Classic Hack...

The Loony Bin ( loonies@bloodaxe.com )
Tue, 6 Jun 2000 02:36:30 +0100


The Loony Bin - http://loonies.net800.co.uk/

Hiya Loonies...

Here's another list for you to look at:

Join the Buffalo for breakfast .. We are serving up a batch of Spicy
Chips ( adult jokes ) with LynnLynn's Links and a garnish of
sweepstakes and free offers. For reservations send a blank e-mail to:
Buffalos-adult-Jokes-subscribe@egroups.com
Everything  in a jokelist you will ever want and free also.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

We haven't had one of these in a while...a classic story especially for
the techy-folks...

Wishes & Dreams...

- ANDREA
        xx

*********THE LOONY BIN****loonies@bloodaxe.com*********
***                                                 ***
***      Archive: http://loonies.net800.co.uk/      ***
***                                                 ***
************ANDROMEDA******Internet Goddess************

  ------- Forwarded foolishness follows -------

   
Here is a story about one of the classic computer hacks.
   
Back in the mid-1970s, several of the system support staff at Motorola
discovered a relatively simple way to crack system security on the Xerox
CP-V timesharing system. Through a simple programming strategy, it was
possible for a user program to trick the system into running a portion
of the program in `master mode' (supervisor state), in which memory
protection does not apply. The program could then poke a large value
into its `privilege level' byte (normally write-protected) and could
then proceed to bypass all levels of security within the file-management
system, patch the system monitor, and do numerous other interesting
things. In short, the barn door was wide open.
   
Motorola quite properly reported this problem to Xerox via an official
'level 1 SIDR' (a bug report with an intended urgency of 'needs to be
fixed yesterday'). Because the text of each SIDR was entered into a
database that could be viewed by quite a number of people, Motorola
followed the approved procedure: they simply reported the problem as
'Security SIDR', and attached all of the necessary documentation, ways-
to-reproduce, etc.
   
The CP-V people at Xerox sat on their thumbs; they either didn't realize
the severity of the problem, or didn't assign the necessary operating-
system-staff resources to develop and distribute an official patch.
   
Months passed. The Motorola guys pestered their Xerox field-support rep,
to no avail. Finally they decided to take direct action, to demonstrate
to Xerox management just how easily the system could be cracked and just
how thoroughly the security safeguards could be subverted.
   
They dug around in the operating-system listings and devised a
thoroughly devilish set of patches. These patches were then incorporated
into a pair of programs called 'Robin Hood' and 'Friar Tuck'. Robin Hood
and Friar Tuck were designed to run as 'ghost jobs' (daemons, in UNIX
terminology); they would use the existing loophole to subvert system
security, install the necessary patches, and then keep an eye on one
another's statuses in order to keep the system operator (in effect, the
superuser) from aborting them.
   
One fine day, the system operator on the main CP-V software development
system in El Segundo was surprised by a number of unusual phenomena.
These included the following:
   
 * Tape drives would rewind and dismount their tapes in the middle of a 
   job.
 * Disk drives would seek back and forth so rapidly that they would 
   attempt to walk across the floor.
 * The card-punch output device would occasionally start up of itself 
   and punch a lace card. These would usually jam in the punch.
 * The console would print snide and insulting messages from Robin Hood 
   to Friar Tuck, or vice versa.
 * The Xerox card reader had two output stackers; it could be instructed 
   to stack into A, stack into B, or stack into A unless a card was 
   unreadable, in which case the bad card was placed into stacker B. One 
   of the patches installed by the ghosts added some code to the card-
   reader driver... after reading a card, it would flip over to the 
   opposite stacker. As a result, card decks would divide themselves in 
   half when they were read, leaving the operator to re collate them 
   manually.
   
Naturally, the operator called in the operating-system developers. They
found the bandit ghost jobs running, and X'ed them... and were once
again surprised. When Robin Hood was X'ed, the following sequence of
events took place:
   
       !X id1
   
       id1: Friar Tuck... I am under attack!  Pray save me!
       id1: Off (aborted)
   
       id2: Fear not, friend Robin!  I shall rout the Sheriff
            of Nottingham's men!
   
       id1: Thank you, my good fellow!
   
Each ghost-job would detect the fact that the other had been killed, and
would start a new copy of the recently slain program within a few
milliseconds. The only way to kill both ghosts was to kill them
simultaneously (very difficult) or to deliberately crash the system.
   
Finally, the system programmers did the latter - only to find that the
bandits appeared once again when the system rebooted! It turned out that
these two programs had patched the boot-time OS image (the kernel file,
in UNIX terms) and had added themselves to the list of programs that
were to be started at boot time.
   
The Robin Hood and Friar Tuck ghosts were finally eradicated when the
system staff rebooted the system from a clean boot-tape and reinstalled
the monitor. Not long thereafter, Xerox released a patch for this
problem.
   
It is alleged that Xerox filed a complaint with Motorola's management
about the merry-prankster actions of the two employees in question. It
is not recorded that any serious disciplinary action was taken against
either of them. 


Please include this information if you forward this joke:
*********************************************************
     This joke and others like it, can be found in:
                     The Loony Bin
              http://loonies.net800.co.uk/
*********************************************************
               Get PAID to surf the Web! 
      http://alladvantage.com/go.asp?refid=BFN610


______________________________________________________________________
To unsubscribe, write to loonies-unsubscribe@listbot.com