strick@osc.com (henry strickland) (01/13/90)
Lately I've been hacking cfront2.0. It's written in an extreme subset of C++, which is to be expected, so that it can be compiled with a simple sub-C++ bootstrap compiler. It uses the archaic assignment-to-this for rapid allocation of objects, which is also to be expected, given its age. However it won't compile with g++ because of that, at least not after I've added some virtual functions, which it was never really supposed too have. I've debated whether to do something about the assignment-to-this ... it might be a good exercise, and it may let me do native debugging with g++/gdb (rather than with cfront/gcc/gdb). ( Long live the righteous GNU! ) > Listen, bub. > this is NOT alt.lets-break-into-systems-and-call-ourselves-hackers (and > "a god damned asshole". > If you want to break the law, Having been a hacker since building a 1K 1802 box in like 1978 (long live the righteous ELF!), I still couldn't define hacker, but: Real Hackers Know One When They See One. One thing I would say is that they're typically NOT anal-retentive and they usually ARE massively curious (and they usually can't spell). If someone tells a hacker (EITHER/ANY definition of hacker): "hey, did you hear about the new way to crack root with the "echo" command", a real hacker isn't going to say "Listen bub, you goddammed asshole, you law-breaking scum, you're a public nuisance: I'm calling the sheriff." No, you'd say, "hmm, echo (nor any of the shells that directly implement it) doesn't run set[ug]id, doesn't muck with groups, has nothing to do with file descriptors or sockets or devices, isn't invoked remotely, shouldn't call any weird library subroutines, doesn't make /tmp files, ... humm, how do they do it?" and you'd run look at the sources to see if you could figure it out. Now really, how many of you that know how to get root with mkdir, exrecover, or ftp haven't actually tried it? I still remember having to run tell spaf that I now owned the passwd file on gatech and he needed to chown it back. ( Spaf himself found 5 ways to get root years ago on gatech's brand new pyramid when it was first installed. ) The first thing I did when I got here to my new job was to point out and close up holes in our system. Useful stuff to know. I also closed holes in games before installing them back at georgia tech. The authors of some of these games are really clueless with misuses of access(2) (which has *NO* good uses -- it's very existence is a hole waiting to be abused) and shelling out. Only through case studies (hacking) do you learn how to create fairly secure systems. And most of this information comes down through the Great Oral Tradition of The Net. Right? So let's quit calling people names, making rapid judgements of them, saying we're "better people than them", and see what we can learn. Keep the reports coming! strick strick@gatech.edu strick@osc.com P.S. Please don't read anything into the above that I didn't say. I made *no* judgements above about legal issues or about people breaking the law. But the net being what it is, I know someone will anyway. So never mind after all. Flame me to shreds. Blame me for viri and worms and X windows and emacs and the fact that rn doesn't understand "d" after "=" (Type h for help.) P.P.S. My best 1802 hack: A sixteen-character (3x5 dots per char) one-line display on an oscilloscope with the output of a D-to-A resister ladder from the 1802's LED latch to the Y input of the scope, and the Q line to its external sync input. I didn't have a Z input, so I sent 255 to the D-to-A to throw the beam off the screen for the not-lit bits. I was pretty proud at the time ... (We're so spoiled today, with more than 1K of memory.) ### # ### ### # # ### ### ### ### ### # ## ## ## # # # # # # # # # # # # # # # # # # # # # # # # ### ### ### ### ### # ### ### ### ## # # # # # # # # # # # # # # # # # # # # # # # ### # ### ### # ### ### # ### ### # # ## ## ## ## # # # # # ## ## ## ## # # # # # # # ## ## ## ##