Ken describes how he injected a virus into a compiler. Not only did his compiler know it was compiling the login function and inject a backdoor, but it also knew when it was compiling itself and injected the backdoor generator into the compiler it was creating. The source code for the compiler thereafter contains no evidence of either virus.
Ken wrote, In demonstrating the possibility of this kind of attack, I picked on the C compiler. I could have picked on any program-handling program such as an assembler, a loader, or even hardware microcode. As the level of program gets lower, these bugs will be harder and harder to detect. A well installed microcode bug will be almost impossible to detect.
Source: The Ken Thompson Hack
How do you recognize a good API? It’s tough, but one thing is sure, a good interface allows easy swapping of components. If it doesn’t allow easy swapping of components, it’s not a good interface.
Source: 9 – systemD: Interfaces last longer than code – Slashdot
Throughout systemd there is a lack of understanding of proper interfaces. Making the GUI depend on a particular init system is a particularly obvious example of poor design, but the code was written from a ‘code first’ perspective rather than an ‘interface first’ perspective.
Just a list of 20 (now 28) tools for the command line. Some are little-known, some are just too useful to miss, some are pure obscure — I hope you find something useful that you weren’t aware of yet! Use your operating system’s package manager to install most of them. (Thanks for the tips, everybody!)
via Cool, but obscure unix tools :: Software architect Kristof Kovacs.
The main tenets of the Unix Philosophy are as follows::
- Small is beautiful.
- Make each program do one thing well.
- Build a prototype as soon as possible.
- Choose portability over efficiency.
- Store data in flat text files.
- Use software leverage to your advantage.
- Use shell scripts to increase leverage and portability.
- Avoid captive user interfaces.
- Make every program a filter.
via Tenets of the UNIX Philosophy
There are now two main cultures in computing: Most computer users treat software as a tool for getting tasks done, while programmers hold conversations with their software. One big challenge when teaching programming, no matter in what language, is getting students used to a conversation-oriented programmer culture, which is very different than a tool-oriented user culture.
via Philip Guo – The Two Cultures of Computing.
On November 3, 1988, 25 years ago this Sunday, people woke up to find the Internet had changed forever. The night before, someone had released a malevolent computer program on the fledgling computer network. By morning, thousands of computers had become clogged with numerous copies of a computer “worm,” a program that spread from computer to computer much like a biological infection.
via How a grad student trying to build the first botnet brought the Internet to its knees.
Robert Morris’ father worked for the NSA at the time.
From: Robert Morris (cryptographer)
There is a description of Morris in Clifford Stoll‘s book The Cuckoo’s Egg. Many readers of Stoll’s book remember Morris for giving Stoll a challenging mathematical puzzle (originally due to John H. Conway) in the course of their discussions on computer security: What is the next number in the sequence 1 11 21 1211 111221? (known as the look-and-say sequence). Stoll chose not to include the answer to this puzzle in The Cuckoo’s Egg, to the frustration of many readers.
Errol Rasit, research director at Gartner, concurs that the primary cause of Unix weakness over the past decade is migration from the RISC platform to x86-processor based alternatives, which can run many Unix workloads, usually at attractive price/performance ratios. Today, x86 technology attracts most new deployments and innovation, such as cloud computing and fabric-based computing, which further validates the technology as a preferred platform.
via The last days of Unix – Network World.