Muli Ben-Yehuda's journal

August 13, 2004

Richard Hamming – You and Your Research

Filed under: Uncategorized — Muli Ben-Yehuda @ 11:26 PM

“How do I obey Newton’s rule? He said, “If I have seen further than others, it is because I’ve stood on the shoulders of giants.” These days we stand on each other’s feet!”

Richard Hamming (Hamming Distance, Hamming Code), in a talk titled “You and Your Research”. Recommended! (via lispmeister).

August 12, 2004

Filed under: Uncategorized — Muli Ben-Yehuda @ 2:25 PM

“If you wanna echo, echo, don’t talk.” [Dirty Harry the Geek]

— seen on an anonymous (to protect the guilty) CVS commit message

Filed under: Uncategorized — Muli Ben-Yehuda @ 1:45 PM

Date: Thu, 12 Aug 2004 13:39:41 +0300 From: Muli Ben-Yehuda User-Agent: Mutt/1.5.6+20040803i To: Marc’s List Subject: tip: changing the default screen(1) command character

Or “how to make screen not use C-a by default”.

It’s pretty simple really, once you grovel through the documentation enough to find the relevant bit. Set it with either -e command line switch or the ‘defescape’ or ‘escape’ commands.

Explanation: screen(1) is a very useful utility for everyone who works a lot on remote computers. It allows you to attach and detach from remote sessions (detach like nohup(1), but you can also attach back to it) so that they continue running while you’re disconnected from that machine. screen by default ‘steals’ the C-a (Control a) key stroke to itself, which is incredibly annoying if you’re used to the default readline key strokes in bash, emacs, BitchC, etc, where you type it to go to the beginning of the line. Ergo, the tip above to change it to something saner.

Cheers, Muli

Muli Ben-Yehuda
http://www.mulix.org | http://mulix.livejournal.com/

August 8, 2004

August Penguin 2004 commentary

Filed under: Uncategorized — Muli Ben-Yehuda @ 4:26 PM

Shachar Shemesh has a few comments on the hacking contest. He thinks that “the kernel challenge was not planned properly… what Muli did to the kernel pales in comparison to things you see in the real world”. I guess what Shachar doesn’t understand is that it was supposed to be hard, not impossible. We could’ve been a lot more evil, and made their lives much harder, but what would’ve been the point in that? it was supposed to be fun, and solvable within an hour.

We intended for the teams to understand that the kernel has been tampered with, find in what way it was tampered with, find the backdoor in the tampering, and finish this stage. This is exactly what the winning team did. We anticipated the teams trying to boot with a clean kernel (this is exactly what we would’ve done in their stead) and took steps to prevent that from working (only our kernel would agree to mount the minix file system that the file resided on – a one bit change in the magic field in the superblock is all it took).

Shachar’s team “solved” this stage in two ways – the first, by removing the loopback mount and creating a different file at /usr/local/august/stage3.tmp. This is something we considered a low-quality solution, since it did not solve the original problem, only worked around it. Their second solution was “we did something and the file changed, and we don’t know what it was”. We accepted it, since the file did appear to be changed, but it would’ve been nice if they would’ve known how they did it. It’s possible that they exploited a bug in my patch, or tricked us somehow, but since the winning team rm -rf’d their machine at the end, we will never know.

It was fun and we certainly learned a few things for the next time. And Shachar, I could’ve written a complete root kit, but considering how long it took you guys to handle this relatively simple challenge – what would’ve been the point?

Hacking Contest explained (Hebrew)

Filed under: Uncategorized — Muli Ben-Yehuda @ 4:11 PM

Aviram Jenik, overlord of BeyondSecurity has an excellent technical writeup of the hacking contest. Sorry, it’s in Hebrew.

august-2.6.8-rc2bk8 patch is up

Filed under: Uncategorized — Muli Ben-Yehuda @ 3:57 PM

August Penguin 2004 happened on Friday morning, and was a blast. My
august-2.6.8-rc2bk8-E1
patch which was used in the hacking competition is available on the kernel page.

This is august-2.6.8-rc2bk8-F1,
a small patch I wrote for the August Penguing 2004
Linux convention hacking
contest
. The contest had several stages. In each stage,
the contestants needed to perform a task. For stage 3, the
task was to change a file named ‘stage3.tmp’. The obstacle in
their way was this patch.

The patch has two parts: the first is a Linux Security
Module named “august.c”, which protects this file from
unwanted access via the LSM hooks. It also has a small
backdoor – it only works if the date is after the beginning
of August 2004. Contestans were expected to find the patch
(we left the sources on the machines), discern the backdoor,
change the date, and win. Version -E1, which was used in the
competition, also had some interesting “side effects” like
zeroing the file whenever it was accessed.

In order to prevent the contestants from booting with a
non-modifed kernel and changing the file there, we put the
file on a loopback mounted minix file system. This minix
file system had a non standard magic number in its
superblock, which means that only a kernel that had a patch
to its minix fs code to recognize our minix magic number
would agree to mount it. This is the second part of the
patch.

(prev: -A1,
-B1,
-C1,
-D1,
-E1)

August 6, 2004

hacking under pressure

Filed under: Uncategorized — Muli Ben-Yehuda @ 2:18 AM

Tomorrow is the annual Israeli Linux Conference, August Penguin (Hebrew) . I am one of the organizers, taking care of the PGP Key Signing (Hebrew). I am also helping with the Hacking Contest (Hebrew). This is “Hacking” in the good sense of the word – each team of contestants starts with a Linux machine we set up earlier, the root password, and a mission. To accomplish the mission, they must show intimate familiarity with what makes a Linux system tick, and be able to think and code under pressure.

Last weekend, I spent a couple of pleasant Tucson evenings writing a kernel patch that will make the contestants lives a little bit more interesting. I thought I had it working, but today Aviram Jenik and the BeyondSecurity team put it on the machines, and we discovered that it’s not working quite as it’s supposed to. Which is why I’m now sitting at 2 AM at the office, writing this. I had a working but non-optimal patch around 11 PM (-E1), and a working nearly-optimal one at 1 AM (-F1).

We’ll be using the -E1 patch tomorrow, since it’s already on the machines, works (I sure as hell hope so) and we don’t have enough time to test -F1. I’ll post the patches here after the party, along with explanations and the success (or failure ;-)) stories.

August 4, 2004

OLS BLOG 2004: And thus, it ends

Filed under: Uncategorized — Muli Ben-Yehuda @ 7:37 AM

I made it back home.

I woke up at 5 AM at Tucson, packed my suitcase (everything fitted – barely – but it bulges ominously), had some breakfast, and left for the airport before 7. My flight was around 10, if I recall correctly. Made it through ticketing, security etc in 20 minutes, and had 2 and half hours to wait for the flight.

The Tucson->Atlanta flight was fine, nothing special. When I got to Atlanta, I had a few hours to kill before the next flight, which was supposed to leave at 7 PM. I sat the gate area, read my book, and waited, and waited, and waited. Around 6:30 PM, the flight attendant had a nasty surprise for us. “The flight will be delayed until 8:30 PM. Please wait by the gate area for further instructions”. Oh fuck, thinks I, I have a midnight flight to catch from New York to Israel. Let’s talk to them and see if there’s anything that can be done. Turns out that every other flight to NY is full. If I’m going to be stranded, I’d rather be stranded in NY, one leg closer to home.

Our flight did not leave Atlanta until almost 10 PM, a 3 hour delay. I knew that making the flight in NY wasn’t going to happen, and wondered what I’d do. When we got to NY, at almost 1 AM at night, the Delta representative booked me on the next flight to Israel, at 10 AM in the morning, told me that my luggage was now El Al’s responsibility, and apologized for the delay (like that ever helped anyone). The also claimed that since it was due to the weather, they can’t provide a hotel for the night or any other compensation. $SWEAR_WORDS.

I tried to find the El Al folks, but they had already gone home. I briefly considered spending the night at JFK, but decided against it. It was cold, there were Persons of Dubious Quality aroundand and I sorely needed a shower. I took the last room that was to be had at the JFK Radisson, a miserable, expensive hotel. Hit the bed at 2:30 AM. I had no suitcase, and although I always take an extra pair of tshirt and underwear in my carry on baggage, naturally, this time I didn’t.

Woke up at 5:30 AM, dressed, went hunting for some way of sending email (found one, but damn, it was expensive), and was back at JFK by 6:30 AM, looking forward to getting on the flight, preferably with my suitcase. The El Al people were nice, courteous and professional. Much appreciated after my Delta experiences of last night. I don’t think I’ll be flying Delta again in the near future.

I made it through security, etc, with no problems, and by 7 AM I was at the gate area. Great, another 3 hour wait at the gate… With regards to the suitcase, the El Al people said the suitcase will be on this flight or the next one, which was good enough for me. Had some breakfast, and bought the new Tom Clancy book, since the myriad delays of yesterday caused me to finish the new Stephenson book earlier than planned (it’s very good, far more “Cryptonomicon” than “Quicksilver”).

Boarded the flight at 9:30 AM. The person at the gate confirmed that my suitcase has boarded as well. Finally, something is going right!

The flight was long and tedious. I hate flying in general, but trans-atlantic flights are far worse than usual. Small, cramped seats (next time, fly me first class, IBM!), bad food, etc, etc. At least the movies were reasonable – watched Shrek 2 (cute), Mean Girls (pretty people, stupid movie) and Walking Tall, which I liked a lot. Had a few conversations with my seat-mates, a young Jewish couple. The Clancy book, btw, sucks. Not as badly as Rainbow Six, but I doubt I would’ve finished it if I weren’t stuck on an airplane.

Landed at 03:30 AM. It’s good to be back in .il, where it’s all insane, but it’s *familiar* insanity. Made it through immigration quickly, waited for 30 minutes for my suitcase, and then got it. Ripped open. Looks like it burst at the seams. Briefly debated trying to figure out if anything is missing, and then decided that it can wait for home. Found my IBM-arranged ride (Thanks Orna and Oleg!) and left for the final leg of this long journey.

Made it home at 5 something AM. Woke Orna up. It’s good to be home.

(Nothing is missing from the suitcase, as far as I can see. Thank $DEITY for small miracles).

« Previous Page

Blog at WordPress.com.