From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on inbox.vuxu.org X-Spam-Level: X-Spam-Status: No, score=-0.6 required=5.0 tests=DKIM_ADSP_CUSTOM_MED, DKIM_INVALID,DKIM_SIGNED,FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM, HEADER_FROM_DIFFERENT_DOMAINS,HTML_MESSAGE,MAILING_LIST_MULTI, T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.4 Received: from minnie.tuhs.org (minnie.tuhs.org [50.116.15.146]) by inbox.vuxu.org (Postfix) with ESMTP id 83346255B0 for ; Tue, 12 Mar 2024 17:32:52 +0100 (CET) Received: from minnie.tuhs.org (localhost [IPv6:::1]) by minnie.tuhs.org (Postfix) with ESMTP id 4BA0042870; Wed, 13 Mar 2024 02:32:48 +1000 (AEST) Received: from mail-oa1-x2b.google.com (mail-oa1-x2b.google.com [IPv6:2001:4860:4864:20::2b]) by minnie.tuhs.org (Postfix) with ESMTPS id 4356E4286E for ; Wed, 13 Mar 2024 02:32:42 +1000 (AEST) Received: by mail-oa1-x2b.google.com with SMTP id 586e51a60fabf-2218da9620cso3240014fac.3 for ; Tue, 12 Mar 2024 09:32:42 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1710261161; x=1710865961; darn=tuhs.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=LhRTBjkGBTHfgpvy+IPI/g5NXOI2swtHG3DJkfobdHg=; b=GQ41Vb/I8sio5aEsRCLGGO5f4L/wD+b08Yj9Wj6hoYzt9QDkgK7/tzHUK1ImycBkJI 8QE8fxRQQpQxHUZ/HDijaJCLNNJAPAVGFgF9IQjFczIb2RWRjP/pgTVP2Xctpx8GGwq3 tRc0n8a2iyJwH46VKjeiqNDst4DQkcmPkFqQ/vbbny1/HHCE8HWrFviN4RpKMCeBoyFC HBBnCY2h8VnHOZRauFMRAAeBerGR3SD+Ge/HB7iLIiqMIMDcfR0d1XSB99WG/k6R6h3U W85acSEedSJ+UuEDG/obHQVDmK7VtgFMG2/8Ia3FDUbcfvWgCb85/pEis/M10HuSQGrT jUUQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1710261161; x=1710865961; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=LhRTBjkGBTHfgpvy+IPI/g5NXOI2swtHG3DJkfobdHg=; b=cL1iLeghsSzABW8EAMzUX3m043mD0YO2UkHUJjjMpvQ4HbH7YGiRX2KZmhUO64XcLj qPBo5qRXGaAEVEFYyDa5XgXlprjCP6LhiZ9qbFjmJXgSi3zY6shqO951PnkoeYvQq8W5 afwzRvDEfbYgkW47VU1dJsXNdxFyNbbYQfdGH035jkKBboFuQVqMQZlPYmq2kL4C+hpu EfqEua6E9LPmcIl3FNN5ERyAZxhjlYnv36gbrhnbBCd0meZSLKAhDua5CCuvMREC8yyi JdtRGFhYYqJgGVF/V0b2flXdbA7E9wwP8nPKO2zETLqi2l1k1EwI5I6FZO7bcHecro+r Ft8w== X-Gm-Message-State: AOJu0Yxt3kbCyMt6tUlxN9rIjvuKMTcOGttKTvaCOyY5MRQHYR8qQc+D EP1gpKepZeaXcRBxygMLzivyC77lAergdkx/OZKX6tJkCbPEu9ZPTRwLgq4DwJ+iiug72a7Tg/r 40qURIetspbKC3pTg7i+dlnimoVYLjXOY X-Google-Smtp-Source: AGHT+IFUmu3OZ+TjqO1tyRf//mqDzl9uNhbM2dRJeD+dm39JT+EVNNsLASjfOoV2DJE3CjAD1kn4js4Rk9heOeTUzWA= X-Received: by 2002:a05:6870:3289:b0:221:5054:8ded with SMTP id q9-20020a056870328900b0022150548dedmr10940491oac.10.1710261161438; Tue, 12 Mar 2024 09:32:41 -0700 (PDT) MIME-Version: 1.0 References: In-Reply-To: From: Ken Thompson Date: Tue, 12 Mar 2024 09:32:30 -0700 Message-ID: To: Douglas McIlroy Content-Type: multipart/alternative; boundary="00000000000000330c06137935c2" Message-ID-Hash: GUHRIXESYWSLLE54I6HWUFDNF2D5OPNS X-Message-ID-Hash: GUHRIXESYWSLLE54I6HWUFDNF2D5OPNS X-MailFrom: kenbob@gmail.com X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header CC: TUHS main list X-Mailman-Version: 3.3.6b1 Precedence: list Subject: [TUHS] Re: early unix rand List-Id: The Unix Heritage Society mailing list Archived-At: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: --00000000000000330c06137935c2 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable i wrote the generator. dmr or rhm wrote the comment. it came about after one of the first drafts of a graphical pool game. the balls were points and the test was the bouncing off the edge of the pool table. the balls were placed at "random" places on the table, they were started with "random" directions and "random" velocities. frictionless it ran forever. after many minutes, from a mess of dots, they form a line, later a couple lines, later several points, and finally after a large fraction of an hour, all the balls would converge on a single dot. that version of the program was saved with the name "wierd" (spelling on purpose). i have no idea if it exists now. On Tue, Mar 12, 2024 at 7:38=E2=80=AFAM Douglas McIlroy < douglas.mcilroy@dartmouth.edu> wrote: > > The author of this routine has been writing > > random-number generators for many years and has > > never been known to write one that worked. > > It sounds like Ken to me. Although everybody had his > own favorite congruential random number generator, > some worse than others, I believe it was Ken who put > one in the math library. > > The very fact that rand existed, regardless of its quality, > enabled a lovely exploit. When Ken pioneered password > cracking by trying every word in word lists at hand, one > of the password files he found plenty of hits in came from > Berkeley. He told them and they responded by assigning > random passwords to everybody. That was a memorable > error. Guessing that the passwords were generated by > a simple encoding of the output of rand, Ken promptly > broke 100% of the newly "hardened" password file. > > Doug > --00000000000000330c06137935c2 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
i wrote the generator.
dmr or rhm wrote the comment.
it came about after one of the first
drafts of a graphic= al pool game.
the balls were points and the test
was th= e bouncing off the edge of
the pool table. the balls were placed<= /div>
at "random" places on the table,
they were st= arted with "random"
directions and "random" v= elocities.
frictionless it ran forever.

= after many minutes, from a mess
of dots, they form a line, later = a couple
lines, later several points, and finally
after= a large fraction of an hour, all the
balls would converge on a s= ingle dot.

that version of the program was saved
with the name "wierd" (spelling on purpose).
i= have no idea if it exists now.


On Tue, Mar 12, 2024 at= 7:38=E2=80=AFAM Douglas McIlroy <douglas.mcilroy@dartmouth.edu> wrote:
<= div>=C2=A0> The author of this routine has been writing=C2=A0
= >=C2=A0 =C2=A0random-number generators for many years and has=C2=A0
>=C2=A0 =C2=A0never been known to write one that worked.

It sounds like Ken to me. Although everybody had his
<= div>own favorite congruential random number generator,
some worse= than others, I believe it was Ken who put
one in the math librar= y.

The very fact that rand existed, regardless of = its quality,
enabled a lovely exploit. When Ken pioneered passwor= d
cracking by trying every word in word lists at hand, one
<= div>of the password files he found plenty of hits in came from=C2=A0
<= div>Berkeley. He told them and they responded by assigning
ra= ndom passwords to everybody. That was a memorable
error. Guessing= that the passwords were generated by
a simple encoding of the ou= tput of rand, Ken promptly=C2=A0
broke 100% of the newly "ha= rdened" password file.=C2=A0

Doug
=
--00000000000000330c06137935c2--