Reading (For Dummies)

Whoah

The last few days have been hunting and begging for work. I found not one but two jobs to do for the summer. One developing SE Linux for the CSA (so finally that bit on my resume will be legit), and one documenting and fixing up the SAI's Trusted Time doohickey. It's right up my alley.

I saw the Matrix with some pals tonight (Keisuke, Yukiko, Norka, and Christian). 'Twas so-so. Okay action flick, but a little too much action. Annoying as hell "Architect," although computer scientists, logicians, and determinists can understand the big words.

What I did love about it was the hacking scene, perhaps the first "real" demo of how hacking actually works, represented in a Hollywood movie. Even cooler? I worked with that particular exploit at my previous stay with CSA. I was trying to get a general-version of the 'sploit to work. It's hard to to do a buffer overflow because you have to know where in memory on the target machine the server is running, and do a relative offset jump. To do it, you really need to set up an identical server, and watch the server with a debugger. Even then it will take a few attempts. There are methods to guess (or randomly guess, running up the risk of getting caught) the correct offset.

Supposedly someone succeeded and wrote a generic version (what Trinity runs as "sshnuke"), but if so it isn't widely known/available, and it doesn't work on any modern system because we use (or should use) newer versions of SSH that don't allow the old crappy SSH1 protocol anymore. But damn I feel like such a cool nerd for knowing all about it.

Other than that, there's this.