COAST, Machine names, Sun, and Microsoft


I received considerable feedback from people who read the last post on the history of the COAST Lab. Several people asked for more history, and a few former students volunteered some memories.

I'll do a few posts with some specific recollections. If others want to send stories to me or enter them in the comments, we may document a little history. Eventually, I'll get around to the formation of CERIAS and some history of that effort.

COAST & Computers

In the earliest days, we had limited funding to apply to our research infrastructure; my priority for funding was student support. Everyone had an account on CS departmental machines, but we were limited in what we could do -- especially those requiring kernel configuration. Recall that this was in the era of 1992-1997, so neither "cheap" PCs running a Linux clone nor VMs were available. We needed access to workstations and a server or two.

I had contacts at several companies, and Purdue -- having the oldest degree-granting CS department in the world -- was also reasonably well-connected with vendors. I reached out to several of them.

HP stepped up to donate a workstation, but it was underpowered, and we didn't have the money for expansion. As I recall, HP at the time wasn't interested in making a donation beyond what they had already provided. Later, we also got a steep discount on an office laser printer. HP had some very clear divisions internally, so even though several groups wanted to engage, the ones with spending authority weren’t going to help.

I also recall donations of some Intel-based machines (from Intel). Other big vendors of the time -- Sequent, IBM, Pyramid, DEC -- indicated that they weren't concerned with security, so we got nothing from them. (3 of the 4 are now out of business, so go figure.) [Correction: in 1997 we were loaned a Dec ALPHA workstation for about 6 months, but weren't allowed to keep it. It was the primary computation engine for the work that led to the Kerberos 4 flaw paper.]


The company that helped the most was Sun Microsystems. (The late) Emil Sarpa was one of the people at Sun who took particular interest in what we were doing, although there were quite a few others there who interacted with us. (Mark Graff, head of their response team was one I remember, in particular.)

I don't recall if Emil was among our first contacts at Sun, but he quickly became an internal champion for us as their Manager of External Research Relations. He helped arrange some donations of equipment in return for (a) research results, and (b) access to potential hires. (That has long been the standard quid pro quo for collaboration with universities.).

Over time, including time as CERIAS, we received many workstations, a server, a lab of Sun Rays, a SunScreen firewall, and even some Java rings and readers. In return, Sun got quite a few reports of issues they could fix in their systems, and dozens of hires.


With upwards of two dozen machines in the lab we needed hostnames for all the computers. CS used names from the Arthurian legends for their machines. We knew that the CS department at Wisconsin used names of cheeses, one university (Davis?) used names of wine varieties, and there were other themes in use elsewhere. I decided that we would use the names of places from myth, legend, and science fiction/fantasy. Not only were there many candidates, but the idea of us working from places that didn't exist seemed like a good inside joke. (This also related to my long-standing interest in using deception defensively.)

Thus, we started naming machines after non-existent places: yavin, narnia, dorsai, trantor, solaria, barnum, xanadu, atlantis, lilliput, and more. We had a few disagreements in the lab when new machines came in ("I want to have Endor!"), but they all resolved amicably. I bought an atlas of imaginary places to serve as additional source material. We never really lacked for new names. Many of those names are still in use today, although the machines have been replaced many times.

COAST received a server-class machine from Sun in the mid-1990s. It had lots more space and memory than anything we had seen before, so naturally, it was named "brobdingnag." It became our central file server and mail machine. However, it soon became apparent that some of the lab denizens couldn't recall how to spell it, and petitioned for an alias. Thus, an alternate name in the host table came into being: "basm," for "big-assed server machine." A server named "basm" still exists at CERIAS to this day.

We decided to use a different naming scheme for printers and named them after Lands in the Oz mythos. Kansas, Oz, and Ix were the three I remember, but we had more.


A few machine names, in particular, have a story associated with them. One of the Intel machines we received was running Windows, and we named it "hades." (We were not Windows fans at the time.) A few years into COAST -- I don't recall when -- we attracted attention and support of Microsoft, in the form of David Ladd. He was (at that time) involved in academic outreach.

David was visiting us and saw all the Sun machines. He asked if we had anything running Windows. Someone pointed to "hades." He didn't say anything about that, but a few weeks later, we received two new Windows machines, fully configured. They went online as "nifilheim" and "tartarus." On his next visit, David quietly noted the machines. A few weeks later, two more showed up. I think those became "hel" and "duzkah." At his next visit, I observed that we were at a university, and I had access to scholars of history, religion, and sociology. I think we got a few more machines periodically to test us, but they all got named in the same scheme.

That isn't to imply that our relationship with Microsoft was adversarial! To the contrary, it was collaborative. In fall 1996, when Windows Server NT 4 came out, I offered a special-topics penetration testing class. About two dozen people enrolled. Under NDA with Microsoft, we proceeded to poke and prod the OS while also reading some of the classic literature on the topic.

Within two days, the class had discovered that NT 4 failed spectacularly if you exhausted memory, disk space, or file descriptors. By the end of the semester, everyone had found at least 4 significant flaws -- significant meaning "crashed the system" or "gained administrative privileges." We thus reported about 100 security flaws to the Windows support team. At that time, Microsoft was not as concerned about security as they are today, so we were told (eventually) that about 80 of the reports were for "expected but undocumented behavior" that would not be addressed. (Those numbers are not exact as they are based on the best of my recollection, but they are about right on the ratio.) That class provided several grads who went to work for Microsoft, as well as at least two who went to work for national agencies. I have not offered the class since that time as there have always been higher-priority needs for my teaching.

Over the years, many COAST (and eventually, CERIAS) graduates went to work at Microsoft. David --and MS -- remained supportive of our efforts until he moved into a new position well into the CERIAS days.


Leave a comment