Closed larsbrinkhoff closed 6 years ago
larsbrinkhoff
commented
6 years ago What I did:
Also checked DUMP. It does have some special code for DM, but nothing that seemed related to security or hiding directories.
larsbrinkhoff
commented
6 years ago Help wanted: Does anyone see any hint of this?
jh95468
commented
6 years ago ITS was the ultimate "open system" where anybody could do anything. But you'd have to face your peers...and that was the basic security mechanism in the small community.
At one point, ARPA demanded that the system had to have passwords in order to log in. So, one of the staff (Mike Brescia) got assigned to make it happen. Not long after, everyone got a password and you needed to type it in on logging in. I think that occurred on a Friday.
On the following Monday morning, an anonymous MOTD informed everyone that passwords were now required. But.... if you forgot your password, you could simply use a new system utility - that let you type something like "psw
The only "real" security I recall was security through obscurity, e.g., the magic incantation to write enable DDT for SYS debugging, or the "Maze Guncher" that looked for Maze jobs and made them commit suicide without drawing suspicion to the Guncher's existence.
Another obsecurity mechanism was an "Al Imitator". Al Vezza was our group manager, i.e., the boss. Someone created a utility that allowed you to connect to someone else's terminal and impersonate Al, using the existing ^_C mechanism. So on your terminal suddenly "MSG from AV:" would pop up, and your terminal I/O was now linked (allegedly) to Al's. The hack utility recreated Al's characteristic hunt-and-peck typing behavior, so what came out on the victim's terminal really looked like it was Al typing. Very useful for getting people to give up disk space, or core memory, or stop running some compute-bound job, etc. This didn't work much for the group staff members of course, but for the stream of students that came through every semester it was very effective.
There were of course mechanisms in the system code to do things like memory protection so your erranbt code didn't write into someone else's memory space. But I don't think of those as "security" mechanisms.
/Jack
36bit
commented
6 years ago I've always wondered who wrote that utility - a classic "weekend hack".
I wouldn't be surprised if it were Stallman. Free As In Freedom version 2.0 talks of how he didn't like them.
"The DM group installed its first password system in 1977. Once again, Stallman took it upon himself to correct what he saw as ethical laxity. Gaining access to the software code that controlled the password system, Stallman wrote a program to decrypt the encrypted passwords that the system recorded..."`
And there's other things in there too, like refusing to send new copies of emacs to people until they rejected the security system on the lab’s computers. It's a good read.
jh95468
commented
6 years ago Thanks for the pointer to FAIF. I just downloaded it.
I can believe that RMS did it. All of the staff in the DM group swore ignorance. But I don't think any of us objected to such a useful new utility. It probably wouldn't have been as big an issue if it hadn't been in the MOTD where the remote ARPA guys might see it. But RMS wasn't shy about kicking the sleeping lion....
ITS itself, and all of the core tools, were managed in a friendly way across the 9th floor PDP-10 groups. I don't recall any "formal" mechanism, but somehow all the programs were kept in sync, new features were propagated, and it all worked.
RMS did EMacs of course - as a set of TECO macros. I remember he used to announce a new version of his macros that we could all then grab for use in our personal TECO environments. There were a handful of generally useful macro packages that people typically loaded into the same Q-registers. A through D were already in use, so RMS' macros went into E. Hence E-macs. To use EMacs you would start TECO, load RMS' macros into E, and type ME$$
/Jack
On 05/09/2018 06:25 PM, 36bit wrote:
I've always wondered who wrote that utility - a classic "weekend hack".I wouldn't be surprised if it were Stallman. Free As In Freedom version 2.0 talks of how he didn't like them.
"The DM group installed its first password system in 1977. Once again, Stallman took it upon himself to correct what he saw as ethical laxity. Gaining access to the software code that controlled the password system, Stallman wrote a program to decrypt the encrypted passwords that the system recorded..."`And there's other things in there too, like refusing to send new copies of emacs to people until they rejected the security system on the lab’s computers. It's a good read.
— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/PDP-10/its/issues/850#issuecomment-387922414, or mute the thread https://github.com/notifications/unsubscribe-auth/AFeXWA8iBEe0PT8Da1C4uSbonJ8jVnV5ks5tw5b2gaJpZM4Tp3dA.
larsbrinkhoff
commented
6 years ago Thanks Jack.
There's just one thing. Everyone who was there at the time seems to agree the Zork source code was in a hidden MIT-DM directory. @taa01776's "The History of Zork" says
we patched the system to protect the directory where we kept the sources (named CFS, for either “Charles F. Stanley” or “Computer Fantasy and Simulation”).
Of course "protect" is not the same as "hidden", but @eswenson1 said he was unable to see the directory without disabling the patch.
I assume this patch wasn't a regular secturity feature, but rather a one-off hack to keep people's grubby hands off the Zork source code. I don't know if if it was a source or binary patch, and if a possible source patch would have been reverted later. For all I know, it could still be there lurking in a corner.
taa01776
commented
6 years ago Binary patch, if I’m not mistaken.
If the directory name is CFS, and if your user name is not in the short list of people with access, there’s no such directory. When Ted Hess from DEC got access to the (encrypted) Zork sources that were the basis of the FORTRAN version, he did so by figuring out the patch (fairly easy to notice something bad going on, because the directory name appeared in various places regardless—just do a word search after SYS$J for CFS…) and adding himself to the list of allowed users. -ta
From: Lars Brinkhoff [mailto:notifications@github.com] Sent: Thursday, 10 May, 2018 14:52 To: PDP-10/its its@noreply.github.com Cc: Anderson, Timothy A. taa@stresearch.com; Mention mention@noreply.github.com Subject: Re: [PDP-10/its] DM security features (#850)
Thanks Jack.
There's just one thing. Everyone who was there at the time seems to agree the Zork source code was in a hidden MIT-DM directory. @taa01776https://github.com/taa01776's "The History of Zork"http://samizdat.cc/shelf/documents/2004/05.27-historyOfZork/historyOfZork.pdf says
we patched the system to protect the directory where we kept the sources (named CFS, for either “Charles F. Stanley” or “Computer Fantasy and Simulation”).
Of course "protect" is not the same as "hidden", but @eswenson1https://github.com/eswenson1 said he was unable to see the directory without disabling the patch.
I assume this patch wasn't a regular secturity feature, but rather a one-off hack to keep people's grubby hands off the Zork source code. I don't know if if it was a source or binary patch, and if a possible source patch would have been reverted later. For all I know, it could still be there lurking in a corner.
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHubhttps://github.com/PDP-10/its/issues/850#issuecomment-388149589, or mute the threadhttps://github.com/notifications/unsubscribe-auth/ABnTXd9wRRf7CAsSuzzuMBiIuIWhVL6hks5txIw8gaJpZM4Tp3dA.
eswenson1
commented
6 years ago That was the way I stole the Zork sources too -- by replacing one of the entries on the list with my username (EJS). I don't remember how I found the place to patch -- I remember spending many hours scouring the running system image to figure it out, however.
One thing I'm a bit fuzzy on: when I stole the sources between 1978 and 1980 (don't remember exactly when I did) I did not deal with file encryption at all. All I did was give myself access to CFS; and then FTP the files to MIT-MULTICS (and in so doing, got caught by TAA). @taa01776: Were the files encrypted then or was it just that I waited until the implementors were actually working on the sources and had them already decrypted in CFS (waiting for me to pick them up!)?
taa01776
commented
6 years ago We’d probably given up on the encryption by then. I think Ted must’ve lifted the sources late in ’77. -ta
From: Eric Swenson [mailto:notifications@github.com] Sent: Thursday, 10 May, 2018 16:59 To: PDP-10/its its@noreply.github.com Cc: Anderson, Timothy A. taa@stresearch.com; Mention mention@noreply.github.com Subject: Re: [PDP-10/its] DM security features (#850)
That was the way I stole the Zork sources too -- by replacing one of the entries on the list with my username (EJS). I don't remember how I found the place to patch -- I remember spending many hours scouring the running system image to figure it out, however.
One thing I'm a bit fuzzy on: when I stole the sources between 1978 and 1980 (don't remember exactly when I did) I did not deal with file encryption at all. All I did was give myself access to CFS; and then FTP the files to MIT-MULTICS (and in so doing, got caught by TAA). @taa01776https://github.com/taa01776: Were the files encrypted then or was it just that I waited until the implementors were actually working on the sources and had them already decrypted in CFS (waiting for me to pick them up!)?
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHubhttps://github.com/PDP-10/its/issues/850#issuecomment-388183929, or mute the threadhttps://github.com/notifications/unsubscribe-auth/ABnTXRh7YKdOc_fA162-THB660AydgXdks5txKoJgaJpZM4Tp3dA.
jh95468
commented
6 years ago [Hi Tim!]
The only "protection" I remember ever being in ITS was by security through obscurity. In an environment where anyone with persistence or a bit of knowledge of appropriate magic incantations can change anything including the OS, and with physical access can modify the hardware at will, it's hard to imagine what you could do to "protect".
Hiding is the only realistic strategy. Hiding things in the file system was a common trick. Mostly it provided some protection from the stream of students that came through every semester, who hadn't had the time (yet) to become wizards.
At one point, management declared Maze to be illegal, and we staff dutifully deleted all copies of the file from the disk.
Overnite, free disk space dropped to almost zero. Apparently we didn't get all of the copies, and the remaining one(s) had been copied, and copied, and squirrelled away inside the file system in a variety of creative ways.
It might be in a file, but with the bits all ROTated so it no longer looked like Maze. Or split into dozens of tiny files scattered across innocuous directories. Or hidden in someone's else's directory (e.g., one of the daemons' which no one totally understood anymore) with an innocent name looking like a log or config file. Etc. Etc.
Management relented (what else?), and Maze was legal again, but only at certain hours. That led to the creation of the Maze Guncher, also hidden and operating very stealthily, as an attempt to at least enforce the rules a little bit. (IIRC, Dave/PDL implemented that)
I don't remember the CFS hack, but it certainly sounds like something that would work.
At least for a while...
When I took the "System Programming" course at MIT (course 6.251) in 1967 or so, there was a final exam, which involved writing some code to do something in the OS. The rules were simple. You could pass by either a) writing the code to accomplish the task, or b) hacking the grading program so that it thought you did the assigned task.
Either was expressly permitted. Hacking was a natural part of the computer curriculum. So people knew how to do such things....
Fun times! /Jack
On 05/10/2018 01:03 PM, Timothy Anderson wrote:
Binary patch, if I’m not mistaken.
If the directory name is CFS, and if your user name is not in the short list of people with access, there’s no such directory. When Ted Hess from DEC got access to the (encrypted) Zork sources that were the basis of the FORTRAN version, he did so by figuring out the patch (fairly easy to notice something bad going on, because the directory name appeared in various places regardless—just do a word search after SYS$J for CFS…) and adding himself to the list of allowed users. -ta
From: Lars Brinkhoff [mailto:notifications@github.com] Sent: Thursday, 10 May, 2018 14:52 To: PDP-10/its its@noreply.github.com Cc: Anderson, Timothy A. taa@stresearch.com; Mention mention@noreply.github.com Subject: Re: [PDP-10/its] DM security features (#850)
Thanks Jack.
There's just one thing. Everyone who was there at the time seems to agree the Zork source code was in a hidden MIT-DM directory. @taa01776https://github.com/taa01776's "The History of Zork"http://samizdat.cc/shelf/documents/2004/05.27-historyOfZork/historyOfZork.pdf says
we patched the system to protect the directory where we kept the sources (named CFS, for either “Charles F. Stanley” or “Computer Fantasy and Simulation”).
Of course "protect" is not the same as "hidden", but @eswenson1https://github.com/eswenson1 said he was unable to see the directory without disabling the patch.
I assume this patch wasn't a regular secturity feature, but rather a one-off hack to keep people's grubby hands off the Zork source code. I don't know if if it was a source or binary patch, and if a possible source patch would have been reverted later. For all I know, it could still be there lurking in a corner.
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHubhttps://github.com/PDP-10/its/issues/850#issuecomment-388149589, or mute the threadhttps://github.com/notifications/unsubscribe-auth/ABnTXd9wRRf7CAsSuzzuMBiIuIWhVL6hks5txIw8gaJpZM4Tp3dA.
— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/PDP-10/its/issues/850#issuecomment-388168873, or mute the thread https://github.com/notifications/unsubscribe-auth/AFeXWIATXy5TZCJQ1HOYeYQg_eZM2vs2ks5txJ0XgaJpZM4Tp3dA.
larsbrinkhoff
commented
6 years ago Thanks all. I think the question of "DM security" has been answered thouroughly.
larsbrinkhoff
commented
4 years ago I checked a 1980 @ ITS but didn't see any trace of a patch. But then I guess by this time no one would have bothered to install the patch. Unfortunately this is the only DM ITS binary I have found.
larsbrinkhoff
commented
3 years ago I still don't have any suitably dated @ ITS from DM, but there are some CRASH files. I picked one from January 1978 which should be Zork implementation heydays. I found this in the patch area:
231/ MOVE Q,B(J)
232/ CAMN Q,236
233/ JRST 237
234/ MOVEI Q,2000-LUNBLK(J)
235/ JRST 32577
236/ SIXBIT /LCF/
237/ HRRZ Q,U
240/ MOVE Q,UNAME(Q)
241/ CAME Q,250
242/ CAMN Q,251
243/ JRST 234
244/ CAME Q,252
245/ CAMN Q,253
246/ JRST 234
247/ JRST POPJJThe patched location is in QLOOK:
QLOOK:
32573/ MOVEI C,0
32574/ PUSH P,J
32575/ HRRZ J,QSNLCN(H)
32576/ JRST 231
32577/ ADD J,UDNAMP(J)Source code:
QLOOK: MOVEI C,0
PUSH P,J ;Q_FILE #
HRRZ J,QSNLCN(H) ;FILE NAMES IN A,B USR PNTR H USER DIR MUST BE LOCKED
MOVEI Q,2000-LUNBLK(J)
ADD J,UDNAMP(J)The patch checks if the directory name is LCF. If so, it compares the user name against the contents of locations 250-253. Those locations are blank in the crash file, but should supposedly be a set of winners. If matching, the patch jumps back. If not, QLOOK is exited through POPJJ.
eswenson1
commented
3 years ago And when I hacked into the Zork sources in circa 1979-1980, after locating this patch, I added my name to the table. Actually, I may have just replaced a name in the table, for fear that I'd screw up the length check.
larsbrinkhoff
commented
3 years ago @archivisth, does the ITS patch described above seem familiar?
taa01776
commented
3 years ago Of course. Typically the referenced locations would’ve had “MARC”, “PDL”, and “TAA” in them. Very secure, unless you were persistent and knew SYS$J $$^R -ta
Ceterum autem censeo Microsoftem esse delendam.
From: Lars Brinkhoff notifications@github.com Sent: Saturday, August 22, 2020 4:41 PM To: PDP-10/its its@noreply.github.com Cc: Anderson, Timothy A. taa@stresearch.com; Mention mention@noreply.github.com Subject: Re: [PDP-10/its] DM security features (#850)
WARNING: This message originates from outside the STR organization. Please take appropriate care in opening any links or attachments.
@archivisthhttps://github.com/archivisth, does the ITS patch described above seem familiar?
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHubhttps://github.com/PDP-10/its/issues/850#issuecomment-678691652, or unsubscribehttps://github.com/notifications/unsubscribe-auth/AAM5GXNT43GMGPNOG24PUELSCAUPLANCNFSM4E5HO5AA.
eswenson1
commented
3 years ago And for a very brief period of time, EJS! :-)
ghost
commented
3 years ago Bob Supnik here. I did not know the details of how Ted obtained the sources. Tim's estimate of late '77 must be correct, because I did the bulk of the conversion work while stuck at home during the Great Blizzard of 1978 (Feb 6-10, 1978). DEC was closed early in the afternoon on Monday. I grabbed the MDL source listing, printed on wide fanfold line printer paper, and went home. For the next 4.5 days, I worked on the core FORTRAN coding. (No WFH capability in those days; not even home terminals and modems.) That listing provided scrap paper for my children (and grandchildren) for decades.
larsbrinkhoff
commented
3 years ago Hello @thess,
Do you have any recollection finding the secret binary patch that hid the Zork source code? It's described above in this GitHub issue.
taa01776
commented
3 years ago Ted’s hack was very much like EJS’s to break the “protection” on the LCF directory. He then brute-forced the “encryption” (this was all pre-RSA, after all) using a TOPS-20 system that was running acceptance testing anyway—et voila! A complete listing. As with Bob’s re-implementation (going from Muddle on a 10 to FORTRAN on an 11 is a step beyond translation), it’s impossible to object to that kind of initiative and skill.
To show that there were no hard feelings, at some point (I forget if it was 12/77 or 12/78) I hand-delivered a magtape with Muddle and Zork to the University of Montana, which had a 20 that could run it; there was some connection to Ted’s girlfriend at the time. -ta
Ceterum autem censeo Microsoftem esse delendam.
From: Bob Supnik notifications@github.com Sent: Sunday, August 23, 2020 8:58 AM To: PDP-10/its its@noreply.github.com Cc: Anderson, Timothy A. taa@stresearch.com; Mention mention@noreply.github.com Subject: Re: [PDP-10/its] DM security features (#850)
WARNING: This message originates from outside the STR organization. Please take appropriate care in opening any links or attachments.
Bob Supnik here. I did not know the details of how Ted obtained the sources. Tim's estimate of late '77 must be correct, because I did the bulk of the conversion work while stuck at home during the Great Blizzard of 1978 (Feb 6-10, 1978). DEC was closed early in the afternoon on Monday. I grabbed the MDL source listing, printed on wide fanfold line printer paper, and went home. For the next 4.5 days, I worked on the core FORTRAN coding. (No WFH capability in those days; not even home terminals and modems.) That listing provided scrap paper for my children (and grandchildren) for decades.
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHubhttps://github.com/PDP-10/its/issues/850#issuecomment-678771356, or unsubscribehttps://github.com/notifications/unsubscribe-auth/AAM5GXJZ7WWXAJOPNQNLGYLSCEG4NANCNFSM4E5HO5AA.
thess
commented
3 years ago OK - First off... I find it really amusing that anyone cares about this almost 45yrs 'down-the-road'.
I know nothing about any "secret" patch. I had a few accounts on MIT systems back then, and as Tim will tell you, there was no security to stop a kernel devo familiar with DDT and the OS in general to quickly find the user-name table, patch their name into said permission table (HESS back then) and FTP the sources to another machine.
Cracking the encryption by brute-force was fairly easy since along with the sources was the encryption utility (un-encrypted, of course) which was easily reversed engineered. It was a simple XOR against a 6-bit/6-character password. I only had to decrypt about 20 characters or so since I knew what the header of each file was. Also, I had unlimited access to a KL-10 prototype in the lab and set it task over the weekend. When I came in on Monday - It had spit out the password 'PROUST'.
That was the easy stuff - Bob did the heavy lifting - I wrote a generic macro assembler for a whole bunch of 8-bit processors (8080, Z80, 6800, etc.) over the blizzard of '78. (Unlike Bob, I had dial-in access to our '10s and the 'net).
@taa01776 -- Hi Tim ! (What's the relation between Clojure and MDL ?)
/ted
jh95468
commented
3 years ago Just a note FYI about the MIT culture of those days...
One of the EE courses on operating systems (6.251) in 1967 had an exam which had an interesting rule.
We were assigned to write a module that did some kind of procedure (I forget exactly what) on the IBM 7094 system. A grading program would run simultaneously, and load your code in, run it, and see if it accomplished the task.
The rules were simple. As the student, you could pursue either of 2 strategies. One way to pass was to simply write the code that did the assignment. The other way to pass was to write your code so that it hacked the grading program and made it think that your code did the assignment. IIRC, all of this was done using card decks; no time-sharing yet.
Either approach was legal and encouraged by the professor (John Donovan and Stu Madnick).
That culture persisted into ITS et al. Security was only to keep people away who didn't know how to get around it.
/Jack
On 8/23/20 4:34 PM, Ted Hess wrote:
OK - First off... I find it really amusing that anyone cares about this almost 45yrs /'down-the-road'/.
*
I know nothing about any "secret" patch. I had a few accounts on MIT systems back then, and as Tim will tell you, there was no security to stop a kernel devo familiar with DDT and the OS in general to quickly find the user-name table, patch their name into said permission table (HESS back then) and FTP the sources to another machine.*
Cracking the encryption by brute-force was fairly easy since along with the sources was the encryption utility (un-encrypted, of course) which was easily reversed engineered. It was a simple XOR against a 6-bit/6-character password. I only had to decrypt about 20 characters or so since I knew what the header of each file was. Also, I had unlimited access to a KL-10 prototype in the lab and set it task over the weekend. When I came in on Monday - It had spit out the password 'PROUST'.That was the easy stuff - Bob did the heavy lifting - I wrote a generic macro assembler for a whole bunch of 8-bit processors (8080, Z80, 6800, etc.) over the blizzard of '78. (Unlike Bob, I had dial-in access to our '10s and the 'net).
@taa01776 https://github.com/taa01776 -- Hi Tim ! (What's the relation between Clojure and MDL ?)
/ted
— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/PDP-10/its/issues/850#issuecomment-678839725, or unsubscribe https://github.com/notifications/unsubscribe-auth/ABLZOWA7PVVUS3KEKM4NANLSCGRR5ANCNFSM4E5HO5AA.
larsbrinkhoff
commented
3 years ago Thank you @thess!
taa01776
commented
3 years ago The patch was “secret” in the sense that we didn’t publicize it, but it was clear that something had been hacked, because files in the LCF directory were visible but not readable. Very not ITS.
I don’t know of any direct connection between Clojure and Muddle (maybe they’re second cousins thrice removed, depending on how you look at the Lisp family tree?), but they seem kind of the same in that both started from, “Lisp is a really good language, except…” I was in a meeting with Tom Knight several years ago; pretty much at random, he said, ‘I wish I could do all my programming in Clojure,’ or words to that effect. -ta
Ceterum autem censeo Microsoftem esse delendam.
From: Ted Hess notifications@github.com Sent: Sunday, August 23, 2020 7:35 PM To: PDP-10/its its@noreply.github.com Cc: Anderson, Timothy A. taa@stresearch.com; Mention mention@noreply.github.com Subject: Re: [PDP-10/its] DM security features (#850)
WARNING: This message originates from outside the STR organization. Please take appropriate care in opening any links or attachments.
OK - First off... I find it really amusing that anyone cares about this almost 45yrs 'down-the-road'.
That was the easy stuff - Bob did the heavy lifting - I wrote a generic macro assembler for a whole bunch of 8-bit processors (8080, Z80, 6800, etc.) over the blizzard of '78. (Unlike Bob, I had dial-in access to our '10s and the 'net).
@taa01776https://github.com/taa01776 -- Hi Tim ! (What's the relation between Clojure and MDL ?)
/ted
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHubhttps://github.com/PDP-10/its/issues/850#issuecomment-678839725, or unsubscribehttps://github.com/notifications/unsubscribe-auth/AAM5GXJSVPFUEFATKCYM34LSCGRR5ANCNFSM4E5HO5AA.
larsbrinkhoff
commented
3 years ago Speaking of Muddle on TOPS-20. I'm in frequent touch with Richard Shiffman (RRS) who was involved porting Muddle to TENEX at USC-ISI. He recounts snooping around on ARPANET and stumbling onto MIT-DMS and Muddle there.
I believe it was in the end of 1970 and I was a computer operator in the computer lab. In this lab we had an IBM 360-44, an Adage AGT-10 vector drawing graphics system, and a large analog computer. These were all [interfaced] to the IBM 360-44. One day a large gray box arrived. [It] looked like it was from a naval ship with a teletype. This was the tip [interface] to the [Arpanet], and a teletype. The tip provided an interface to all 64 computers on the [Arpanet] running [at] 56Kb, 16 voice grade Phonelines in parallel. The tip also came with a book on how to login to each site. MIT-DMCG was host 70. And it mentioned they have a language called muddle. [After] connecting through the tip to DMCG, I typed :muddle. After building up two pages of error messages I discovered that if you typed a number and escape it would print the number back or if you type the word "Atom" it would then echo that back. Then Bruce [Daniels] and Greg Pfister linked to my teletype. My first response was do you want me to go away? They said no really fascinated with someone experimenting with her new computer language. They began to explain to me the syntax of muddle which was similar to the lisp. They also gave me examples of using set said she and that in [???], to get the value of [Atoms]. This was my first introduction to muddle. Up till then I have only known FORTRAN and Adage assembler. I was so impressed with the power of the muddle language I was hooked at that point. I asked Bruce [Daniels] and Greg Pfister how do I save what work I've done so you don't have to retype it each time. They gave me a quick course in Teco and I would store my trivial pieces of muddle code in the muddle system directory at DMCG. A week later Al Vezza phone me and [asked] if I would like my own directory. I said that would be wonderful and he said fine now get your junk out of the system directories. About a month and a half later I received a [muddle] manual from [Greg] and Bruce. I was also taking CS 575 at USC. This was interactive computer graphics. I decided I was going to write my graphics project in muddle. This was the start of MIGS or muddle interactive graphics system.
(Presumably typed on a phone; I have corrected the autocorrect misfeatures.)
jh95468
commented
3 years ago IIRC, in 1970 at MIT-DMCG we were programming entirely in PDP-10 assembly language. Muddle was created later, probably sometime in 1971, after the machine had enough memory and disk space to make it practical. I don't recall any "book on how to login" that came with the ARPANET hardware.
It's possible that it was the book distributed at the ICCC '72 conference in October 1972, when the ARPANET "came out" with a very public demo in the Washington Hilton ballroom. That book included instructions on how to log in and try out various programs at a lot of ARPANET sites. It includes a very basic demo of Muddle (page 53). Perhaps that may be the book RRS remembers? Much of the book was put together at MIT-DMCG.
FYI, a scan of that book from the copy I picked up at the conference is here:
https://drive.google.com/file/d/1F6OJOu8K7Mcfwdh_oTpZAO1J0U71VyBP/view?usp=sharing
/Jack Haverty
eswenson1
commented
3 years ago @taa01776 How was the zork patch applied? Was it created once each time a new version of ITS was "installed" and saved in ".;@ its", so anyone who rebooted ITS would automatically install the patch? Or was there a program to apply the patch? Or was it done manually? I suspect the first case, but was curious if there was anything historically interesting about how this was done.
Also, if this was done each time a new ITS was built, who did this? Was the zork team always involved, or did whoever built a new ITS just "know" that they had to apply this patch? Were there ever times when ITS was booted on DM and the patch NOT applied (out of ignorance) and you zork implementers had to scramble to patch before nasty hackers stole the sources?
larsbrinkhoff
commented
3 years ago Another "security" (or rather obscurity) feature I found today: DUMP scrambles ACT and DUNG files written to the LCF directory. See #1985 for details.
@Devon7 reminded me DM ITS had special security features the other ITSes didn't have. He suggested we should search for those in the ITS source code.
We know from Zork history the source code was in a hidden directory called
CFS. Edit: LCF, see https://github.com/PDP-10/its/pull/1933I looked in the latest version of ITS, but I didn't find any trace of any security features.