Computers and Technology, 25.03.2020 05:01 krisandlance

C6 - In accepting the ACM Turing Award, Ken Thompson described a devious Trojan horse attack on a Unix system, which most people now refer to as Thompson’s rigged compiler. This attack first changes the binary version of the login program to add a backdoor, say, to allow a new user, 12345, that has password, 67890, which is never checked against the password file. Thus, the attacker can always login to this computer using this username and password. Then the attack changes the binary version of the C compiler, so that it first checks if it is compiling the source code for the login program, and, if so, it reinserts the backdoor in the binary version. Thus, a system administrator cannot remove this Trojan horse simply by recompiling the login program. In fact, the attack goes a step further, so that the C compiler also checks if it is compiling the source code of the C compiler itself, and, if so, it inserts the extra code that reinserts the backdoor for when it is compiling the login program. So recompiling the C compiler won’t fix this attack either, and if anyone examines the source code for the login program or the C compiler, they won’t notice that anything is wrong. Now suppose your Unix system has been compromised in this way (which you confirm by logging in as 12345). How can you fix it, without using any outside resources (like a fresh copy of the operating system)?

Answers: 2

Show answers

Other questions on the subject: Computers and Technology

Computers and Technology, 22.06.2019 15:00, taylorsamodell3217

Who is the first president to use social media as part of his campaign strategy

Answers: 1

continue

Computers and Technology, 22.06.2019 17:20, Korkot7633

[a] create a class called “cycle” which has two instance integer variables as properties, “numberofwheels” and “weight.” create a constructor with two parameters, using the same variable names in the parameter list. assign each variable to numberofwheels” and “weight” respectively. write a separate application to test the class and display its properties. note: do not change the names of the instance variables or the variables listed in the constructor’s parameter list. [b] edit your class cycle by adding a default constructor which will assign the default values of 100 to represent the numberofwheels, and 1000 to represent the weight, by invoking a call to the other constructor. modify your application created in [a] to test the class.

Answers: 3

continue

Computers and Technology, 23.06.2019 13:50, mrfishyyyy

Explain how email technologies enable the exchange of messages between users. find out the typical parts of an email address and explain each part.

Answers: 1

continue

Computers and Technology, 24.06.2019 11:00, maddiiie128

Why is it uncommon for users to perform searches directly in database tables? a.)users are discouraged from interacting directly with tables because they might confuse tables with spreadsheets. b.) users are discouraged from interacting directly with tables because this may result in unintended changes to source data. c.)users do not have the technical skills required to perform searches directly in database tables. d.)users do not have the permissions required to perform searches directly in database tables.

Answers: 1

continue

You know the right answer?

C6 - In accepting the ACM Turing Award, Ken Thompson described a devious Trojan horse attack on a Un...