December 4, 1988

ETERNAL VIGILANCE: We certainly wouldn’t want to forget the Big Issue of illicit computer network access, would we? Especially if it involves one of the most widely used data networks in the world: Tymnet, owned by McDonnell Douglas Corp.

Tymnet is a worldwide public data highway. Using a modem, computer users can dial a Tymnet number to reach the most trafficked computer networks, from the Defense Department’s Arpanet to MCI Mail. So it was disconcerting when a former Tymnet programmer called to say that, as of last week, he could still access parts of the Tymnet network used by the company’s software developers.

All he does is type in the same command he used as an employee. The command is called a “global user name,” and the programmer says Tymnet never changes it. “They have to trust their employees, and I guess that includes ex-employees too,” he says. He logs on about once a week to see if Tymnet’s changed the user name, but so far it has not.

Bill Euske, head of development at Tymnet’s San Jose office, did not return calls by press time.
The development section of the network was designed for easy access because programmers are notorious for hating security procedures, the former Tymnet employee says. “That would be okay if it were hard to get on(-line),” he says, but it’s not.

What’s worse, he says that by using another internal Tymnet user name he can monitor what any developer is doing, including watching someone type in a user name and password. For a computer criminal, that’s the equivalent of finding a telephone credit card number.

My source says the developer’s network is for internal use and doesn’t provide direct access to the public data highway. “But like anything with computers, if someone got deep into the network and found user names, they could switch to the worldwide public data network and do all kinds of things,” like tote up hefty access charges on someone else’s bill or perhaps even wreak the kind of havoc that hacker Robert T. Morris Jr. did a few weeks ago on 6,000 computers linked to the Arpanet network.

He says the system is even more vulnerable because Tymnet developers are supposed to keep separate passwords for their development work and the public data network, but they can use the same one for both if they want. “(Tymnet) could put in software to check that, but they never did,” the software developer says. “As a programmer, you do things the easier way. A boss (could) come in and check (to see if they’ve kept separate passwords), but that usually doesn’t happen.”

THERE’S ALWAYS A FIRST TIME: If anyone still doubts that Sun Microsystems and Apple Computer are planning to go head-to-head in a high-stakes workstation war, please note: Jim Davis, director of marketing for the software products division at Sun Microsystems, has accepted a job as director of marketing for Apple’s system software group.

Davis, who was unavailable for comment, will be responsible for Apple’s Unix development, the Macintosh operating system (OS), and anything else coming down the pike that falls into the OS category.

He is the first Sun executive to leave the company for a serious competitor. Insiders say that after Davis gave notice, Sun executives spent 11 hours trying to talk him into staying. Davis was at the center of many of Sun’s most important efforts, including the Unix co-development project between Sun and AT&T, which owns Unix.

It’s a brilliant move for Apple because it has almost no one inside the company with Davis’ extensive experience. A critical problem inside Apple right now is the marked lack of people who know the entire computing world, not just Macintosh.

FROM THE MASTER: Hold your breath, keep keeping time — Sammy Cahn’s coming with a disk-based rhyme!
Before your collected groans become deafening, rest easy knowing that budding PC-based poets and lyricists are likely to do better than me, if and when veteran lyricist Sammy Cahn gets his way.

Cahn, who made his name writing lyrics for such great songs as “High Hopes” and “Call Me Irresponsible,” has already written a couple of rhyming dictionaries, but says he’s looking for a software publisher to help him put them on disk. The books are called Sammy Cahn’s Practical Rhyming Dictionary and The Sammy Cahn Songwriter’s Rhyming Dictionary.

In San Francisco last week to tend to his one-man show, “Words and Music,” at Marines Memorial, Cahn professed amazement at the prevalence of computers — “they’re everywhere you look” — and was nudged into pursuing a disk-based version of his dictionaries by a friend who’s a Macintosh fanatic.

QUICK HITS: Looks like the warning words of Apple Computer’s security people fell on deaf ears. The latest “private” executive conversation overheard was that Apple is looking for someone to run its Fremont manufacturing facility for a gem of a price: $500,000 a year .Ž.Ž. GMUG, the Gay Macintosh Users Group, is looking for people with computing skills in all environments to do data entry and program-specific troubleshooting for AIDS/ARC help organizations. Call Volunteer Skills Computer Bank at (415) 864-6305.