Muli Ben-Yehuda's journal

It’s my sweetie’s birthday today. Happy birthday, ladypine!

Are now online (also on mulix.org). Mostly Hebrew, some English. Blame ladypine 😉

Orna and me will be giving a talk on our impressions from OLS 2004 tomorrow. Orna’s notes in Hebrew are here. Mine will join them as soon as I finish proof reading. I also need to reread the Xen and Unmapping the Page Cache papers before the talk, if I want to talk about them. *angst*.

Any day at the office when I get to write in shell, C, assembly and lisp is a good day.

The annual “has someone broken trident and I haven’t noticed?” check passed succesfully. I ran it on 2.6.8-rc4 with Ingo’s Latency Tracer applied, and so far, the results are very encouraging – except for various bootup bogosities (127msec, ouch!), there’s nothing above the threshold.

“How do I obey Newton’s rule? He said, “If I have seen further than others, it is because I’ve stood on the shoulders of giants.” These days we stand on each other’s feet!”

Richard Hamming (Hamming Distance, Hamming Code), in a talk titled “You and Your Research”. Recommended! (via lispmeister).

“If you wanna echo, echo, don’t talk.” [Dirty Harry the Geek]

— seen on an anonymous (to protect the guilty) CVS commit message

Date: Thu, 12 Aug 2004 13:39:41 +0300 From: Muli Ben-Yehuda User-Agent: Mutt/1.5.6+20040803i To: Marc’s List Subject: tip: changing the default screen(1) command character

Or “how to make screen not use C-a by default”.

It’s pretty simple really, once you grovel through the documentation enough to find the relevant bit. Set it with either -e command line switch or the ‘defescape’ or ‘escape’ commands.

Explanation: screen(1) is a very useful utility for everyone who works a lot on remote computers. It allows you to attach and detach from remote sessions (detach like nohup(1), but you can also attach back to it) so that they continue running while you’re disconnected from that machine. screen by default ‘steals’ the C-a (Control a) key stroke to itself, which is incredibly annoying if you’re used to the default readline key strokes in bash, emacs, BitchC, etc, where you type it to go to the beginning of the line. Ergo, the tip above to change it to something saner.

Cheers, Muli
—
Muli Ben-Yehuda
http://www.mulix.org | http://mulix.livejournal.com/

Shachar Shemesh has a few comments on the hacking contest. He thinks that “the kernel challenge was not planned properly… what Muli did to the kernel pales in comparison to things you see in the real world”. I guess what Shachar doesn’t understand is that it was supposed to be hard, not impossible. We could’ve been a lot more evil, and made their lives much harder, but what would’ve been the point in that? it was supposed to be fun, and solvable within an hour.

We intended for the teams to understand that the kernel has been tampered with, find in what way it was tampered with, find the backdoor in the tampering, and finish this stage. This is exactly what the winning team did. We anticipated the teams trying to boot with a clean kernel (this is exactly what we would’ve done in their stead) and took steps to prevent that from working (only our kernel would agree to mount the minix file system that the file resided on – a one bit change in the magic field in the superblock is all it took).

Shachar’s team “solved” this stage in two ways – the first, by removing the loopback mount and creating a different file at /usr/local/august/stage3.tmp. This is something we considered a low-quality solution, since it did not solve the original problem, only worked around it. Their second solution was “we did something and the file changed, and we don’t know what it was”. We accepted it, since the file did appear to be changed, but it would’ve been nice if they would’ve known how they did it. It’s possible that they exploited a bug in my patch, or tricked us somehow, but since the winning team rm -rf’d their machine at the end, we will never know.

It was fun and we certainly learned a few things for the next time. And Shachar, I could’ve written a complete root kit, but considering how long it took you guys to handle this relatively simple challenge – what would’ve been the point?

Aviram Jenik, overlord of BeyondSecurity has an excellent technical writeup of the hacking contest. Sorry, it’s in Hebrew.