subject

C6 - In accepting the ACM Turing Award, Ken Thompson described a devious Trojan horse attack on a Unix system, which most people now refer to as Thompson’s rigged compiler. This attack first changes the binary version of the login program to add a backdoor, say, to allow a new user, 12345, that has password, 67890, which is never checked against the password file. Thus, the attacker can always login to this computer using this username and password. Then the attack changes the binary version of the C compiler, so that it first checks if it is compiling the source code for the login program, and, if so, it reinserts the backdoor in the binary version. Thus, a system administrator cannot remove this Trojan horse simply by recompiling the login program. In fact, the attack goes a step further, so that the C compiler also checks if it is compiling the source code of the C compiler itself, and, if so, it inserts the extra code that reinserts the backdoor for when it is compiling the login program. So recompiling the C compiler won’t fix this attack either, and if anyone examines the source code for the login program or the C compiler, they won’t notice that anything is wrong. Now suppose your Unix system has been compromised in this way (which you confirm by logging in as 12345). How can you fix it, without using any outside resources (like a fresh copy of the operating system)?

ansver
Answers: 2

Another question on Computers and Technology

question
Computers and Technology, 23.06.2019 09:30
Which of the following tasks is an audio technician most likely to perform while working on a nature documentary? (select all that apply). eliminating potentially distracting background noise adding sound effects making sure the lighting is adequate for a particular scene changing the narration to better match the mood of the documentary
Answers: 3
question
Computers and Technology, 23.06.2019 15:00
Visually impaired individuals generally rely on the for navigation. thus, designers need to ensure that mouse-specific inputs, such as pointing, clicking, and hovering, can be done without a mouse.
Answers: 1
question
Computers and Technology, 24.06.2019 01:30
Write a program that asks the user to enter the name of an input file. if the file does not exist, the program should prompt the user to enter the file name again. if the user types quit in any uppercase/lowercase combinations, then the program should exit without any further output.
Answers: 3
question
Computers and Technology, 25.06.2019 06:50
The federal sentencing guidelines for organizations set the tone for organizational ethics compliance programs by question 1 options: a) codifying into law incentives for organizations to take action such as developing ethical compliance programs to prevent misconduct. b) forcing all organizations to develop mandatory reporting systems and ethics programs. c) eliminating most of the federal legislation that created inefficient and time-consuming activities for businesses. d) providing detailed guidelines for how to set up organizational ethics programs to guard against unethical conduct. e) providing a thorough examination of company codes of ethics to determine whether they are sufficient.
Answers: 1
You know the right answer?
C6 - In accepting the ACM Turing Award, Ken Thompson described a devious Trojan horse attack on a Un...
Questions
question
Mathematics, 23.06.2019 21:10