carl@CITHEX.CALTECH.EDU (02/11/88)
A week or so ago, the Chaos Computer Club of West Berlin announced that they
were going to trigger trojan horses they'd previously planted on various
computers in the Space Physics Analysis Network. Presumably, the reason for
triggering the trojan horses was to throw the network into disarray; if so,
the threat has, unfortunately, with the help of numerous fifth-columnists
within SPAN, succeeded. Before anybody within SPAN replies by saying
something to the effect of "Nonsense, they didn't succeed in triggering any
trojan horses", let me emphasize that I said the THREAT succeeded. That's
right, for the last week SPAN hasn't been functioning very well as a network.
All to many of the machines in it have cut off network communications (or at
least lost much of their connectivity), specifically in order to avoid the
possibility that the trojan horses would be triggered (the fifth-columnists to
whom I referred above are those system and network managers who were thrown
into panic by the threat). I find this rather amazing (not to mention
appalling) for a number of reasons:
1) By reducing networking activities, SPAN demonstrated that the CCC DOES
have the power to disrupt the network (even if there aren't really any
trojan horses out there);
2) Since the break-ins that would have permitted the installation of
trojan horses, there have been a VMS release (v4.6) that entails
replacement of ALL DEC-supplied images (well, not quite: some layered
products didn't have to be reinstalled; however, there have been new
versions of many layered products since the break-ins). Installation
of the new version of VMS provided a perfect opportunity to purge
one's system of any trojan horses.
3) In addition to giving CCC's claims credibility, SPAN's response to the
threat seems a bit foolish since it leaves open the question "What
happens if the CCC activates trojan horses without first holding a
press conference?".
Hiding from the problem doesn't help in any way that I can see; it merely
makes SPAN (and NASA) look foolish.
Disclaimer: The opinions expressed above are my own, and not necessarily
those of my employers. The opinion of one of my bosses is (at
least in part) that he'd like to regain access to some of the
databases that SPAN's managers have isolated in their panic.