Skip

Ancient OS may be the best weapon against hackers.
June 7, 2002 6:46 AM   Subscribe

Ancient OS may be the best weapon against hackers. I thought this was great, aging Operating Systems such as Solaris and older versions of Mac Os are becoming valuable tools against electronic attacks, simply because they *are* older. (Anyone got the full set of floppies for System 7?) Link from RobotWisdom
posted by jeremias (27 comments total)

 
I've got an Apple IIe with a 5.25 floppy I've been saving to hold my super-secret data. When I get some.
posted by UncleFes at 7:02 AM on June 7, 2002


Yes, I do, 7.1 to be exact. I just don't have a floppy drive anymore, except in that old Quadra in the garage.
posted by cowboy at 7:02 AM on June 7, 2002


Actually I have been using this approach. but with a slightly different twist for years. Instead of ancient software, I use ancient hardware. Truth is that even a sun workstations from 10 years ago is more than enough to do my mail/dns/www. Since most exploits involve a assembly portion (and at least 90% of those exploits are for x86 hardware), I'm nearly invulnerable to script kiddies with my sun 4m architecture.

That's not to say that I don't try to keep the boxes secure. However, when other boxes on the network running the same versions of software get 0w/\/3|), I'm seem to always dodge the bullet.
posted by betaray at 7:30 AM on June 7, 2002


This article was discussed on slashdot and pretty thoroughly debunked.
posted by srboisvert at 7:31 AM on June 7, 2002


The fact that you have to jump through hoops to turn on root access and no sharing is enabled by default on OSX is good enough for me, thankyouverymuch.

(Combined with good passwords and other basic precautions, of course)
posted by jragon at 7:35 AM on June 7, 2002


This article was discussed on slashdot and pretty thoroughly debunked.

I'm not sure about that. Slashdotters often conflate a server's security with an encryption algorithm's security. Encryption security is evaluated in absolutes: any liability means the encryption has been compromised.

A server's security is somewhat different: slowing down an attacker - having an obscure system - can help improve security. But it won't do much for a system that is full of holes. This slashdot comment advocates security through obscurity, but just doesn't name it as such (if the poster had called it security through obscurity, the unwashed slashdot masses probably would have modded the post to -1, troll instead of 5, interesting).

It's sort of like living in a safer neighborhood. Your house might not be any more secure against a criminal bent on stealing your TV, but there's a lower chance of anyone trying.
posted by Llama-Lime at 8:01 AM on June 7, 2002


Want obscure, huh? Let's really throw 'em: Bring back Multics!
posted by alumshubby at 8:21 AM on June 7, 2002


Bring back Multics!

It's so obscure, we can't even show you the URL!
posted by Danelope at 8:29 AM on June 7, 2002


<chuckle>

There's plenty of information available about the MULTiplexed Information and Computing Service.

And, unlike 'Unicians", "Multicians" caught on. :-)
posted by baylink at 8:39 AM on June 7, 2002


For some reason the article reminded me of the Navajo Code-Talker Program utilized in World War 2. The Navajo native language was unbreakable mainly due to it's complexity and lack of written documentation. (Plus the fact that there were so few speakers).

In a similar way, it seems the lack of available documentation and the obscurity of older OS's can be seen as strengths.

I love themes like this, I'm sure some sci-fi authors have picked up on this concept.
posted by jeremias at 8:43 AM on June 7, 2002


[sarcasm] Great, my host just upgraded to the latest and greatest in the middle of the night last night with no prior warning. I guess that makes everything ok even though PHP and MySQL are broken. [/sarcasm]

Maybe I should give them my copy of Mac OS 8.
posted by password at 8:47 AM on June 7, 2002


They're my host too, and I've been bugging them for days to fix my PHP/MySQL setups. I'd do it myself, but I can't even log into my site anymore!

Sorry for the OT rant.
posted by laz-e-boy at 9:10 AM on June 7, 2002


"This article was discussed on slashdot and pretty thoroughly debunked."

Not really....people were talking about the inherent security issues with running x86 hardware with modern OS's.
posted by mkelley at 9:21 AM on June 7, 2002


[OFF-TOPIC]

Laz-e-boy, that sucks. I just got access to my site & database. They'd reset all the CHMOD settings. At least everything's back up for me. I'm gonna do a dump of my database while I'm thinking about it.

I hope they fix you up soon.

Sorry for the OT chat.
posted by password at 9:43 AM on June 7, 2002


There's a lot of merit in this, if security is more important to you than maintainability. If it's a set-and-forget type of installation, that balance is easily reached.
posted by dhartung at 9:44 AM on June 7, 2002


I have AOL 2.7 on an Apple fro 1990. Works fine for e-mail. Browser even allows me to read, but not post on Mefi. Sorry, members: no chance of it becoming my only computer.
posted by ParisParamus at 10:03 AM on June 7, 2002


On old Primos systems, you could bypass the login security by typing a bunch of ctrl-D's for password, so if you knew a login name, you could get in.

And once you got in, any user was able to write a C (or Pascal, this was college days, heh) program that called the system-library for processing user-logins, and request the unencrypted password for any user.

Obscure, yes.
Secure, no.

The idea that old systems are going to be harder to find info on seems silly, seeing as we can still find my posts to alt.tv.simpsons from 1992 on google groups....
posted by nomisxid at 10:11 AM on June 7, 2002


Anyone got the full set of floppies for System 7?
You can download the disk images from Apple, gratis. Of course, if you're really serious about security, you'll want System 6.0.8. ;)
posted by darukaru at 11:26 AM on June 7, 2002


Obscure, yes.
Secure, no.


Totally agree. We have OS/2 Warp 3 running some obscene version of Btrieve (yes, I said the B-word). While a script kiddie running a probe might not be able to decipher it from a Unix box, it is more than a hassle to perform data recovery. Any OS, no matter how obscure, has the potential of being breached by a more experienced and focused hacker. The one thing I'm thankful of however, is that the OS/2 is immune to the latest virii and internet worms. (great, now I'm thinking about that btrieve engine again...ah panic)
posted by samsara at 11:26 AM on June 7, 2002


I wouldn't recommend system 6 for the Mac. They changed APIs in system 7, without backwards compatibility. I would really recommend system 8.6 . It's stable, reliable and secure, and it doesn't have the carbonation for OS X going on. You can run ASIP on it, and you can install it up to the blue and white G3 hardware and any black G3 powerbook.
posted by schlaager at 12:02 PM on June 7, 2002


mmmmmhhhh ;)

yeah ok so it uses linux as a go-between...
posted by slater at 1:45 PM on June 7, 2002


I wonder how smart of a move this is, if you're dependant on some old version of software you better make sure there aren't any upatched holes in it, because if it hasn't been patched by now it will never be. Unless you're planning on patching it.

Script kiddies can only enter through known and published security holes. This doesn't seem to protect system security as much as it protects horrible implementations and bad admins.
posted by skallas at 1:54 PM on June 7, 2002


Or you know, use OpenBSD.
posted by daveadams at 2:28 PM on June 7, 2002


I'm sorry, OpenBSD.
posted by daveadams at 2:28 PM on June 7, 2002


Security thru obscurity may be an answer, but I seriously doubt it's the right one. I knew of a guy running older versions of several UNIX daemons who thought because he was doing so he was more secure against the kiddies who look for the new exploits. That worked for a while, but someone turned around, found an exploit for almost every bit of software he was running and royally owned him.

The sad fact is no system is ever a hundred percent secure. I doubt seriously that any system ever will be... Besides, security thru obscurity is one of the worst models to adapt and I'd suggest smacking yourself upside the head for thinking it's a good idea.

The best soloution is staying on top of your system and patching what needs to be patched when said patches come down the line...
posted by boogah at 5:05 PM on June 7, 2002


Dave: You're off topic...no fair using OSes that are secure to begin with! :)
posted by samsara at 9:06 PM on June 7, 2002


Just in case you don't already have System 7. (Man, I distinctly remember the 7.0 release ... still get goosebumps writing the phrase “System 7”. Oh, my misspent youth.)
posted by dsandl at 12:41 AM on June 9, 2002


« Older Subtleties of American Satire Lost on the Chinese.   |   Next move - nationalizing the... Newer »


This thread has been archived and is closed to new comments



Post