AWPSYS@RITVAX.BITNET (06/09/87)
>when di g i t a l >sold us VMS they billed it as a secure (C2) operating system, and we >bought it as such. No they didn't...Only VMS 4.3 has received C2 classification. The classifications do NOT automatically progress forward. DEC must re-submit each version that they wish to hold the classification. (As far I can tell V4.3 is still a safe version and is not affected by this problem) As for distributing the actual patch to the network, I feel that aside from any legal ramifications that may exist, this is a risky act because, while it is not readily obvious from the patch, it is possible to take the patch information and a listing of the image (From the fiche or a disassembly from the PATCH Utility) and get a VERY good idea of what is going on. DEC is giving the patch that Ed distributed to the net ONLY to those customers who call CSC and ask for it prior to getting the mandatory update. The mandatory Update is different. If you look at the mandatory update closely, you will see that they replace the entire image and then invoke patch to verify that ECO levels 1 through 6 are in place. In addition, they stripped the patch text from the image in order to make reverse engineering it much more difficult. (Try ANAL/IMAGE and you will see). The patch only has ECO levels 1 through 5 set. I suspect that ECO 6 is a not as important fix that will be showing up in 4.6. Finally my two bits about this discussion. I generally disagree with discussion of security related matters in a public forum. Those VMS sites who are not fortunate enough to be able to read INFO-VAX are at ever increasing risk until they apply the update. Unfortunately this discussion has carried on to the point where all INFO-VAX readers are fully aware of the problem. (And hopefully ALL INFO-VAX system managers have applied the patch or the mandatory update.) Andrew Potter Rochester Institute of Technology.
cetron%ced@CS.UTAH.EDU.UUCP (06/09/87)
one of things issues I had to come to terms with was whether or not the patch could be reverse engineered. after reading it and the fiche it was quite obvious that if it could be reverse engineered, one of the following two conditions needed to be met: 1. the reverse engineer would need to have access to the fiche, in which case the fiche is actually sufficient WITHOUT the patch. 2. the guy is a true genius, and patch or no patch this guy has already hacked your system into submission. -ed