The AMP Project is an open-source initiative aiming to make the web better for all. The project enables the creation of websites and ads that are consistently fast, beautiful and high-performing across devices and distribution platforms.
Around two weeks ago Intel announced a critical privilege escalation bug that was laying around its Active Management Technology (AMT) login page for the past seven years. The exploit allows a remote attacker to take control of vulnerable devices with ease.
I’ve read many posts that mock the programmer who introduced it, and the (lacking) testing framework and processes to make sure such things never happen.
But, what if no one made a mistake, and the whole thing is a result of an elaborate hack?
How much can you trust software?
Have you ever checked the validity of the sources your acquire your software from?
Can you trust your own code? Have you ever checked the tooling that compiles or runs it?
In 1984, Ken Thompson, a known figure in the hacker community and one of the authors of UNIX, proposed we can’t. In his remarkable paper, Reflections On Trusting Trust, Ken outlines a hack that many considers the worst hack imaginable: The Ken Thomson Hack.
This blog post is a bit long (but worth it!) and made out of three parts:
I keep running into people that tell me they’re unqualified to go to Hackathons, because their coding skills aren’t good enough. This post is for everyone who wants to win a Hackathon, and specifically to people who avoid them.
I recently participated and won the biggest Hackathon in Israel. I love Hackathons, and I love winning too. Getting a cash reward is fun, but not as much as winning!
After reading the above, you probably think I’m extremely competitive and cocky, but your’e missing the point - my definition for winning a Hackathon is probably different than yours.
This post is dedicated to people who are already familiar with Ctags, and aims to show you how I use them. If you’ve never heard of Ctags before, and you use a code editor (not an IDE) I HIGHLY encourage you to read about it, then install Universal Ctags.
Nuclear Gandhi is the nickname given to the Indian historical figure Mahatma Gandhi as portrayed in the turn-based strategy video game series Civilization.
A bug in the game caused Gandhi, who is a known pacifist in real life, to turn into a nuclear-obsessed maniac that made India the most hostile civilization in the game.
The cause was a glitch in the artificial intelligence settings for Gandhi’s aggression level: Gandhi started with the lowest level of aggression to reflect his historical legacy of pacifism: 1.
When a player adopted democracy in Civilization, their aggression would be automatically reduced by 2, which means that Gandhi’s aggression level should have gone to -1, but instead the aggression level went all the way up to 255, making him as aggressive as a civilization could possibly be.
Interesting right? but how the heck does -1 become 255?
A bit of math
Don’t worry. I’m not going to dive in too deep. There’s a plethora of blog posts and explanations on how integer arithmetic & representation work.
I’ll explain just enough in order for you to understand what’s going on.
510 in 8-bit binary is000001012, pretty straight forward. But what about−510? How is it implemented? lets draft a possible solution.
First, we need to know the sign of the number. We’ll reserve the most significant bit for the sign, and use the rest as the values. Second, We’ll make sure we don’t break compatibility and set the sign bit for positive numbers to zero, and negative numbers to one. In this scenario a signed 8-bit number would range from -127 to 127.
Now, in our hacky system,510 won’t change, and−510 will be100001012.
But here’s the catch - regular arithmetic doesn’t work:
We can build custom assembly arithmetic, but that’s an over-kill.
Two’s complement is a mathematical operation on binary numbers, as well as a binary signed number representation based on this operation. Its wide use in computing makes it the most important example of a radix complement. - Wikipedia
TL;DR: a different system that makes arithmetic work as you’d expect.
int x = 5;
// ~x = 11111010
// ~x + 1 = 11111011
int negativeX = ~x + 1;
For example, addition of510 and−510 works like we expect:510+−510=000001012+111110112=000000002
More information is out of scope for this blog post. If you’re interested, start from the answers for What is “2’s Complement”? on StackOverflow.
Ok, so what happened?
A Civilization’s aggression level was saved as an unsigned char, which can’t represent negative values.
Gandhi’s aggression level started at110, and when democracy arrived, it was reduced by two:110−210=000000012−000000102=000000012+111111102=111111112
if the aggression level variable was signed, then the binary would be interpreted as−110, which is what we’d expect. Instead, it was unsigned, which means it got interpreted as25510.
… And Gandhi turned from a pacifist into a warmonger: “Greating from M. Gandhi, ruler and king of the Indians… Our words are backed with NUCLEAR WEAPONS!”
I’m going to ask you a couple of questions. If you answer all of them correctly, and understand why - good job! this post is not for you.
Otherwise, If you’re a normal human being, consider reading this post. It’ll save you hours of useless debugging. Honestly, If the engineering who built Ariane V read it (and set their compiler to warning as error) their rocket wouldn’t blow up.
What’s the answer? yes or no?
float x = 0.7;
printf(x == 0.7 ? "yes" : "no")
What will be printed?
float x = 4 / 3;
What’s the answer? yes or no?
float x = 1.0/3.0;
double y = 1.0/1234567.0;
printf(((x+y) - x) == y ? "yes" : "no");
Are both lines equal?
float x = 0.20;
double y = 0.20;
Now that I’ve got your attention, lets go over the answers real quick. Once you get to the end of this blog post, You’ll understand them fully and be able to impress your coworkers with useless knowledge.
HackIDC is Israel’s leading student Hackathon, held annually at IDC Herzliya. It is a great opportunity to build something new and exciting, together with coding and design enthusiasts. Students work in teams of up to five people for 24 hours to create a web, mobile, or hardware product.
What we did
Our team crafted a smart bracelet for conferences that swaps contact details between participants using a regular handshake. The match is done by monitoring acceleration data gathered from the bracelet’s Red Amber chip, and processing it in real-time by a learning algorithm that we developed.
The data that we collected could help conference organizers gain tremendous knowledge about the participants, and that’s only the beginning. We’re planning on continuing the project by adding more insightful features.
! All the sensor related tools were written in C++, MatLab helped us make sense of them. The data crunching part was written in python, and the website using WiX.
[The prototype we used during development]
HackIDC introduced a new “Challenge” section this year. Some of the sponsors had their own challenges for the teams: Bank Leumi, Murata & Electra.
We decided to participate in Electra’s challenge in parallel to our “main” solution - hook into an air conditioner unit to provide alerts to operation teams when interesting events occur:
A unit installation failed
Compressor gas had reached a critical point
We extracted all the sensor data straight from the unit, sent it to a server at the backend that crunched it, and raised alerts when they matched a pattern.
! The entire project was written in python. The frontend used flask, bootstrap and JS.
[The website showed real alerts raised by the data that was simulated by Electra’s air condition unit]