News

Ross Douthat, Bill Kristol Talk Harris’ Campaign Failures at Harvard Event

News

Dean Dunne Says Harvard Will Support Students of All Political Views Following Election

News

FAS Leadership in Talks to Expand Center for Public Service and Engaged Scholarship

News

Harvard PBK Piloting Changes to Election Process During 2024-25 Academic Year

MAGA Hats at Harvard Republican Club Watch Party

News

Why Donald Trump’s Return Could Spell Trouble for Harvard

News

Italian Program Establishes Largest Cash Prize in Harvard’s Romance Languages Dept.

News

Harvard College Dean Khurana Accused of Misrepresenting Professor’s Actions in Congress Report

'Crackers' Infiltrate State-of-the-Art MIT Computer System

By Scott A. Resnick, CONTRIBUTING WRITER November 4, 1997

Although MIT has taken numerous steps recently to prevent unauthorized access to its computer system, hackers in the past several weeks have infiltrated MIT's computer network and certain personal computers on campus, forcing Harvard to re-examine its own computer security system.

Coordinator of Residential Computing Support, Rick Osterberg '96 said that Harvard's computer systems are not exempt from the troubles that have afflicted those of MIT.

"Every computer system that is on a network is subject to attacks on its security. This is true everywhere," he said.

According to Michael L. Barrow, MIT Network Operation network engineer, MIT's Unix network, known as Athena, as well as several students' personal computers, have recently been the targets of computer infiltrators.

Barrow said that these individuals should be referred to as "crackers" rather than "hackers" because they did much more damage to the systems than those who spend time fooling around with computer programs.

In September and October, Barrow said that MIT found evidence that persons outside of the MIT network had obtained the usernames and passwords of legitimate users. The "crackers" were able to obtain this data by intercepting non-encrypted information from e-mail programs like Telnet and Eudora.

With the personal data, Barrows said the computer "crackers" were then able to enter network accounts, create bugs and even reconfigure personal hard drives.

Usernames and passwords are available to outside observers through "packet sniffing." According to Osterberg, packet sniffing is akin to telephone wire tapping.

"It is looking in on other peoples' conversations on the network," he said.

Osterberg said "packet sniffing" is not only illegal, but also a violation of Harvard policy.

The basic problem, Barrow said, is that MIT "runs an open network." As such, there is nothing to separate MIT's network from the Internet at large.

To compensate for the network's intrinsic lack of security, MIT developed the Kerberos System several years ago. The system allows for encryption of usernames and passwords.

Barrows said that if a user has the Kerberos program when he or she logs on to the network, his or her computer receives a "ticket." Were a student to use Eudora with Kerberos, his or her password would be sent to the network in Kerberos' cryptographic code. As such, it cannot be read by unintended viewers.

Despite Kerberos' existence, the recent infiltrations reflect the fact that not all MIT students utilize the protective program.

According to Osterberg, Harvard's own computer systems have no similar encryption program. Still, he said that Harvard does try to maintain a secure computer network.