to produce an easily
pronounceable, or rememberable, or typeable result. It's usually
easy.
- Richard
Before you start trying to guess my password, be warned that the
word[s] out of which it was constructed are (i) proper names; (ii) not
English; (iii) not personally connected with me, but with an
organisation I used to belong to; (iv) most members of that
organisation are not themselves aware of the connection; (v) not all
of (i)-(iv) are true anyway.
------------------------------
Date: 11 December 1983 19:01 est
From: DBrown.TSDC at HI-MULTICS
Subject: Block Modelling for detecting cliques
Well, it could work quite nicely if you don't have a "bcc" command
in your mailer.
I send mail to "person", cc to "associates" and bcc to "my clique".
Bcc means *blind* cc to my mailer, and so the mail carries only the
"to" and "cc" addresses, never the "bcc" ones.
--dave (cliques? I don't belong to any cliques!) brown
------------------------------
Date: 12-Dec-83 12:04 PST
From: Kirk Kelley <KIRK.TYM@OFFICE-2>
Subject: augmented global consciousness
Lets call the process of creating and maintaining the available
knowledge, about the processes controlling the earth, the "global
consciousness". If we add techniques and methodologies for increasing
the capabilities of this process, we have an "augmented global
consciousness". The use of "augment" comes from Doug Engelbart's
experiments to augment the human intellect that led to the invention
of the mouse, etc.
Given that we live in a unique time in the history of communication,
and many of us occupy a unique position for shaping the future
development of communication technology, it may be important for us to
ask, "What techniques and methodologies would lead to the most viable
global consciousness?" To begin a means of focussing R&D on this and
related questions, what if as many of us from around the world as is
feasible, collaborated on a project to simulate the life-time of the
collaboration? Such a simulation would involve potentially infinite
refinement of a model for testing a potentially infinite supply of
theories and proposals that could range from third world modems to the
global mean temperature and human mortality rates.
Simulation, for all its faults, is most useful when focusing research
for a decision analysis and as such could provide a key methodology
for a viable global consciousness. The project itself would be a form
of global consciousness, augmented by the tools of tele-collaborated
simulation. It would be asking itself if itself could become a viable
form of global consciousness.
Does any of this make sense so far?
-- kirk
------------------------------
Date: Thu, 15 Dec 83 10:26:01 EST
From: A.S.Sethi <sethi%udel-eecis1.udeecis@udel-ee.arpa>
Subject: Traffic Problems caused by Mailing Lists
The traffic problem mentioned in today's digest in connection with the
Human-nets/USENET gateway is caused because hundreds of copies of the
same digest are mailed individually to recipients on another network
via a common gateway. As mailing lists grow, and as more networks are
interconnected, this problem is bound to increase. Even within a
single network, there is a waste of resources when many recipients on
the same host receive separate copies of the same digest which have
travelled independently over the network.
This problem could be solved if the mailing system were redesigned
to send only one copy of a message for multiple recipients sharing a
common path (e.g. host, gateway, etc.). The message would carry a list
of addresses, and the host, gateway, etc. would make multiple copies
and fork them out on the different paths. This scheme could be
extended to create a hierarchy of forks in the form of a tree to take
maximum advantage of common paths.
------------------------------
Date: Thu, 15 Dec 83 16:20:57 pst
From: dual!fair@Berkeley
Subject: Re: HUMAN-NETS Digest V6 #82
Re: USENET Gateways
OK, here's the scoop:
For a long time Berkeley was the primary USENET <-> ARPANET gateway,
dating back to the days when @BERKELEY meant the INGRES project
PDP-11/70 running V6 UNIX, and talking to Ernie CoVax over a 9600 baud
BerkNet link.
At the present time, Berkeley is serving as a mail gateway only,
primarily because the netnews software is broken, and there is no one
especially inclined to fix it. By & large, most USENET people have
been good about not directly subscribing to ARPAnet digests, so
excessive traffic has not been a problem, except in a few isolated
cases.
Right now, SRI-UNIX is serving as a USENET gateway for news articles
and digests, with some exceptions. The only articles that we have in
digest form (the `fa' groups) are from these two addresses:
dual!amd70!decwrl!decvax!brl-bmd!Human-Nets-Request@rutgers
dual!amd70!decwrl!decvax!brl-bmd!Telecom-Request@usc-eclc
Clearly, we have been getting HUMAN-NETS and TELECOM through BRL-BMD,
although I don't know if they're forwarding at this very moment...
Things like net.micro (INFO-MICRO) are being gatewayed on a per letter
basis, since the ARPAnet side isn't digested.
Mike Muuss, are you listening?
On a slightly related subject, is there any hope of ARPA officially
recognizing an organized anarchy that is slowly infesting its
beautiful INTERNET? I find it very amusing to note that CSNET, an
officially recognized network has two gateways, and USENET/UUCP, a
`no-one-but-us- chickens' network, has about twenty (or so) gateways
to the INTERNET.
networks are so much FUN,
Erik E. Fair ucbvax!fair fair@ucb-arpa.ARPA
fair@dual.UUCP.BERKELEY.ARPA (maybe?)
dual!fair@BERKELEY (yes!)
{ucbvax,amd70,zehntel,unisoft,onyx,its}!dual!fair
Dual Systems Corporation, Berkeley, California
------------------------------
Date: Tue, 20 Dec 83 8:21:07 EST
From: Mark S. Day <mday@BBN-UNIX>
Subject: EPROMs victim of newspeak?
After the "cellular radio" debacle (a news writer claiming that
cellular radio was so named for the power cells used) I noticed
another example of the butchery of technology by writers not doing
their homework (I think).
>From the Boston Globe, December 15, 1983:
IS OUTER SPACE READY FOR 'NEW WAVE RUBY FALLS?'
[An article describing the plans of Joseph Davis to put a package
on board the space shuttle to paint the sky using ion beams]
[...]
Davis says it will all fit, thanks to technological
miniaturization. For instance, the 14-step program necessary for
the project to function is contained entirely on a single E-prong
computer chip.
[...]
Is there actually such a thing as an E-prong chip, or is it a
sound-alike for EPROM (Erasable Programmable Read-Only Memory)?
Ever vigilant,
--Mark
ARPA: mday@BBN-UNIX
USENET: ...ihnp4!decvax!bbncca!mday
------------------------------
End of HUMAN-NETS Digest
************************