Market value of VAX 4000-96 - Re: Can anyone explain this to me ?

On 11/4/2011 2:19 PM, William Donzelli wrote: Hahaha. That's right, throw down the gauntlet. I once took a CS class at the local univ. and the teacher was a graduate student. She went on ad nauseam about how vms was so much more secure than unix, and made it a point that all her record keeping of grades was done in files on the school VMS machines. I had raised my hand and asked if I could modify her "gradebook" files in her VMS account, if I could get an 'A'. Of course she said no, which I think is somewhat hypocritical of her, even with the understanding of school policies, etc. The comical thing about the situation was that I already had SYSPRV, as I believe it is/was called (I haven't touched this stuff in a quite some time) I had complete access to her files, including her univ email account which was different on the VMS systems than from the UNIX side. She was dating an undergraduate in her class, which is quasi-legal anyways, and was trading personal emails. When I discovered this and read through them, she had just purchased a cat and was trying to find a name for it. Her boyfriend's name was "Sam." (or joe or steve or whatever, I don't remember). I snuck into class early, wrote in big letters on the board, "Name your cat Sam." I left, only to return a few minutes late to class, an hour or so later, where the teacher was asking who wrote it on the board. I only smiled and shrugged my shoulders ---- and remember thinking not much about VMS security. In fact, the attack was a failure of several parts of the overall system -- as they usually are. Several vms machines had shared lan access(before switches were more widely used), vulnerable to sniffers. There were exploits in the day for this particular version, not widely known but to which I had access. I had local access to the box already. There were trust-relationship problems between machines. Local un-secured dialups. It was bad. I always liked sniffers and plaintext connections like telnet and ftp, because even the most cryptic passwords are clearly identified. Keith P.S. None of this is meant to support the above claim. Just that all systems are vulnerable in some respect, no matter the make/model/version.