die@hydra.UUCP (Dave Emery) (11/07/85)
Many modern CRT's include EEPROM or battery backed up CMOS ram to store configuration information, function key strings and the like. Almost all use some common microprocessor as a controller increasingly often running out of cheap socketed EPROMs. These components make a sinister combination in the hands of the wrong person. It should not be difficult to hack the terminal firmware to recognize login sequences and the like and quietly save a copy of the username/password pair in EEPROM or backup ram. And a more diabolical hacker could make the terminal appear to die a few hours after it captured the root password so it would get shipped back to be repaired (or swapped with another from a less secure area) where it could be read out. Are you sure the terminals you use haven't been tampered with ? Programming micros isn't all that difficult, EPROM programmers are increasingly common and available, and disassembly tools and debuggers are available for most micros. In some academic settings such hacking used to be common. (Perhaps I'm just getting old and the current generation doesn't do such things any more). In any case in business settings where almost everyone has a terminal on his desk that is more or less exactly the same as everyone elses this does represent a means of breaking into a system. David I. Emery Charles River Data Systems 617-626-1102 983 Concord St., Framingham, MA 01701. uucp: decvax!frog!die