Holes in the Armor 253Further, Bell Laboratories assumes no obligation to furnish any assis-
tance of any kind whatsoever, or to furnish any additional informa-
tion or documentation.Some recent versions of Unix contain a program called des that performs
encryption using the National Security Agency’s Data Encryption
Standard. Although DES (the algorithm) is reasonably secure, des (the
program) isn’t, since Unix provides no tools for having a program verify
des’s authenticity before it executes. When you run des (the program),
there is no way to verify that it hasn’t been modified to squirrel away your
valuable encryption keys or isn’t e-mailing a copy of everything encrypted
to a third party.
The Problem with Hidden Files
Unix’s ls program suppresses files whose names begin with a period (such
as.cshrc and.login) by default from directory displays. Attackers exploit
this “feature” to hide their system-breaking tools by giving them names
that begin with a period. Computer crackers have hidden megabytes of
information in unsuspecting user’s directories.
Using file names that contain spaces or control characters is another pow-
erful technique for hiding files from unsuspecting users. Most trusting
users (maybe those who have migrated from the Mac or from MS-Win-
dows) who see a file in their home directory called system won’t think
twice about it—especially if they can’t delete it by typing rm system. “If
you can’t delete it,” they think, “it must be because Unix was patched to
make it so I can’t delete this critical system resource.”
You can’t blame them because there is no mention of the “system” direc-
tory in the documentation: lots of things about Unix aren’t mentioned in
the documentation. How are they to know that the directory contains a
space at the end of its name, which is why they can’t delete it? How are
they to know that it contains legal briefs stolen from some AT&T computer
in Walla Walla, Washington? And why would they care, anyway? Security
is the problem of the sysadmins, not them.
Denial of Service
A denial-of-service attack makes the computer unusable to others, without
necessarily gaining access to privileged information. Unlike other operat-
ing systems, Unix has remarkably few built-in safeguards against denial-