Computer historians crack passwords of Unix's early pioneers

Originally published at: https://boingboing.net/2019/10/10/descrypt-considered-harmful.html

7 Likes

Every one of those dudes right now:

24 Likes

Keeping the hashed passwords in a publicly readable file was just begging for trouble.

7 Likes

Years ago (1991ish) I had an account at Project gnu at MIT and I remember poking about at Richard Stallmans account out of curiosity as I noticed he actually had no password. I mean you just could type in RMS and then I realized he had a shell that was a blank file in his home directory so I thought it was just some sort of token account for him and nobody could log in.

I look at the blank file and it was wold writable so all you had to do it cat a shell into it and just log in as him with no password.

I was too polite to do that though, really different times.

13 Likes

Mid 90’s one of my CIS classmates worked in the school library doing IT related tasks. Whenever he found a terminal that someone forgot to log out, he had a script he would add to their profile that would give them some scare text, when they logged in next, that their account was left unlocked and had been taken over. It then walked them through removing the script and reminded them to always log out when using public terminals.

15 Likes

For some reason, I feel an almost uncontrollable urge to play Zork…:nerd_face:

10 Likes

At least nobody went the ‘bigwilly69’ route.

‘really different times’ indeed.

5 Likes

“p/q2-q4!”, whille readable, is a form of chess notation that abolutely no one ever used.

3 Likes

In other words, queen’s pawn to queen’s pawn 4. Standard notation would just be “d4”.

I like that he added the “!” which denotes an especially smart move, a designation not normally given on the first move of the game.

9 Likes

the entire Descrypt keyspace—which, due to practical limitations, was about 249 in 1979

That “249” makes a lot more sense in the source doc.

2 Likes

I thought so too, but according to the googles, it’s the notation used by the computer chess program that he himself wrote!

10 Likes

Stuart Feldman always did axlotl questions…

6 Likes

Apparently Stallman was just morally opposed to passwords:

When MIT’s Laboratory for Computer Science (LCS) installed a password control system in 1977, Stallman found a way to decrypt the passwords and sent users messages containing their decoded password, with a suggestion to change it to the empty string (that is, no password) instead, to re-enable anonymous access to the systems.

(from WIkipedia)

7 Likes

FWIW, Ken Thompson’s password was cracked by Nigel Williams per this email, not Arthur Krewat as noted in the article.

2 Likes

And someone was using the password ‘cowperso[n]’. Early furry?

3 Likes

Standard notation would just be “d4”.

This was 1979, when descriptive notation was not unheard of.

3 Likes

http://man.cat-v.org/unix-1st/6/chess

A move is specified by the from co--ordinate followed bythe `to' co--ordinate. Thus the white P--K4 move would be `e2e4'. The black P--K4 would be `e7e5'. The following commands are recognized by the chessprogram:
....
move x Make the move regardless of legality. This is a good way to either set up a desired situation or to cheat.The initial move `e2e8x' is a winner.

written by ken thompson in 1971

5 Likes

Passwords are one of the banes of my life. I have so many of them. I gave up trying to remember more than a couple of them years ago. Consequently, computer crashes are cause for real concern. I took melatonin to help me sleep once - it did, but I couldn’t remember my correct bank pin number the next day and was locked out of my account for days. Arrgh!

6 Likes

Well, at least he’s consistent.

1 Like

What’s really interesting is you could then look for other places this pw was used… doing a hash in that direction is fine. this technique has been used to track APT actors

2 Likes