Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP Path: utzoo!mnetor!seismo!rochester!ken From: ken@rochester.arpa (Ken Yap) Newsgroups: misc.headlines,comp.misc Subject: Re: Re: Hacker Scholarship Message-ID: <456@sol.ARPA> Date: Sun, 5-Jul-87 12:41:33 EDT Article-I.D.: sol.456 Posted: Sun Jul 5 12:41:33 1987 Date-Received: Sun, 5-Jul-87 21:15:09 EDT References: <532@houxa.UUCP> <183@dana.UUCP> <1211@ius2.cs.cmu.edu> Reply-To: ken@rochester.UUCP (Ken Yap) Organization: U of Rochester, CS Dept, Rochester, NY Lines: 22 Xref: mnetor misc.headlines:858 comp.misc:798 | case 1. (Source OS class) Linear password decomposition algorithm. | | Two very interesting utilities in a certain unknown OS combined to | provide a technique of decoding any password in linear time respective | of the length of the password. The utilities were a facility | for determining when a page fault occurred in a application | program so that the user could finely tune a program preformance | and the other happened to be the password untility and the way | in which it was coded. The password function read in a character | at a time and compared it to the system password. If the given | character didn't match, the password function would jump to another | place in the program causing a page fault, then continue reading the | rest of the password. One can obviously see how the method | works. Type in a character, see if there is a page fault. | If so, start again with new character else look for next | character in password. The fix to the problem is also obvious, | that is read the whole password before testing to see if it | matches the system password. This is described in Hints for System Designers by Butler Lampson. Ken