Discussion:
Does anyone know of a documented case of VM being penetrated by hackers?
(too old to reply)
Anne & Lynn Wheeler
2007-04-25 16:02:21 UTC
Permalink
Does anyone know of a documented case of VM being penetrated by hackers?
long ago, I briefly succombed once.

The future system project was in full swing ... lots of past posts
http://www.garlic.com/~lynn/subtopic.html#futuresys

all the documentation was supposed to be super secret and required
need-to-know ... and so it was all being done as softcopy under vm370.
they had instituted all sorts of additional security processes.

I had been somewhat panning FS project by comparing what they were doing
to a cult film that had been playing continuously for several yrs down
in central sq (and making references to the inmates being in charge of
the institution).

Anyway ... somebody up'ed the ante by making claims that all the vm370
security procedures were such that even if I was physically in the
machine room, I wouldn't be able to access the documents. So in a moment
of weakness, I said that it would take less than five minutes ... I went
to the operators console and spent most of the time disabling
connectivity to the machine (to anything outside the machine room)
... then I flipped a bit in real storage ... and had access to
everything.

So they then wanted to know what kind of countermeasures to that attack
would I use (i.e. standard procedure to alternate between attacking and
defending). My comment was to remove all the front panel controls to a
lockable interface (say keyboard handled by some sort of service
processor requiring password) and/or encrypt all the information
(i.e. DES hadn't been invented yet ... although the person responsible
for DES was student down at Harvard at the time)

for some topic drift ... recent somewhat related thread
http://www.garlic.com/~lynn/2007i.html#14 when was MMU virtualization first considered practical?
http://www.garlic.com/~lynn/2007i.html#15 when was MMU virtualization first considered practical?
http://www.garlic.com/~lynn/2007i.html#16 when was MMU virtualization first considered practical?

basically the cp67 service at the science center
http://www.garlic.com/~lynn/subtopic.html#545tech

including providing access to some number of students and others from
various educational institutions in the boston area ... while at the
same time, performing some amount of activity involving extremely
sensitive corporate information. In the above reference thread ... it
was the existance of virtual memory for 370 ... before the announcement
that there would be 370 virtual memory.

Another scenario involved the most sensitve corporate data about
customers and business operation. The science center had ported apl\360
to CMS for cms\apl. One of the things this allowed was workspace sizes
up to the size of the cms virtual machine (while typical apl\360
workspace sizes was 16kbytes or sometimes 32kbytes). In that time-frame,
APL was frequently used for business modeling and other things that
currently commingly use spreadsheets. Drastically increasing the APL
workspace size allowed for business people in corporate hdqtrs to run
their applications against large amounts of real data (so remote 2741
terminal access was provided to armonk ... and they set up tapes
containing extremely sensitive customer and business data).

In this time frame, there was one incident of a MIT student doing a
looping channel program as a denial of service attack.

for other drift ... there was the use mentioned by these guys
... something that I didn't learn about until much later
http://www.nsa.gov/selinux/list-archive/0409/8362.cfm

misc. past posts about security issues raised by allowing access to
non-employees and students from various institutions in the Boston
area ... while at the same time providing services involving
some of the highest sensitive corporate information.
http://www.garlic.com/~lynn/99.html#7 IBM S/360
http://www.garlic.com/~lynn/99.html#33 why is there an "@" key?
http://www.garlic.com/~lynn/2000g.html#4 virtualizable 360, was TSS ancient history
http://www.garlic.com/~lynn/2001i.html#44 Withdrawal Announcement 901-218 - No More 'small machines'
http://www.garlic.com/~lynn/2002h.html#50 crossreferenced program code listings
http://www.garlic.com/~lynn/2002h.html#60 Java, C++ (was Re: Is HTML dead?)
http://www.garlic.com/~lynn/2002i.html#62 subjective Q. - what's the most secure OS?
http://www.garlic.com/~lynn/2002p.html#37 Newbie: Two quesions about mainframes
http://www.garlic.com/~lynn/2002q.html#47 myths about Multics
http://www.garlic.com/~lynn/2003b.html#0 Disk drives as commodities. Was Re: Yamhill
http://www.garlic.com/~lynn/2003e.html#66 History of project maintenance tools -- what and when?
http://www.garlic.com/~lynn/2003f.html#1 History of project maintenance tools -- what and when?
http://www.garlic.com/~lynn/2003g.html#5 Any DEC 340 Display System Doco ?
http://www.garlic.com/~lynn/2003g.html#18 Multiple layers of virtual address translation
http://www.garlic.com/~lynn/2003g.html#29 Lisp Machines
http://www.garlic.com/~lynn/2004b.html#31 determining memory size
http://www.garlic.com/~lynn/2004c.html#7 IBM operating systems
http://www.garlic.com/~lynn/2004e.html#36 NSF interest in Multics security
http://www.garlic.com/~lynn/2004p.html#50 IBM 3614 and 3624 ATM's
http://www.garlic.com/~lynn/2005b.html#12 [Lit.] Buffer overruns
http://www.garlic.com/~lynn/2005b.html#45 [Lit.] Buffer overruns
http://www.garlic.com/~lynn/2005d.html#58 Virtual Machine Hardware
http://www.garlic.com/~lynn/2005f.html#63 Moving assembler programs above the line
http://www.garlic.com/~lynn/2005g.html#57 Security via hardware?
http://www.garlic.com/~lynn/2005h.html#18 Exceptions at basic block boundaries
http://www.garlic.com/~lynn/2005o.html#34 Not enough parallelism in programming
http://www.garlic.com/~lynn/2005o.html#46 Article: The True Value of Mainframe Security
http://www.garlic.com/~lynn/2005p.html#20 address space
http://www.garlic.com/~lynn/2005p.html#27 What ever happened to Tandem and NonStop OS ?
http://www.garlic.com/~lynn/2006.html#38 Is VIO mandatory?
http://www.garlic.com/~lynn/2006f.html#5 3380-3390 Conversion - DISAPPOINTMENT
http://www.garlic.com/~lynn/2006h.html#14 Security
http://www.garlic.com/~lynn/2006l.html#21 Virtual Virtualizers
http://www.garlic.com/~lynn/2006m.html#26 Mainframe Limericks
http://www.garlic.com/~lynn/2006n.html#2 The System/360 Model 20 Wasn't As Bad As All That
http://www.garlic.com/~lynn/2006o.html#19 Source maintenance was Re: SEQUENCE NUMBERS
http://www.garlic.com/~lynn/2006w.html#3 IBM sues maker of Intel-based Mainframe clones
http://www.garlic.com/~lynn/2006x.html#19 The Future of CPUs: What's After Multi-Core?
http://www.garlic.com/~lynn/2007g.html#31 Wylbur and Paging
Anne & Lynn Wheeler
2007-04-26 14:11:39 UTC
Permalink
re:
http://www.garlic.com/~lynn/2007i.html#20 Does anyone know of a documented case of VM being penetrated by hackers?

for a little topic drift ... a little about virtual machine assurance
in recent post to ibm-main
http://www.garlic.com/~lynn/2007i.html#26 Latest Principles of Operation
Loading...