Stories and anecdotes (1978 – 1983)
Computer security and IWIS-TNO
Panic broke loose at IWIS-TNO one day. The TNO salaries had to be paid, but the Cobol program crashed every time for unclear reasons and wiped part of the database and some other disk files on the fly. The problem appeared to be somewhere between the operating system and the Cobol program. But where to search for? Could the TNO Physics Laboratory people help? It was their salary as well… The suspected Cobol module seemed to work flawlessly on our test system. At the IWIS computer, the system went down. The newest versions of the disk I/O drivers (PP-program) were compiled and added to the test system. No improvement. Where were the differences between their standard and our NOS/BE test system? Had we forgotten to apply some system changes? Ultimately, we figured out that -as part of our security efforts- we had applied additional protection code against buffer overflows in the system. In this case, the I/O PP had an overflowed parameter list, an error that is still often exploited by hackers. At IWIS, this happened unexpectedly as their Cobol program went outside its table boundaries and overwrote a system I/O call. As soon as our code was added to their test system, they could start determining the root cause of the problem.
Security and privacy perils of the CYBER operations
For certain exercises and wargames developed by the Laboratory, the Higher Secondary School (HKS) could use several asynchronous terminal lines on the CYBER 74. One of the HKS teachers was so enthusiastic about the use of the CYBER that he made a photograph during computer lessons for the Ministry of Defence’s newsletter. The Computer Group was tipped that the razor-sharp photo showed all terminal usernames and passwords, which were noted on a blackboard. This flawed all basic security requirements. The teacher was informed about the security breach in such a way that he probably is still afraid of using computers.
Another external Armed Force user of the CYBER 74 had heard something about the coming privacy legislation. TNO was We were unpleasantly surprised when the Staatscourant (Official State publications) published a note stating that the computer at TNO’s Physics Laboratory contained the complete personnel database of one of the Armed Services. The Laboratory was deemed to be the holder in the sense of the privacy law yet to be adopted. A kind of unwanted publicity at the time of the many anti-military protest actions.
Between the middle and the end of the seventies, a heated discussion in the computer world raged about “structured programming”: What did that mean? Could that be the case with Basic and Fortran, did you need Pascal for that, or did you need to follow Prof. E. Dijkstra and ‘prove’ each statement individually? A discussion of this kind also raged within the Computer Group of the Physics Laboratory. The programming group was represented in the Dutch Society for Informatics (NGI) working group that looked strictly at the problem. Others in the Computer Group (CG) had read something in the professional literature.
Systems programming was largely surprised one day when they collected a set of punch cards for the Calcomp plotter system interface from the vault: all cards with lines of comment and description had been removed from the card box by someone. As structured programming “quality requirements” required that a subroutine was not larger than a single printed page, it turned out that one of the colleagues had removed all comment cards from the deck. Now each subroutine did fit on one single page.
Another colleague, who had also heard the bell ring somewhere, tried to get as many statements (non-standard Fortran option) on one card so that the aforementioned one-page border was stretched. Explaining what the colleagues did wrong and what structured programming really means, required the necessary missionary work in the age of computer pioneering.
To support structured programming in Fortran, the FTS package (ForTran Structured) was purchased and installed in early 1979. FTS was a pre-processor that translated structures such as IF-ELSE – ENDIF, DO – ENDDO, and CASE into Fortran’66 code. Later the FTS package was adjusted by TNO so that it delivered Fortran’77 compliant code.