Zardoz (computer security)

Zardoz (computer security)

The Zardoz list, more formally known as the Security-Digest list, was a famous semi-private full disclosure mailing list run by Neil Gorsuch from 1989 through 1991. Zardoz is most notable for its status as a perennial target for computer hackers, who sought archives of the list for information on undisclosed software vulnerabilities. cite book | author=Suelette Dreyfus and Julian Assange | title= | year= 1997 | id=ISBN 1-86330-595-5 | publisher= Mandarin ]

Membership restrictions

Access to Zardoz was approved on a case-by-case basis by Gorsuch, principally by reference to the user account used to send subscription requests; requests were approved for root users, valid UUCP owners, or system administrators listed at the NIC. [http://groups.google.com/group/news.groups/msg/662733b4b544c271]

The openness of the list to users other than Unix system administrators was a regular topic of conversation, with participants expressing concern that vulnerabilities or exploitation details disclosed on the list were liable to spread to hackers. On the other hand, the circulation of Zardoz postings among computer hackers was an open secret, mocked openly in a famous Phrack parody of an IRC channel populated by notable security experts. [ [http://artofhacking.com/files/phrack/phrack43/live/aoh_p43-04.htm AOH :: Phrack, Inc. Issue #43 :: P43-04.TXT ] ]

Notable participants

* Keith Bostic discussed BSD Sendmail vulnerabilities
* Chip Salzenberg discussed Peter Honeyman's posting of a UUCP worm, and shell script securityH
* Gene Spafford discussed VMS and Ultrix bugs, and relayed law enforcement enquiries about the Morris Worm
* Tom Christiansen discussed SUID shell scripts
* Chris Torek discussed devising exploits from general descriptions of vulnerabilities
* Henry Spencer discussed Unix security
* Brendan Kehoe discussed systems security
* Alec Muffett announced Crack, the famous Unix password cracker

The majority of Zardoz participants were Unix systems administrators and C software developers. Neil Gorsuch and Gene Spafford were the most prolific contributors to the list.

References

External links

* [http://securitydigest.org/zardoz/ The Security-Digest archive project]


Wikimedia Foundation. 2010.

Игры ⚽ Нужна курсовая?

Look at other dictionaries:

  • List of computer criminals — Hacker Adrian Lamo (left) with contemporaries Kevin Mitnick (center) and Kevin Poulsen …   Wikipedia

  • Nahshon Even-Chaim — (born May 1971), aka Phoenix, was the first major computer hacker to be convicted in Australia. He was one of the most highly skilled members of a computer hacking group called The Realm, based in Melbourne, Australia, from the late 1980s until… …   Wikipedia

  • List of fictional computers — Computers have often been used as fictional objects in literature, movies and in other forms of media. Fictional computers tend to be considerably more sophisticated than anything yet devised in the real world. This is a list of computers that… …   Wikipedia

  • Land of Oz — For the theme park, see Land of Oz (theme park). Land of Oz portal Land of Oz …   Wikipedia

  • Zed — (pronEng|ˈzɛd) is the name of the last letter of the alphabet Z used by the majority of English speaking people outside of the United States (where its name is zee (IPA|/ziː/)). The name zed is derived from the Greek letter zeta, which also… …   Wikipedia

Share the article and excerpts

Direct link
Do a right-click on the link above
and select “Copy Link”