[Info-vax] Have the NSA planted backdoors in VMS ?

[Bill Gunshannon]

On 01/08/2018 05:09 PM, Simon Clubley wrote:
> On 2018-01-08, Stephen Hoffman <seaohveh at hoffmanlabs.invalid> wrote:
>> On 2018-01-08 16:03:20 +0000, dgordonatvsi at gmail.com said:
>>
>>> Please recalibrate your tinfoil hat.
>>
>> Do I think that's what happened here?  No.  Why would an agency
>> deliberately introduce intentional vulnerabilities before the
>> incidental and accidental vulnerabilities become more difficult to
>> locate?   I'd expect attackers have already looked for existing holes
>> too, and this particular hole is a local privilege escalation and not a
>> rather more desirable remote command execution (RCE) flaw.  As an
>> attacker intent on invoking clandestine means to gain access, I'd also
>> want something that led to an RCE, if I was going to go to the effort
>> involved.
>>
> 
> Today that would be true, but this vulnerability was introduced in the
> middle 1980s. At that time, many systems were standalone systems with
> networking being a (very) optional extra.
> 
> Many non-privileged interactive users would be using these systems as
> well. In that environment, a known interactive privilege escalation
> method would be a very valuable thing to have.
> 
> I wonder if SEVMS had the same vulnerability as well ?

Once again, I remind people to read Ken Thompson's "Reflections
on Trusting Trust".   Written and delivered in 1983.  Talks of
a hidden backdoor in Unix from long before that.  Tell me again
how you think it unlikely something like a backdoor could be
put into VMS.

> 
> BTW, let's assume that this was an accident and not a deliberate
> backdoor. That means the next question is: did the NSA find out
> about this during their normal evaluation of systems and then
> decide not to tell DEC about it ?
> 

I think people here give the NSA more credit than they deserve.
They are dangerous, but they are not gods.

bill