× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.


  1.  Home
  2. MIDRANGE-L
  3. December 2001

Re: Where are all of the /400's going. (was RE: QUSER on ODBC requests)

> ==> But here's the thing:  (I'm NOT contradicting you, but just asking the
>  question.)  Has it ever been done AND/OR IS it theoretically possible:
>  COULD a 400 machine serial number be hacked...?!?  I guess I'm asking if
>  there's ANY WAY CONCEIVABLE?  I think this is a key question.

If a 400 is not secure, anything can be hacked.

If a device, that is connected to a secure 400, is itself not secure, then
that is another possibility.  Does corporate culture permit users to have
their passwords "programmed" into their PC hardware so that they do some PLAY
KEY combination & it gets them where they need to go a lot?  Are those same
PCs accessible via PC Anywhere or equivalent system (there's a bunch of
competitors) & can those same PLAY KEY deals be done remotely?  Do those
users have relatively high levels of security, so they can get into stuff
like WRKSYSVAL?

Remember when Microsoft got hacked & someone downloaded a lot of source code
that they had considered confidential?  An employee with home PC was trusted
to access Microsoft corporate network.  The employee home PC did not have the
latest firewall software protections.  Hacker broke into employee home PC &
from there got into Microsoft network.   400 site can be equally vulnerable
to this sort of thing depending on corporate culture.

The kind of thing that worries me is trusted partners.  For reasons of
software licensing, we have given out our hardware serial number to several
vendors, some of which are authorized to dial into our system to provide
various kinds of tech support ... now suppose one of them is hacked ... now
all their customers are exposed.

People who can get into SST and have enough authority to do so, can change
executable objects like IBM's to do things other than what they setup to do,
so that you can have virus-like activity on a 400.  I am not going to say any
more on this.

You know that my basic position is that I would rather be thought full of BS
than give out info that a hacker might use, but I willing to spill my guts
any time to duly authorized law enforcement or relevant vendor
representative, in suitable confidential setting.

MacWheel99@aol.com (Alister Wm Macintyre) (Al Mac)

As an Amazon Associate we earn from qualifying purchases.

This thread ...
Follow-Ups:
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.