Celebrating Workarounds, Kludges, and Hacks

itwbennett writes: We all have some favorite workarounds that right a perceived wrong (like getting around the Wall Street Journal paywall) or make something work the way we think it ought to. From turning off annoying features in your Prius to getting around sanctions in Crimea and convincing your Android phone you're somewhere you're not, workarounds are a point of pride, showing off our ingenuity and resourcefulness. And sometimes artful workarounds can even keep businesses operating in times of crisis. Take, for example, the Sony employees, who, in the wake of the Great Hack of 2014 when the company's servers went down, dug out old company BlackBerrys that, while they had been abandoned, had never had their plans deactivated. Because BlackBerrys used RIM's email servers instead of Sony's, they could still communicate with one another, and employees with BlackBerrys became the company's lifeline as it slowly put itself back together. What hacks and workarounds keep your life sane?

Ad blockers

Makes the web work the way it ought to.

Nobeta

http://slashdot.org/?nobeta=1, of course!

Quantum HDD

[Lead+Butthead]

This I heard from a ex-Quantum coworker; purportedly the drive firmware was suffering from a memory corruption problem (several consecutive bytes keep getting overwritten in RAM.) The engineer tasked with fixing the problem shifts the code by the said number of bytes and declares victory. After that I never looked at HDD the same way again.

Abuse of sudo

[kramer2718]

At an old job, we were given sudoer privileges, but there was a blacklist of dangerous commands that we couldn't sudo (such as bash, su, etc), so I wrote a one line script to get around that called hijack:

$@

Then I could type

$sudo hijack

and sudo any command I wanted.

Re:Abuse of sudo

[BlackPignouf]

Sorry, found it :
http://stackoverflow.com/quest...

I already used it, but forgot it since.

Undid an old game crack by brute force

I wanted to play an old abandonware game, but the only copy I could find had been cracked to bypass the "copy protection" questions, and the crack had some unfortunate side effects. An old text file showed which two bytes to change in DEBUG to crack it, so I knew which two bytes had been changed in which file, but I didn't know what the original values were. Fortunately, SCUMMVM's source code shows the hash of the file it's looking for. So I wrote a shell script to create 2^16 copies of the copy with all possible values for those 2 bytes, and looked for the one with the right hash.

Re:Undid an old game crack by brute force

You want me to confess to creating 2^16 unauthorized derivative works?

Tape

[fhage]

Black, to cover the obnoxious blue LEDs.
White, to let some light through.
Masking tape over the speakers in the kid's toys.
Duct, to keep the taillight on the truck.
Surgical, to keep the bandage on while I work.

Re:Tape

[Green+Salad]

Red tape, to slow down upstart competitors
Do Not Cross - Crime Scene tape, to prank your co-worker
Audio tape, to reveal the hypocrisy of politicians

Hardware Boot Sector Recovery

[Bing+Tsher+E]

Back when a 10 MB full-height 5-1/4" hard drive was still somewhat of a big deal, I acquired one that had boot sector damage. It could be low-level formatted just fine, but the first few cylinders were damaged so it couldn't be a bootable drive in a PC-XT clone.

It used an optical limit sensor to detect when the stepper motor moving the head in and out was at the outer end of travel. I epoxied a little bit of metal onto the end of the encoder to slightly extend the head inward. After a fresh low-level format, the new 'track zero' was defect free and the drive was bootable and could be deployed as the C: drive. I think I then put it to use as the C: drive in the PC-XT that I ran my BBS on (WWIV 3.2.1, 1200 baud, online 24/7)

Re:I'm so ashamed

[dissy]

With all the clever hacks and workarounds people are posting, I'm ashamed to say my best is using a steak knife as a screwdriver.

It could be worse. I'm eating steak off of a screwdriver :{

Comment removed

[account_deleted]

Comment removed based on user account deletion

Become major of a place on foursquare

[unrtst]

I don't use foursquare, but a friend was bragging about being mayor at a couple places. I commented that I could be mayor in a month or two. He ended up betting me I couldn't. I warned him that it was super easy and he would be stupid for making that bet, but he still did it. That night, shortly after a few drunken minutes trying to type my password, the first cron job started running...

#!/usr/bin/perl
# call it from cron with:
# perl foursquare_checkin <location_id> <latitude> <longitude> <your_login_email> <password>
# Ex: perl foursquare_checkin 2021944 40.676141 -73.983452 foo@bar.baz 12345
my ($user,$pass) = @ARGV[3,4];
my $auth = MIME::Base64::encode("$user:$pass",'');
use MIME::Base64;
use IO::Socket;
sleep(rand()*600); # so checkins are slightly random
my $sock = IO::Socket::INET->new(PeerAddr=>'api.foursquare.com', PeerPort=>80,
                                                                  Proto =>'tcp', Type=>SOCK_STREAM) or die;
$ARGV[1] += rand() * 0.0001 - 0.00005; # wobble location
$ARGV[2] += rand() * 0.0001 - 0.00005;
my $str = "vid=$ARGV[0]&private=0&geolat=$ARGV[1]&geolong=$ARGV[2]";
print $sock "POST /v1/checkin HTTP/1.1\r\nHost: api.foursquare.com\r\nUser-Agent:" ." Mozilla/5.0 (iPhone; U; CPU like Mac OS X; en) AppleWebKit/420+ " ."(KHTML, like Gecko) Version/3.0 Mobile/1C10 Safari/419.3\r\nContent" ."-Type: application/x-www-form-urlencoded\r\nAuthorization: Basic " ."$auth\r\nContent-length: ", length($str)+2, "\r\n\r\n$str\r\n";
my $res = <$sock>;

And yes, I know that's ugly, and there's easier and cleaner ways, but it got the job done well enough to get me mayor of a few places and really pissed off the gambler before I turned it off for good. I have no idea if this still works (ie. lack of any form of message authenticity or handshake etc), but it wouldn't surprise me if it did... feel free becoming mayor of anywhere you want (you can even checkin to places across the country and back on a regular basis and they didn't catch it). But if it no longer works, don't ask me.

Software TDMA for WiFi

[aXis100]

Many years ago when WiFi first came out and internet was still really slow I was active in a community based wireless FreeNet. We had set up multiple 10+ km links between our houses and had a full dynamically routed system spanning most of a city.

Problem was, WiFi is renowned for the "hidden node" problem, where clients cant hear each other and fail to successfully perform collision avoidance. Packetloss goes through the roof and throughput suffers terribly.

So, I wrote a perl script that interacted with IPtables QUEUE feature to keep the wireless packets a buffer, and they would only be released then that client received a token from a master server. It was a massive hack, but worked a treat and gave huge improvements to our throughput and stability.

Years later companies like Mitronik and Ubiquity introduced similar functionality in their wireless station firmware, but we were well ahead of the curve.

Dang buzzer

[Moof123]

Being able to listen to music with your car doors open is great, if not for the dang "your keys are in the ignition. So I spend a couple hours ripping open my dash to get to the stupid thing and rip the connector loose. It was a vast improvement in the utility of my truck.

live patching non-modular code in a running ircd..

[AndroSyn]

So there was a bug several years ago in ircd-ratbox that impacted the core code that wasn't a loadable module. There was a bug in cidr matching that really needed fixed. So..I wrote a loadable module that got the address of the C function that needed replaced. Then I used mprotect to set that page the function was in memory to be read/write.
Then..I scribbled over the start of the function with x86 opcodes to make it jump to a replacement function that was in the just loaded module.

Or in code.. match_cidr is the bad function, fixed_match_cidr is the replacement.

static int
modinit(void)
{
        char snag[7];
        snag[0] = 0xB8;
        *(int *) &snag[1] = (int) fixed_match_cidr;
        snag[5] = 0xFF;
        snag[6] = 0xE0;
 
    memcpy(saved, match_cidr, 7);
    mprotect(ALIGN(match_cidr-(PAGESIZE)), PAGESIZE*2, PROT_READ|PROT_WRITE|PROT_EXEC);
    memcpy(match_cidr, snag, 7);
    mprotect(ALIGN(match_cidr-(PAGESIZE)), PAGESIZE*2, PROT_READ|PROT_EXEC);
    return 0;
}

Thank you for playing Wing Commander

[Chuck+Chunder]

As development for Wing Commander came to a close, the EMM386 memory manager the game used would give an exception when the user exited the game. It would print out a message similar to "EMM386 Memory manager error..." with additional information. The team could not isolate and fix the error and they needed to ship it as soon as possible. As a work-around, one of the game's programmers, Ken Demarest III, hex-edited the memory manager so it displayed a different message. Instead of the error message, it printed "Thank you for playing Wing Commander."

https://en.wikipedia.org/wiki/...

Wetware hack: Sardines as desert

[dotancohen]

I introduced sardines to my daughters as desert, and only give it to them as a treat. Now they enjoy an inexpensive, healthy snack when other kids demand ice cream and chocolate. If that's not a hack, then I don't know what is.