Houston, we've had a problem: NASA fears internal server hacked, staff personal info swiped by miscreants A server containing personal information, including social security numbers, of current and former NASA workers may have been hacked, and its data stolen, it emerged today. According to an internal memo circulated among staff on Tuesday, in mid-October the US space agency investigated whether or not two of its machines holding …
Back in the late 2000s, I bought an SGI Onyx workstation on eBay. The previous owner had bought it at government auction but didn't want it so moved in on. My gain. Nice upgrade from my previous Crimson.
I had to research some pretty obscure hackery to bypass the BIOS password, which enabled me to boot single user and hack root. And what did I find? A NASA machine; from the Goddard Space Flight Center in Washington DC. And they hadn't wiped it! Judging from what I found, its graphics had been outclassed by newer machines, but they repurposed it as a server; it was full of Oracle databases, personnel stuff, and a bunch of internal websites etc. Fascinating stuff! Pic for any doubters:
https://pbs.twimg.com/media/DuvjScpU8AAhxvk.jpg
Astonished they let that out without wiping it first!
This happens all the time - the user gets a shiny new machine, copies all the files over and puts the old one in the cupboard - just in case something goes wrong or they missed a file somewhere. The shiny new machine works great and a couple of years later they notice the old machine in the cupboard ... better get rid of that, oh wait - there's a property tag on it, better call Central Services (sic) and get it taken off the inventory. And away it goes ...
I, too have hacked an SGI (Indigo) to get root. In my case, I did not have to use the NVRAM password, (though I did have to replace the NVRAM battery!) the previious sysadmin had left the "demo/demo" and "guest/guest" users active, and I was able to read /etc/passwd. John The Ripper to the rescue, and a cup of coffee later, I had the root password (because this is "old" Unix!).
Next surprise was that SGI's Unix, unlike all others, does not include cc -- you have to buy it! Working on that...
I found someone had made a webpage of my original usenet post documenting the procedure for posterity!
http://www.sgidepot.co.uk/onyxnvrampwd.html -
How to clear the NVRAM password on an Onyx/Challenge
By Michael Ross and Chris Patterson (MCE)
1. Enter POD mode using the debug options as documented my Ian Mapleson at:
http://www.futuretech.blinkenlights.nl/chalonyxdiag/syscontroller.html
Note that the POD prompt will only appear on a terminal connected to the console (tty1) port - the GFX display will remain blank.
2. At the POD prompt, type 'zap'.
The PROM password is now clear, you can type 'io' to start the PROM monitor, from where you can now access the command monitor, install software, etc. etc., without a password.
3. Don't forget to disable POD mode again before rebooting!
'zap' is documented in the POD prompt help screen (type '?' for a list of POD commands), but the description is something very innocuous, like 'reinitialise environment', and gives no clue to the fact that it blows the PROM password away!
NOTE: 'zap' also blows away your entire configuration. So when you go into the PROM monitor, console is set to tty1 not GFX, your boot/root/OS devices may well be wrong - my setup was defaulting to boot dksc(0,....) when the disks were all on dksc(1,...) etc. etc.
So be sure to review and fully understand your configuration BEFORE using 'zap', if at all possible (I know, it's kinda hard since you're locked out of the command monitor).
Thanks to all who helped!
Mike
http://www.corestore.org
Being American it will be testosterone driven, gun-gho to expand Team America world police to solar system police. It will sorely fail to reflect that 99% of anything Space related is run from a keyboard nowdays. They are also very late to this game.
As a basis for comparison: https://www.youtube.com/watch?v=drmyIC_dTlM - at 12:10, after the marines. The first block are logistics and the IT girls (wipe that saliva off the keyboard), second is military space academy which feeds Space command. Those cute manicured fingers are above the keyboards that control the adversary's Space toys including ICBMs, stationary radards, missile defence - the lot. Already. They have done so for decades too (I know personally a retired one which has served in the late 60-es).
I can probably pull a pic of the Chinese counterpart too and it is likely to be the same. Pity Mandarin is not one of the languages I know.
"Being American it will be testosterone driven, gun-gho to expand Team America world police to solar system police."
Can we convince them that the sun is about to be eaten by a space dragon and they all need to get on board this Ark we've constructed?
Funny, but sadly it's not just the Republicans doing that, the Democrats aren't much better and the Russians, Saudis, Chinese etc are far worse. It's Christmas so I'll offer a funny reply link - they all just need to F.O.C.U.S.
United States Space Command already existed, from 1995 to 2002.
https://en.wikipedia.org/wiki/United_States_Space_Command
It was stood down because it was redundant. The mission itself was being accomplished by other commands and agencies, including US Strategic Command. Which inherited the space mission after USSPACE was disestablished.
This isn't even a proper half-measure to a "Space Force." This is just a feeble excuse to bump up the number of general officer billets.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
