Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Path: utzoo!mnetor!seismo!rochester!ken
From: ken@rochester.arpa (Ken Yap)
Newsgroups: misc.headlines,comp.misc
Subject: Re: Re: Hacker Scholarship
Message-ID: <456@sol.ARPA>
Date: Sun, 5-Jul-87 12:41:33 EDT
Article-I.D.: sol.456
Posted: Sun Jul  5 12:41:33 1987
Date-Received: Sun, 5-Jul-87 21:15:09 EDT
References: <532@houxa.UUCP> <183@dana.UUCP> <1211@ius2.cs.cmu.edu>
Reply-To: ken@rochester.UUCP (Ken Yap)
Organization: U of Rochester, CS Dept, Rochester, NY
Lines: 22
Xref: mnetor misc.headlines:858 comp.misc:798

|	case 1. (Source OS class)  Linear password decomposition algorithm.
|
|	Two very interesting utilities in a certain unknown OS combined to
|	provide a technique of decoding any password in linear time respective
|	of the length of the password.  The utilities were a facility
|	for determining when a page fault occurred in a application
|	program so that the user could finely tune a program preformance
|	and the other happened to be the password untility and the way
|	in which it was coded.  The password function read in a character
|	at a time and compared it to the system password.  If the given
|	character didn't match, the password function would jump to another
| 	place in the program causing a page fault, then continue reading the
|	rest of the password.  One can obviously see how the method
|	works.  Type in a character, see if there is a page fault.
|	If so, start again with new character else look for next 
|	character in password.  The fix to the problem is also obvious,
|	that is read the whole password before testing to see if it
|	matches the system password.

This is described in Hints for System Designers by Butler Lampson.

	Ken