[COFF] [TUHS] Buffer overflow found/fixed in v4 tape
Douglas McIlroy via COFF
coff at tuhs.org
Tue Jan 6 08:40:31 AEST 2026
This item reminded me of a couple of non-Unix stories about important
Unix people
> The weekly pay calculation often yielded amounts in fractions
> of pennies. These were either rounded up or down to the nearest cent. The
> fractional pennies were tracked in an account called the breakage account.
> This programmer had created a fake employee in the company's computer
> records and had a check printed for that "person"
An early indication of Bob Morris's future as NSA's chief scientist:
Having left his fingerprints all over Unix security measures, Bob
took on an ever-widening role as Bell Labs' leading computer-security
consultant. When the payroll department asked him to evaluate their
operation, his first question was, "How do you handle the annual pennies
adjustment?" The astute insight of this question instantly bolstered the
hosts' respect for Bob. He had jumped straight to a matter they were
aware of, but had never audited. Although it appeared on everyone's
year-end pay stub, who would have bothered to confirm it?
Well, maybe Joe Ossanna would have checked. When he took
out a mortgage, he discovered that the installments were about
1% higher than he had calculated. He complained to the bank,
which explained that NJ law said interest may be computed either
for a calendar year or for a nominal 360-day year. Naturally the
bank chose to pay interest by the calendar year and to charge
interest by the nominal year--a more lucrative hustle than penny
rounding!
Doug
More information about the COFF
mailing list