In a recent note, john gilmore said: > Date: Sat, 19 Aug 2006 15:14:20 +0000 > > There are ways to do what you want to do. They would be APARable as z/OS > security breaches if they werje described in sufficient detail to be usable. > > The presence of bank vaults in the world means that there must also be > locksmiths in it who can open them, and I suppose that there is a similar > rationale for the skills needed to breach z/OS, but this is a public forum > in which I for one do not think we should facilitate such operations by > unknown people. > Certainly any system is breachable by:
o Brute force attack on a password. o Physical access to the system. But that's ineffective if the sensitive data are suitably encrypted; it devolves to a password attack. If you are aware of further ways that "would be APARable", I'll suggest that it's your ethical responsibility, not to disclose them or even hint of their existence in a pubic forum, but to initiate the APAR. I'd guess Walt F. could suggest secure channels for a PMR that contains information that shouldn't even be known to IBM L1. (But how do we know that we can trust what Walt appears to say, any more than the E-mails I regularly receive telling me I must log in to revalidate my account) Or are you suggesting that IBM by "a similar rationale" delivers systems with intentional back doors, perhaps for use by service personnel, perhaps master passwords? I'm sure that there are sites which insist on means to seal any such back doors. And perhaps other organizations, outside IBM, which insist, with considerable coercion, that such back doors be left in systems delivered to all customers other than themselves. Hmmm. I wonder if there's an incompleteness theorem, akin to Gödel's Proof, that any sufficiently complex system contains at least one back door? -- gil -- StorageTek INFORMATION made POWERFUL ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
