Robin Hood and Little John were application programmers with the Nottingham

Corporation. Mr. Sheriff, the data processing manager, called them into his office one day and
gave them temporary assignments to perform maintenance work on the operating system. This
was necessary because the system programmer had just quit without giving notice. Mr. Sheriff
gave Hood and John copies of the operating system manual to enable them to perform their
new duties. The manual contained all the documentation on the system, including the list of
secret passwords. One of the passwords provided was the one that overrode the normal
privileged mode of the operating system and permitted changes to be made to the systems
programs.
Hood and John used the special password to make scheduled changes to the operating
system. The documentation of the change was printed automatically as usual. The
documentation did not, however, include an unauthorized insert that Hood and John had
included with the change. The insert permitted Hood and John to suppress system audit trail
information. In particular, it ensured that any unauthorized interference in the system would not
be recorded on the console log, and it suppressed the printing of unauthorized changes in the
operating system.
Hood and John used the insert to display the application files on a terminal and to
subsequently make selective changes to these files. The use of computer time for this purpose
was not included on the console log, nor was there any record of the use of the terminal. Hood
and John continued to make changes to the files for several months even though all passwords
were changed at the end of each month. The fraud was discovered accidentally when a new
systems programmer noticed some unfamiliar coding while performing routine system
maintenance.
The technique used by Hood and John to penetrate the operating system is known as a
“trojan horse” technique. The insert they placed in the operating system is known as a “trap
door.”
1. In order to analyze the case properly, look up for the meaning of the underlined words in
bold font. List down the explanations.
2. What are the possible intentions of Hood and John in committing the fraud?
3. What controls would have prevented the “trap door” from being inserted?
4. What controls would have reduced the time period during which it was successfully
used?
1. In order to analyze the case properly, look up for the meaning of the underlined words
in bold font. List down the explanations.
● Application programmers - Identifies programs required by the systems design,
and flowcharts the logic of these programs. Codes the logic in a programming
language. Tests and debugs the programs. Prepares the program
documentation.
● System Programmers - Is responsible for the maintenance, improvement, and
testing of operating systems; library software; and system utility programs.
Coordinates the operating and control interrelationships of application and
systems programs.
● Normal Privilege Mode - It is a password-protected mode that can only be
accessed and configured by the authorized user. It only allows users to view the
configurations. It allows user commands to view all configurations and even edit
some less important ones.
● Insert - Insert is a widely-used command in the Structured Query Language (SQL)
data manipulation language (DML) used by SQL Server and Oracle relational
databases. The insert command is used for inserting one or more rows into a
database table with specified table column values.
● Console Log - The console.log() is a function in JavaScript that is used to print
any kind of variables defined before in it or to just print any message that needs
to be displayed to the user.
● Trojan Horse - A Trojan horse is a set of malicious computer instructions
embedded in an otherwise legitimate and properly functioning program. The
majority of Trojan infections occur when a user executes an infected program
received in an email, visits a malicious website, or downloads software marketed
as useful add-ons to popular software programs.
● Trap Door - A set of computer instructions that enables a user to circumvent the
system's standard controls. Trap doors are created by programmers to allow
them to modify programs during system development and then remove them
before the system is put into operation.