Famous paper on security and source code from the '60s or '70s [message #366384] |
Tue, 17 April 2018 04:42 |
|
Originally posted by: Fustbariclation
Famous paper on security and source code from the '60s or '70s
I have been looking, again, for a paper. Unfortunately, I don't recall who wrote it, but it was one of the famous figures in computer science - von Neumann or Knuth, perhaps.
The paper gives a simple demonstration of the difficulty of finding a trapdoor in object code. It's an early pointer to the vital importance of open source.
I'd be grateful if anybody can give the URL of the .pdf of the paper.
|
|
|
Re: Famous paper on security and source code from the '60s or '70s [message #366386 is a reply to message #366384] |
Tue, 17 April 2018 05:04 |
|
Originally posted by: Bob Eager
On Tue, 17 Apr 2018 01:42:57 -0700, Fustbariclation wrote:
> Famous paper on security and source code from the '60s or '70s
>
> I have been looking, again, for a paper. Unfortunately, I don't recall
> who wrote it, but it was one of the famous figures in computer science -
> von Neumann or Knuth, perhaps.
>
> The paper gives a simple demonstration of the difficulty of finding a
> trapdoor in object code. It's an early pointer to the vital importance
> of open source.
>
> I'd be grateful if anybody can give the URL of the .pdf of the paper.
I am not sure if you are thinking of this, because you *could* find the
trapdoor in the object code - but not in the source. It's very
interesting, anyway.
https://dl.acm.org/citation.cfm?id=358210
--
Using UNIX since v6 (1975)...
Use the BIG mirror service in the UK:
http://www.mirrorservice.org
|
|
|
|
Re: Famous paper on security and source code from the '60s or '70s [message #366388 is a reply to message #366384] |
Tue, 17 April 2018 05:46 |
|
Originally posted by: Peter Brooks
On Tuesday, 17 April 2018 10:42:58 UTC+2, Peter Brooks wrote:
> Famous paper on security and source code from the '60s or '70s
>
> I have been looking, again, for a paper. Unfortunately, I don't recall who wrote it, but it was one of the famous figures in computer science - von Neumann or Knuth, perhaps.
>
> The paper gives a simple demonstration of the difficulty of finding a trapdoor in object code. It's an early pointer to the vital importance of open source.
>
> I'd be grateful if anybody can give the URL of the .pdf of the paper.
Thank you both very much! That's exactly the paper.
It's brilliant because it puts it so simply, and it is even more relevant today than it was when written.
|
|
|
Re: Famous paper on security and source code from the '60s or '70s [message #366389 is a reply to message #366388] |
Tue, 17 April 2018 06:16 |
|
Originally posted by: Bob Eager
On Tue, 17 Apr 2018 02:46:30 -0700, Peter Brooks wrote:
> On Tuesday, 17 April 2018 10:42:58 UTC+2, Peter Brooks wrote:
>> Famous paper on security and source code from the '60s or '70s
>>
>> I have been looking, again, for a paper. Unfortunately, I don't recall
>> who wrote it, but it was one of the famous figures in computer science
>> - von Neumann or Knuth, perhaps.
>>
>> The paper gives a simple demonstration of the difficulty of finding a
>> trapdoor in object code. It's an early pointer to the vital importance
>> of open source.
>>
>> I'd be grateful if anybody can give the URL of the .pdf of the paper.
>
> Thank you both very much! That's exactly the paper.
>
> It's brilliant because it puts it so simply, and it is even more
> relevant today than it was when written.
I think that Turing Lecture was based on an earlier paper, which I
remember reading a year or two earlier. I can't find it yet, though.
--
Using UNIX since v6 (1975)...
Use the BIG mirror service in the UK:
http://www.mirrorservice.org
|
|
|
|
|
Re: Famous paper on security and source code from the '60s or '70s [message #366393 is a reply to message #366388] |
Tue, 17 April 2018 07:43 |
Jorgen Grahn
Messages: 606 Registered: March 2012
Karma: 0
|
Senior Member |
|
|
On Tue, 2018-04-17, Peter Brooks wrote:
> On Tuesday, 17 April 2018 10:42:58 UTC+2, Peter Brooks wrote:
>> Famous paper on security and source code from the '60s or '70s
>>
>> I have been looking, again, for a paper. Unfortunately, I don't
>> recall who wrote it, but it was one of the famous figures in
>> computer science - von Neumann or Knuth, perhaps.
>>
>> The paper gives a simple demonstration of the difficulty of finding
>> a trapdoor in object code. It's an early pointer to the vital
>> importance of open source.
>>
>> I'd be grateful if anybody can give the URL of the .pdf of the
>> paper.
>
> Thank you both very much! That's exactly the paper.
Presumably you mean "Reflections on Trusting Trust" by Ken Thompson,
which others mentioned elsewhere in the thread.
/Jorgen
--
// Jorgen Grahn <grahn@ Oo o. . .
\X/ snipabacken.se> O o .
|
|
|
|
|
|
|
Re: Famous paper on security and source code from the '60s or '70s [message #366410 is a reply to message #366409] |
Tue, 17 April 2018 15:08 |
|
Originally posted by: JimP
On Tue, 17 Apr 2018 21:01:01 +0200, Michael Cardell Widerkrantz
<mc@hack.org> wrote:
> Gah! Mistyped the URLs. Sorry!
>
> JimP <solosam90@gmail.com>, 2018-04-17 07:29 (-0500):
>
>> On Tue, 17 Apr 2018 12:59:18 +0200, Michael Cardell Widerkrantz
>> <mc@hack.org> wrote:
>
>>> The original paper is probably "Multics Security Evaluation:
>>> Vulnerability Analysis" by Karger and Schell from 1974:
>>>
>>> http://hack.org/texts/karg74.pdf
>
> http://hack.org/mc/texts/karg74.pdf
>
>>> They wrote a new paper, "Thirty Years Later: Lessons from the Multics
>>> Security Evaluation", that is also worth a read:
>>>
>>> http://hack.org/texts/classic-multics.pdf
>
> http://hack.org/mc/texts/classic-multics.pdf
>
>> 404, not found.
>
> Sorry about that. They are both under my home page with collection of
> interesting documents:
>
> http://hack.org/mc/texts.html
>
> not at the top of the hack.org web server. Sorry again.
I don't see any Multics, nor Security, titled docs there.
|
|
|
|
|
|
|
|
Re: Famous paper on security and source code from the '60s or '70s [message #366445 is a reply to message #366384] |
Wed, 18 April 2018 10:29 |
Charles Richmond
Messages: 2754 Registered: December 2011
Karma: 0
|
Senior Member |
|
|
On 4/17/2018 3:42 AM, Fustbariclation wrote:
> Famous paper on security and source code from the '60s or '70s
>
> I have been looking, again, for a paper. Unfortunately, I don't recall who wrote it, but it was one of the famous figures in computer science - von Neumann or Knuth, perhaps.
>
> The paper gives a simple demonstration of the difficulty of finding a trapdoor in object code. It's an early pointer to the vital importance of open source.
>
> I'd be grateful if anybody can give the URL of the .pdf of the paper.
>
Here is the "... Trusting Trust" paper in pdf form; one where you do
*not* have to be a member of the ACM to download.
https://www.ece.cmu.edu/~ganger/712.fall02/papers/p761-thomp son.pdf
(I hope it is complete...)
--
numerist at aquaporin4 dot com
|
|
|
Re: Famous paper on security and source code from the '60s or '70s [message #366448 is a reply to message #366445] |
Wed, 18 April 2018 11:12 |
|
Originally posted by: Bob Eager
On Wed, 18 Apr 2018 09:29:02 -0500, Charles Richmond wrote:
> On 4/17/2018 3:42 AM, Fustbariclation wrote:
>> Famous paper on security and source code from the '60s or '70s
>>
>> I have been looking, again, for a paper. Unfortunately, I don't recall
>> who wrote it, but it was one of the famous figures in computer science
>> - von Neumann or Knuth, perhaps.
>>
>> The paper gives a simple demonstration of the difficulty of finding a
>> trapdoor in object code. It's an early pointer to the vital importance
>> of open source.
>>
>> I'd be grateful if anybody can give the URL of the .pdf of the paper.
>>
>>
> Here is the "... Trusting Trust" paper in pdf form; one where you do
> *not* have to be a member of the ACM to download.
>
> https://www.ece.cmu.edu/~ganger/712.fall02/papers/p761-thomp son.pdf
>
> (I hope it is complete...)
Strange. The ACM link worked for me. I am an ACM member, but I didn't log
in and it clearly showed that I wasn't logged in.
--
Using UNIX since v6 (1975)...
Use the BIG mirror service in the UK:
http://www.mirrorservice.org
|
|
|
|