On December 29 08:35 Brent Hilpert wrote:
In 1985 I was setting up our new email system at CERN,
and the email
system had a security flaw that allowed the users' mail access
passwords to be seen.
This in of itself wasn't too big deal as there was little a hacker
could do with it (only get access to mail pickup, and you'd need a
system that talked X.400, which weren't prevalent).
What made it a big security problem, of course, was that users tended
to use their login password for their mail password, so once the
hackers uncovered the mail password they ipso-facto often got a login
The hacking was noticed and I was told they were networking in from
Given the commonalities: time proximity (85-86), hacker source
(Germany) and hacking targets (HEP/nuclear/research community), I
wonder now if it was the same group of hackers.
Fast forward to 5:26 for a '87 sitelist mentioning CERN.