Mark Damon Hughes Phil Agre's Virus Rant [Parental Advisory: Explicit Lyrics] [about]


Date: Sat, 3 Apr 1999 17:48:54 -0800 (PST)
From: Phil Agre <pagre@alpha.oac.ucla.edu>
To: Red Rock Eater News Service <rre@lists.gseis.ucla.edu>
Subject: [RRE]virus FAQs

[In response to my message calling for a rain of worms upon NT, one person noted that NT was modeled heavily on the prototypical 1970's operating system, namely VMS, which I have to grant. He also argued that the main problem was with lousy applications, but I think that's a half-truth. The reason I get so upset about all of these security breaches is that they make me feel old.

More than half my life ago, I started programming in Univac 1100 series assembler. I even wrote an industrial-strength virtual memory system, interrupt handlers and all, for an operating system that had no such thing. This machine, first a Univac 1108 and then an 1100/43, if I recall correctly, was designed for batch operation. Its interactive command line system was a kludge designed to simulate Hollerith cards. Its hard memory was unimaginably vast at 256K words. And it ran a time-sharing operating system that routinely handled forty users.

The thing is, that OS's security was rock-solid. I hacked the daylights out of it, and it never even occurred to me that I could cause anything approaching the havoc that people are routinely warned about in radio headlines today. I crashed it once, maybe, but in the usual way, by overflowing a table. The closest I ever got to breaching security was my brilliant scheme for circumventing the memory-use limitations that the computer center imposed during the day -- 56K words, if I remember correctly. When I did this, of course, the system operators simply called me on the phone and told me to knock it off.

This machine couldn't have had the power of a Pentium. When I first starting using it, it had magnetic core memory and a frigging *rotating magnetic drum* for mass storage. But still it was vastly more reliable than any machine to which I have access today. The great majority of computer users have never known such a machine. That level of security and reliability is science fiction so far as they can tell. They live in a world in which it is normal for operating systems and applications programs to be designed to run random bits of computer code that they pull down from the net, and to do so with absolutely no security protections at all.

So far as these normal people can tell, the earth was created with Word macro viruses in it (stop and think about that -- viruses in *Word macros* -- what ignominy!), and you'd never know from reading the paper that it is possible for a program to check ahead of time whether it is about to overflow a stack. This is not just a technical issue; it's a social justice issue. It would be entirely feasible for us to have software that works, but instead we have a whole generation of entrenched software standards that seem as if designed to induce powerlessness, dependency, and self-blame among non computer experts. We should be ashamed.

That's why I'm calling on the virus writers of the world to wreck it all, so that we can throw it all away, back up a few decades, and start over. NT is better, I admit, but it's still a mess, and it doesn't fix the applications. Our standards are too low. Consider: When I was in school we spent much of our spare time comparing notes on the fundamental shoddiness of Unix. Simson Garfinkel and friends gathered those notes into the very funny UNIX-HATERS book (qv). Now, however, Unix is the gold standard for operating systems, the basis for comparison when evaluating something like NT. That's how far we've regressed. Believe it or not, letting several programs from different sources all run on your machine without trashing anything sensitive or interfering with one another was a *solved problem* over thirty years ago!

Am I just having a bad week? I don't think so. For more like this, see <http://w3.one.net/~sunlion/linuxriot.html>.] 

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
This message was forwarded through the Red Rock Eater News Service (RRE).
Send any replies to the original author, listed in the From: field below.
You are welcome to send the message along to others but please do not use
the "redirect" command.  For information on RRE, including instructions
for (un)subscribing, see http://dlis.gseis.ucla.edu/people/pagre/rre.html
or send a message to requests@lists.gseis.ucla.edu with Subject: info rre
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

Last modified: 99Apr03
Created

Links:


+-Mark Damon Hughes: Software Gallery
+-Mark Damon Hughes: Software Gallery Blog
+-@mdhughes on Twitter
+-
iPhone Games:
+-Castles: Strategy wargame for the iPhone.
+-DungeonDice: Tabletop RPG dice roller for the iPhone.
+-Nexus Worlds: Multiplayer Online Adventure Game for the iPhone.
+-
Computer Games:
+-Perilar: Adventures in the Dragon Kingdoms.
+-Hephaestus: Computer RPG construction kit.
+-GameScroll: Simple interactive fiction authoring.
+-Aiee!: "An Interactive Environment Engine" text adventure system.
+-Umbra: Post-apocalpytic computer RPG.
+-
Utilities:
+-JICB: Portable ICB client written in Java.
+-ThoughtPad: A tiny note-taking utility.

Site Pages:


+-Audio
+-Blank page
+-Camera
+-Cyberpunk
+-Game Design
+-Hacker
    +-Java
    +-NetRexx
    +-Python
+-Hello Kitty
+-Quotes
+-Religion
+-RPG
    +-The Bomb
    +-DUDE
    +-G.P.A.
    +-Phobos
    +-SIX WORD RPG!
    +-Weapons
    +-What's Wrong
  With AD&D?
+-Text
    +-H.Beam Piper
    +-Snow Crash
+-Universal Search
+-Video
+-Videogames
+-Virus Warning

Blog Archive
Blog Topics:


+-News
+-Cocoa
+-Mac
+-Media
+-Personal
+-Quotes
+-Religion
+-Roleplaying
+-Science
+-SecondLife
+-Society
+-Software
+-Toys
+-Web

Feedback  | Key: ] =local file, * =off-site link  | Copyright © 2003-2005 by Mark Damon Hughes | Subscribe with RSS 2.0
This site was created with Vim :wq