Stories and anecdotes (1978 – 1983)
Computer security and IWIS-TNO
Panic broke lose at IWIS-TNO on one day. The TNO salaries had to be paid, but the Cobol program crashed every time for unclear reasons and wiped part of the database and some other disk files on the fly. The problem appeared to be somewhere between the operating system and the Cobol-program. But where to search for? Could the TNO Physics Laboratory people help? It was their salary as well… The suspected Cobol-module seems to work flawlessly on our test system. At IWIS the system went down. New disk I/O-drivers (PP-program) were compiled and added to the system. No improvement. Where were these differences between their standard and our NOS/BE test system? Had we forgotten to apply some system changes? Ultimately, we figured out that we applied security protection code against buffer overflows in the system. In this case the I/O PP had an overflowed parameter list, an error that is still often exploited by hackers. At IWIS, this happened unexpectedly as their Cobol program went outside its table boundaries. As soon as our code was added to their system, they could start in determining the root cause for the problem.
Security and privacy perils of the CYBER
For certain exercises and wargames developed by the Laboratory, the Higher Secondary School (HKS) could use a number of asynchronous terminal lines on the CYBER 74. One of the HKS teachers was so enthusiastic about the use of the CYBER that he made a photograph during computer lessons for the ministry of Defence’s newsletter. The Computer Group was tipped that the razor-sharp photo showed all terminal usernames and passwords, which were noted on a blackboard. This flawed all basic security requirements. The teacher was informed about the security breach in such a way that he probably is still afraid of using computers.
Another external Armed Forces’ user of the CYBER 74 had heard something about the coming privacy legislation. TNO was We were unpleasantly surprised when the Staatscourant (Official State publications) published a note stating that the computer at TNO’s Physics Laboratory contained the complete personnel database of one of the Armed Services. The Laboratory was deemed to be the holder in the sense of the privacy law yet to be adopted. A kind of unwanted publicity at the time of the many anti-military protest actions.
Between the middle and the end of the seventies, a heated discussion in the computer world raged about “structured programming”: What did that mean? Could that be the case with Basic and Fortran, did you really need Pascal for that, or did you need to follow Prof. E. Dijkstra and ‘prove’ each statement individually? A discussion of this kind also raged within the Computer Group of the Physics Laboratory. The programming group was represented in the Dutch Society for Informatics (NGI) working group that looked in a strict way at the problem. Others in the Computer Group (CG) had read something in the professional literature.
Systems programming was largely surprised on one day when they collected set of the punch cards for the Calcomp plotter system interface from the vault: all cards with lines of comment and description had been removed from the card box by someone. As structured programming “quality requirements” required that a subroutine was not larger than a single printed page, it turned out that one of the colleagues had removed all comment cards from the deck. Now each subroutine fitted on one single page.
Another colleague, who had also heard a ‘bell’ somewhere, tried to get as many statements (non-standard Fortran option) on one card so that the aforementioned one-page border was stretched. Explaining what the colleagues did wrong and what structured programming really meant, required the necessary missionary work in the age of computer pioneering.
To support structured programming in Fortran, the FTS package (ForTran Structured) was purchased and installed in early 1979. FTS was a pre-processor that translated structures such as IF-ELSE – ENDIF, DO..ENDDO and CASE into Fortran’66 code. Later the FTS package was adjusted by TNO so that it delivered Fortran’77 code.