Difference between revisions of "PSWEpisode632"

From Paul's Security Weekly
Jump to: navigation, search
(Description)
(Description)
(One intermediate revision by the same user not shown)
Line 34: Line 34:
 
# 1969 - [https://listverse.com/2018/05/14/10-early-hackers-from-before-the-invention-of-the-home-computer/ RABBITS Was Probably The First Computer Virus: 1969] -  ''The first computer virus in history may have been a program called RABBITS. Nobody knows who made it, and nobody knows why, but whoever it was brought the University of Washington Computer Center down. It was a tiny, inconspicuous program that made copies of itself—breeding, as its name suggested, like rabbits. In 1969, someone installed it onto a computer at the university and let it run. The program made two copies of itself, and then each of those copies made copies until the computer overloaded and stopped working.''
 
# 1969 - [https://listverse.com/2018/05/14/10-early-hackers-from-before-the-invention-of-the-home-computer/ RABBITS Was Probably The First Computer Virus: 1969] -  ''The first computer virus in history may have been a program called RABBITS. Nobody knows who made it, and nobody knows why, but whoever it was brought the University of Washington Computer Center down. It was a tiny, inconspicuous program that made copies of itself—breeding, as its name suggested, like rabbits. In 1969, someone installed it onto a computer at the university and let it run. The program made two copies of itself, and then each of those copies made copies until the computer overloaded and stopped working.''
 
# 1971 - [https://en.wikipedia.org/wiki/Creeper_(program) Creeper and Reaper] - ''Creeper was an experimental computer program written by Bob Thomas at BBN in 1971.[2] Its original iteration was designed to move between DEC PDP-10 mainframe computers running the TENEX operating system using the ARPANET, with a later version by Ray Tomlinson designed to copy itself between computers rather than simply move.[3] This self-replicating version of Creeper is generally accepted to be the first computer worm. The program was not actively malicious software as it caused no damage to data, the only effect being a message it output to the teletype reading "I'm the creeper: catch me if you can". Reaper (program) was a similar program created by Ray Tomlinson to move across the ARPANET and delete the self-replicating Creeper.''
 
# 1971 - [https://en.wikipedia.org/wiki/Creeper_(program) Creeper and Reaper] - ''Creeper was an experimental computer program written by Bob Thomas at BBN in 1971.[2] Its original iteration was designed to move between DEC PDP-10 mainframe computers running the TENEX operating system using the ARPANET, with a later version by Ray Tomlinson designed to copy itself between computers rather than simply move.[3] This self-replicating version of Creeper is generally accepted to be the first computer worm. The program was not actively malicious software as it caused no damage to data, the only effect being a message it output to the teletype reading "I'm the creeper: catch me if you can". Reaper (program) was a similar program created by Ray Tomlinson to move across the ARPANET and delete the self-replicating Creeper.''
 +
# 1973 -  [http://archive.computerhistory.org/resources/text/Oral_History/Metcalfe_Robert_1/Metcalfe_Robert_1_2.oral_history.2006.7.102657995.pdf - ''What had happened was a couple of high school students hacked into the Arpanet through one of the early TIPs. A TIP [Terminal IMP] was a way to dial into a Telnet program so you could then log in to any of the computers on the Arpanet. Imagine that! And some high school students, as I recall they were probably in Los Angeles around UCLA, somewhere like that, managed to find out the phone number. No one was keeping it a secret. Acoustically coupled modems were the big thing in those days, and so these high school kids got into some of the computers and did some mischief. They caught my attention, so I wrote this 602 RFC saying “Look out! Trouble!” ''
 +
## [https://tools.ietf.org/html/rfc602 RFC 602 The Stockings Were Hung by the Chimney with Care] - ''Individual sites, used to physical limitations on machine access, have not yet taken sufficient precautions toward securing their systems against unauthorized remote use.  For example, many people still use passwords which are easy to guess:  their fist names, their initials, their host name spelled backwards, a string of characters which are easy to type in sequence (e.g. ZXCVBNM).''
 
# 1986 - [https://www.floridatechonline.com/blog/information-technology/a-brief-history-of-cyber-crime/ A Brief History of Cyber Crime] - ''In 1986 the systems administrator at the Lawrence Berkeley National Laboratory, Clifford Stoll, noted certain irregularities in accounting data. Inventing the first digital forensic techniques, he determined that an unauthorized user was hacking into his computer network. Stoll used what is called a “honey pot tactic,” which lures a hacker back into a network until enough data can be collected to track the intrusion to its source. Stoll’s effort paid off with the eventual arrest of Markus Hess and a number of others located in West Germany, who were stealing and selling military information, passwords and other data to the KGB.''
 
# 1986 - [https://www.floridatechonline.com/blog/information-technology/a-brief-history-of-cyber-crime/ A Brief History of Cyber Crime] - ''In 1986 the systems administrator at the Lawrence Berkeley National Laboratory, Clifford Stoll, noted certain irregularities in accounting data. Inventing the first digital forensic techniques, he determined that an unauthorized user was hacking into his computer network. Stoll used what is called a “honey pot tactic,” which lures a hacker back into a network until enough data can be collected to track the intrusion to its source. Stoll’s effort paid off with the eventual arrest of Markus Hess and a number of others located in West Germany, who were stealing and selling military information, passwords and other data to the KGB.''
 
# 1988 - [https://www.energysociety.org/the-history-of-cyber-security.html THE HISTORY OF CYBERSECURITY] -  ''a man named Robert Morris had an idea: he wanted to gauge the size of the internet. To do this, he wrote a program designed to propagate across networks, infiltrate Unix terminals using a known bug, and then copy itself. This last instruction proved to be a mistake. The Morris worm replicated so aggressively that the early internet slowed to a crawl, causing untold damage. The worm had effects that lasted beyond an internet slowdown. For one thing, Robert Morris became the first person successfully charged under the Computer Fraud and Abuse Act (although this ended happily for him – he’s currently a tenured professor at MIT). More importantly, this act also led to the formation of the Computer Emergency Response Team (the precursor to US-CERT), which functions as a nonprofit research center for systemic issues that might affect the internet as a whole.'' [https://en.wikipedia.org/wiki/Morris_worm Morris Worm]
 
# 1988 - [https://www.energysociety.org/the-history-of-cyber-security.html THE HISTORY OF CYBERSECURITY] -  ''a man named Robert Morris had an idea: he wanted to gauge the size of the internet. To do this, he wrote a program designed to propagate across networks, infiltrate Unix terminals using a known bug, and then copy itself. This last instruction proved to be a mistake. The Morris worm replicated so aggressively that the early internet slowed to a crawl, causing untold damage. The worm had effects that lasted beyond an internet slowdown. For one thing, Robert Morris became the first person successfully charged under the Computer Fraud and Abuse Act (although this ended happily for him – he’s currently a tenured professor at MIT). More importantly, this act also led to the formation of the Computer Emergency Response Team (the precursor to US-CERT), which functions as a nonprofit research center for systemic issues that might affect the internet as a whole.'' [https://en.wikipedia.org/wiki/Morris_worm Morris Worm]

Revision as of 16:55, 3 December 2019

Recorded December 19, 2019 at G-Unit Studios in Rhode Island!

Episode Audio



DevOps and Securing Applications

Description

Guests

Hosts

Resources

Security vs. Compliance

Description

Guests

Hosts

Resources

Security History - Lessons from the past

Description

  1. 1969 - RABBITS Was Probably The First Computer Virus: 1969 - The first computer virus in history may have been a program called RABBITS. Nobody knows who made it, and nobody knows why, but whoever it was brought the University of Washington Computer Center down. It was a tiny, inconspicuous program that made copies of itself—breeding, as its name suggested, like rabbits. In 1969, someone installed it onto a computer at the university and let it run. The program made two copies of itself, and then each of those copies made copies until the computer overloaded and stopped working.
  2. 1971 - Creeper and Reaper - Creeper was an experimental computer program written by Bob Thomas at BBN in 1971.[2] Its original iteration was designed to move between DEC PDP-10 mainframe computers running the TENEX operating system using the ARPANET, with a later version by Ray Tomlinson designed to copy itself between computers rather than simply move.[3] This self-replicating version of Creeper is generally accepted to be the first computer worm. The program was not actively malicious software as it caused no damage to data, the only effect being a message it output to the teletype reading "I'm the creeper: catch me if you can". Reaper (program) was a similar program created by Ray Tomlinson to move across the ARPANET and delete the self-replicating Creeper.
  3. 1973 - - What had happened was a couple of high school students hacked into the Arpanet through one of the early TIPs. A TIP [Terminal IMP was a way to dial into a Telnet program so you could then log in to any of the computers on the Arpanet. Imagine that! And some high school students, as I recall they were probably in Los Angeles around UCLA, somewhere like that, managed to find out the phone number. No one was keeping it a secret. Acoustically coupled modems were the big thing in those days, and so these high school kids got into some of the computers and did some mischief. They caught my attention, so I wrote this 602 RFC saying “Look out! Trouble!”
    1. RFC 602 The Stockings Were Hung by the Chimney with Care - Individual sites, used to physical limitations on machine access, have not yet taken sufficient precautions toward securing their systems against unauthorized remote use. For example, many people still use passwords which are easy to guess: their fist names, their initials, their host name spelled backwards, a string of characters which are easy to type in sequence (e.g. ZXCVBNM).
  4. 1986 - A Brief History of Cyber Crime - In 1986 the systems administrator at the Lawrence Berkeley National Laboratory, Clifford Stoll, noted certain irregularities in accounting data. Inventing the first digital forensic techniques, he determined that an unauthorized user was hacking into his computer network. Stoll used what is called a “honey pot tactic,” which lures a hacker back into a network until enough data can be collected to track the intrusion to its source. Stoll’s effort paid off with the eventual arrest of Markus Hess and a number of others located in West Germany, who were stealing and selling military information, passwords and other data to the KGB.
  5. 1988 - THE HISTORY OF CYBERSECURITY - a man named Robert Morris had an idea: he wanted to gauge the size of the internet. To do this, he wrote a program designed to propagate across networks, infiltrate Unix terminals using a known bug, and then copy itself. This last instruction proved to be a mistake. The Morris worm replicated so aggressively that the early internet slowed to a crawl, causing untold damage. The worm had effects that lasted beyond an internet slowdown. For one thing, Robert Morris became the first person successfully charged under the Computer Fraud and Abuse Act (although this ended happily for him – he’s currently a tenured professor at MIT). More importantly, this act also led to the formation of the Computer Emergency Response Team (the precursor to US-CERT), which functions as a nonprofit research center for systemic issues that might affect the internet as a whole. Morris Worm

Guests

Hosts

Resources