[SIGCIS-Members] FW: computer security history

William McMillan wmcmillan at emich.edu
Wed Mar 14 10:48:42 EDT 2012


"Googling suggests z/OS probably has been hacked, just not in the world
view of guys from Compuware."

Of course whether a particular system has been hacked is not the issue.  I
mention systems like Multics, the IBM System/360, and VMS to point out how
much relatively advanced design and implementation had been done in
computer security long before concerns were raised or discussed by people
outside of the computing professions.

And I'll buy dinner for anyone who can hack into the mainframes at
Compuware, Auto-Owners Insurance, Blue-Cross-Blue-Shield, Trintity Health,
or any other modern firm that depends on these platforms for doing "real"
computing.

- Bill

On Wed, Mar 14, 2012 at 8:53 AM, <SIGCOS at bobf.frankston.com> wrote:

>
>
> -----Original Message-----
> From: Tom Van Vleck [mailto:thvv at multicians.org]
> Sent: Monday, March 12, 2012 12:38
> To: Bob Frankston
> Subject: Re: [SIGCIS-Members] computer security history
>
> The history of computer security has been extensively studied.
> have them start with
>   http://csrc.nist.gov/publications/history/
>
> Many "historians" are only interested in information that is in
> hardbound books, preferably written by other "historians."
> Most of these books pick some story, and then pick facts that
> support the story.
>
> z/OS is a descendant of CP/CMS.  Googling suggests z/OS probably has
> been hacked, just not in the world view of guys from Compuware.
>
> The phrase "digital pearl harbor" belongs to the History of Hype
> which is also worth studying, but is only tangentially related
> to computer security.
>
>
> On Mar 11, 2012, at 10:40 PM, Bob Frankston wrote:
>
> > Multics again ... perhaps I should also forward this to Jerry Saltzer
> >
> > -----Original Message-----
> > From: members-bounces at sigcis.org [mailto:members-bounces at sigcis.org] On
> > Behalf Of William McMillan
> > Sent: Sunday, March 11, 2012 18:04
> > To: members at sigcis.org
> > Subject: Re: [SIGCIS-Members] computer security history
> >
> > Jon, et al.
> >
> > There might be some value in looking into the history of Multics, the
> > IBM System/360, and DEC VAX/VMS.  These were systems built from the
> > ground up with security in mind, even at the hardware level for
> > address-space protection.
> >
> > I'm sure there are other good cases, but these come to mind.
> >
> > I believe that Peter J. Denning's work on operating systems would also
> > be related.
> >
> > We had a mainframe guy from Compuware come in recently to talk to
> > students about current mainframes, which amount almost totally to the
> > IBM z Systems, descendants of the 360/370.  When someone asked about
> > security, he said forget about it. No one's ever hacked a z System.
> >
> > There's this whole, heavy-duty, bullet-proof world of hyper-secure
> > systems, and then the swamps and tangles most of us live in that
> > evolved from Unix, MS-DOS, the 8086, the Mac OS and other jury-rigged
> > OSs and hardware architectures.
> >
> > - Bill
> >
> > On 3/11/12, Jon Lindsay <jrlindsay at ucsd.edu> wrote:
> >> Hello all,
> >> I have the feeling that the history of computer security, from hacking
> >> techniques to the evolution of the information security industry to
> >> fearmongering over cybersecurity, is a somewhat understudied area. I
> have
> >> seen some work on the development of government policy and threat
> framing
> >> (i.e., by Myriam Dunn Cavelty) but I'm less aware of anything on the
> >> evolution of the technical and industrial dark arts. If there is some
> good
> >> work out there, I would love to see it.
> >> Bonus points if you can tell me when the awful phrase "digital pearl
> >> harbor" first appeared!
> >> Cheers,
> >> Jon
> >>
> > _______________________________________________
> > This email is relayed from members at sigcis.org, the email discussion list
> of
> > SHOT SIGCIS. The list archives are at
> http://sigcis.org/pipermail/members/
> > and you can change your subscription options at
> > http://sigcis.org/mailman/listinfo/members
> >
>
>
> _______________________________________________
> This email is relayed from members at sigcis.org, the email discussion list
> of SHOT SIGCIS. The list archives are at
> http://sigcis.org/pipermail/members/ and you can change your subscription
> options at http://sigcis.org/mailman/listinfo/members
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://sigcis.org/pipermail/members/attachments/20120314/ef98acfe/attachment-0044.html>


More information about the Members mailing list