[TUHS] early unix rand
Douglas McIlroy
douglas.mcilroy at dartmouth.edu
Wed Mar 13 00:37:36 AEST 2024
> The author of this routine has been writing
> random-number generators for many years and has
> never been known to write one that worked.
It sounds like Ken to me. Although everybody had his
own favorite congruential random number generator,
some worse than others, I believe it was Ken who put
one in the math library.
The very fact that rand existed, regardless of its quality,
enabled a lovely exploit. When Ken pioneered password
cracking by trying every word in word lists at hand, one
of the password files he found plenty of hits in came from
Berkeley. He told them and they responded by assigning
random passwords to everybody. That was a memorable
error. Guessing that the passwords were generated by
a simple encoding of the output of rand, Ken promptly
broke 100% of the newly "hardened" password file.
Doug
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.tuhs.org/pipermail/tuhs/attachments/20240312/26feb8d6/attachment.htm>
More information about the TUHS
mailing list