informis
/
textfiles
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
textfiles/computers/realhack.txt

229 lines
11 KiB
Plaintext
Raw Normal View History

Initial commit
2021-04-15 11:31:59 -07:00
The Meaning of `Hack' - The Jargon File
=====================
"The word {hack} doesn't really have 69 different meanings", according
to Phil Agre, an MIT hacker. "In fact, {hack} has only one meaning, an
extremely subtle and profound one which defies articulation. Which
connotation is implied by a given use of the word depends in similarly
profound ways on the context. Similar remarks apply to a couple of
other hacker words, most notably {random}."
Hacking might be characterized as "an appropriate application of
ingenuity". Whether the result is a quick-and-dirty patchwork job or
a carefully crafted work of art, you have to admire the cleverness
that went into it.
An important secondary meaning of {hack} is `a creative practical
joke'. This kind of hack is often easier to explain to non-hackers
than the programming kind. Accordingly, here are some examples of
practical joke hacks:
In 1961, students from Caltech (California Institute of Technology in
Pasadena) hacked the Rose Bowl football game. One student posed as a
reporter and `interviewed' the director of the University of
Washington card stunts (such stunts involve people in the stands who
hold up colored cards to make pictures). The reporter learned exactly
how the stunts were operated, and also that the director would be out
to dinner later.
While the director was eating, the students (who called themselves the
`Fiendish Fourteen') picked a lock and stole one of the direction
sheets for the card stunts. They then had a printer run off 2300
copies of the sheet. The next day they picked the lock again and
stole the master plans for the stunts, large sheets of graph paper
colored in with the stunt pictures. Using these as a guide, they
carefully made `corrections' for three of the stunts on the
duplicate instruction sheets. Finally, they broke in once more,
replacing the stolen master plans and substituting the stack of
altered instruction sheets for the original set.
The result was that three of the pictures were totally different.
Instead of spelling "WASHINGTON", the word "CALTECH" was flashed.
Another stunt showed the word "HUSKIES", the Washington nickname,
but spelled it backwards. And what was supposed to have been a
picture of a husky instead showed a beaver. (Both Caltech and MIT use
the beaver as a mascot. Beavers are nature's engineers.)
After the game, the Washington faculty athletic representative said,
"Some thought it ingenious; others were indignant." The Washington
student body president remarked, "No hard feelings, but at the time
it was unbelievable. We were amazed."
This is now considered a classic hack, particularly because revising
the direction sheets constituted a form of programming not unlike
computer programming.
Another classic hack:
Some MIT students once illicitly used a quantity of thermite to weld a
trolley car to its tracks. The hack was actually not dangerous, as
they did this at night to a parked trolley. It took the transit
people quite a while to figure out what was wrong with the trolley,
and even longer to figure out how to fix it. They ended up putting
jacks under the trolley and cutting the section of track on either
side of the wheel with oxyacetylene torches. Then they unbolted the
wheel, welded in a new piece of track, bolted on a new wheel, and
removed the jacks. The hackers sneaked in the next night and stole the
piece of track and wheel!
The piece of trolley track with the wheel still welded to it was later
used as the trophy at the First Annual All-Tech Sing. They carted it
in on a very heavy duty dolly up the freight elevator of the Student
Center. Six feet of rail and a trolley wheel is a *lot* of
steel.
A rather similar hack, perpetrated by a fraternity at CMU, cost their
campus its trolley service.
Though these displayed some cleverness, the side-effect of expensive
property damage was definitely an esthetic minus. The best hacks are
harmless ones.
And another:
One winter, late at night, an MIT fraternity hosed down an underpass
that is part of a commuter expressway near MIT. This produced an ice
slick that `trapped' a couple of small cars: they didn't have the
momentum or traction to climb out of the underpass. While it was
clever to apply some simple science to trap a car, it was also very
dangerous as it could have caused a collision. Therefore this was a
very poor hack overall.
And yet another:
On November 20, 1982, MIT hacked the Harvard-Yale football game. Just
after Harvard's second touchdown against Yale in the second quarter, a
small black ball popped up out of the ground at the 40-yard line, and
grew bigger, and bigger, and bigger. The letters "MIT" appeared all
over the ball. As the players and officials stood around gawking, the
ball grew to six feet in diameter and then burst with a bang and a
cloud of white smoke.
As the Boston Globe later reported, "If you want to know the truth,
M.I.T. won The Game."
The prank had taken weeks of careful planning by members of MIT's
Delta Kappa Epsilon fraternity. The device consisted of a weather
balloon, a hydraulic ram powered by Freon gas to lift it out of the
ground, and a vacuum-cleaner motor to inflate it. They made eight
separate expeditions to Harvard Stadium between 1 and 5 AM, in which
they located an unused 110-volt circuit in the stadium, and ran buried
wiring from the stadium circuit to the 40-yard line, where they buried
the balloon device. When the time came to activate the device, two
fraternity members had merely to flip a circuit breaker and push a
plug into an outlet.
This stunt had all the earmarks of a perfect hack: surprise,
publicity, the ingenious use of technology, safety, and harmlessness.
The use of manual control allowed the prank to be timed so as not to
disrupt the game (it was set off between plays, so the outcome of the
game would not be unduly affected). The perpetrators had even
thoughtfully attached a note to the balloon explaining that the device
was not dangerous and contained no explosives.
Harvard president Derek Bok commented: "They have an awful lot of
clever people down there at MIT, and they did it again." President
Paul E. Gray of MIT said, "There is absolutely no truth to the rumor
that I had anything to do with it, but I wish there were."
Finally, here is a great story about one of the classic computer hacks.
Back in the mid-1970s, several of the system support staff at Motorola
discovered a relatively simple way to crack system security on the
Xerox CP-V timesharing system. Through a simple programming strategy,
it was possible for a user program to trick the system into running a
portion of the program in `master mode' (supervisor state), in which
memory protection does not apply. The program could then poke a large
value into its `privilege level' byte (normally write-protected) and
could then proceed to bypass all levels of security within the
file-management system, patch the system monitor, and do numerous
other interesting things. In short, the barn door was wide open.
Motorola quite properly reported this problem to XEROX via an official
`level 1 SIDR' (a bug report with a perceived urgency of `needs to be
fixed yesterday'). Because the text of each SIDR was entered into a
database that could be viewed by quite a number of people, Motorola
followed the approved procedure: they simply reported the problem as
`Security SIDR', and attached all of the necessary documentation,
ways-to-reproduce, etc. separately.
Xerox sat on their thumbs...they either didn't realize the severity of
the problem, or didn't assign the necessary operating-system-staff
resources to develop and distribute an official patch.
Months passed. The Motorola guys pestered their Xerox field-support
rep, to no avail. Finally they decided to take Direct Action, to
demonstrate to Xerox management just how easily the system could be
cracked and just how thoroughly the system security systems could be
subverted.
They dug around in the operating-system listings and devised a
thoroughly devilish set of patches. These patches were then
incorporated into a pair of programs called Robin Hood and Friar Tuck.
Robin Hood and Friar Tuck were designed to run as `ghost jobs'
(daemons, in UNIX terminology); they would use the existing loophole
to subvert system security, install the necessary patches, and then
keep an eye on one another's statuses in order to keep the system
operator (in effect, the superuser) from aborting them.
So... one day, the system operator on the main CP-V software
development system in El Segundo was surprised by a number of unusual
phenomena. These included the following:
* Tape drives would rewind and dismount their tapes in the middle of a
job.
* Disk drives would seek back and forth so rapidly that they'd attempt
to walk across the floor (see {walking drives}).
* The card-punch output device would occasionally start up of itself
and punch a {lace card} (every hole punched). These would usually
jam in the punch.
* The console would print snide and insulting messages from Robin Hood
to Friar Tuck, or vice versa.
* The Xerox card reader had two output stackers; it could be
instructed to stack into A, stack into B, or stack into A unless a
card was unreadable, in which case the bad card was placed into
stacker B. One of the patches installed by the ghosts added some
code to the card-reader driver... after reading a card, it would flip
over to the opposite stacker. As a result, card decks would divide
themselves in half when they were read, leaving the operator to
recollate them manually.
There were some other effects produced, as well.
Naturally, the operator called in the operating-system developers. They
found the bandit ghost jobs running, and X'ed them... and were once
again surprised. When Robin Hood was X'ed, the following sequence of
events took place:
!X id1
id1: Friar Tuck... I am under attack! Pray save me!
id1: Off (aborted)
id2: Fear not, friend Robin! I shall rout the Sheriff of
Nottingham's men!
id1: Thank you, my good fellow!
Each ghost-job would detect the fact that the other had been killed,
and would start a new copy of the recently-slain program within a few
milliseconds. The only way to kill both ghosts was to kill them
simultaneously (very difficult) or to deliberately crash the system.
Finally, the system programmers did the latter... only to find that
the bandits appeared once again when the system rebooted! It turned
out that these two programs had patched the boot-time image (the
/vmunix file, in UNIX terms) and had added themselves to the list of
programs that were to be started at boot time...
The Robin Hood and Friar Tuck ghosts were finally eradicated when the
system staff rebooted the system from a clean boot-tape and
reinstalled the monitor. Not long thereafter, Xerox released a patch
for this problem.
It is alleged that Xerox filed a complaint with Motorola's management about
the merry-prankster actions of the two employees in question. It is
not recorded that any serious disciplinary action was taken against
either of them.