252 Security
and, after cracking the system, makes it is relatively easy to create holes to
allow future reentry.Cryptic Encryption
Encryption is a vital part of computer security. Sadly, Unix offers no built-
in system for automatically encrypting files stored on the hard disk. When
somebody steals your Unix computer’s disk drive (or your backup tapes), it
doesn’t matter how well users’ passwords have been chosen: the attacker
merely hooks the disk up to another system, and all of your system’s files
are open for perusal. (Think of this as a new definition for the slogan open
systems.)Most versions of Unix come with an encryption program called crypt. But
in many ways, using crypt is worse than using no encryption program at
all. Using crypt is like giving a person two aspirin for a heart attack.
Crypt's encryption algorithm is incredibly weak—so weak that several
years ago, a graduate student at the MIT Artificial Intelligence Laboratory
wrote a program that automatically decrypts data files encrypted with
crypt.^2We have no idea why Bell Laboratories decided to distribute crypt with
the original Unix system. But we know that the program’s authors knew
how weak and unreliable it actually was, as evidenced by their uncharacter-
istic disclaimer in the program’s man page:
BUGS: There is no warranty of merchantability nor any warranty of
fitness for a particular purpose nor any other warranty, either express
or implied, as to the accuracy of the enclosed materials or as to their
suitability for any particular purpose. Accordingly, Bell Telephone
Laboratories assumes no responsibility for their use by the recipient.(^2) Paul Rubin writes: “This can save your ass if you accidentally use the “x” com-
mand (encrypt the file) that is in some versions of ed, thinking that you were
expecting to use the “x” command (invoke the mini-screen editor) that is in other
versions of ed. Of course, you don’t notice until it is too late. You hit a bunch of
keys at random to see why the system seems to have hung (you don’t realize that
the system has turned off echo so that you can type your secret encryption key), but
after you hit carriage-return, the editor saves your work normally again, so you
shrug and return to work.... Then much later you write out the file and exit, not
realizing until you try to use the file again that it was written out encrypted—and
that you have no chance of ever reproducing the random password you unknown-
ingly entered by banging on the keyboard. I’ve seen people try for hours to bang the
keyboard in the exact same way as the first time because that’s the only hope they
have of getting their file back. It doesn’t occur to these people that crypt is so easy
to break.”