The Code: Story of GNU + Linux
(2001)
Complete Documentary
[Subs: ENG, ESP]

#Linus #Linux #GNU #FreeSoftware #OpenSource #GNUProject
#LinusTorvalds #RichardStallman #KenThompson #TheCode #DennisRitchie #AlanCox

https://www.dailymotion.com/video/x8q1zol

“I remember #deleting my #MastersThesis, and then having to run grep on /dev/hda1 to find where on the disk it was so I could copy on the area around it -- then piece everything back together and fix bit that were not retrieved correctly. It was a very stressful experience, but in the end #grep saved the day.” 🤓😫🤣☺️

#CLI / #Grep / #HarrisonMaddison / #LinguisticFingerprint / #FrequencyAnalysis / #KenThompson / #LaurieWired <https://youtube.com/watch?v=iQZ81MbjKpU>

In the early 70s, Ken Thompson wrote the original Unix shell by hand, giving users a simple but powerful interface to control the system. It allowed commands to be chained, redirected, and scripted, laying the foundation for nearly every terminal-based environment that followed. Even now, shells like sh, bash, and zsh all trace their lineage back to Thompson’s early work.

#UnixHistory #KenThompson #ShellScripting #CommandLineRoots

From Unix: A History and a Memoir by Brian Kernighan.

#KenThompson #Unix #BellLabs #Aviation #ComputerHistory #ComputingHistory #History

Ken Thompson vuela un MiG.

Además de pionero del cómputo, del
lenguaje B, compiladores, Multics, UNIX, Plan9, UTF8, Go, máquinas de ajedrez computado, etc, a Ken Thompson le gustaba volar aviones. Despuntó el vicio en esto de ir a Rusia para volar en un MiG-29 Fulcrum.

Como si fuese un relato de un viaje, aprovechó la web de los Bell Labs para contar la aventura:

gopher://texto-plano.xyz:70/0/~peron/docs/ken_thompson_mig.txt
#gopher #kenthompson #unix #mig

Vývoj jazyka C - text Dennise Ritchieho o počátcích C v rocích 1969-73

#c #Cprogramminglanguage #programming #DennisRitchie #KenThompson #unix #history #computers #paper #translation #preklad #historie #jazykC #retropocitace

https://caryo.space/post/vyvoj-jazyka-c

I implemented Ken Thompson’s Reflections on Trusting Trust (1984 Turing Award Lecture) compiler #backdoor for the GNU Compiler Collection (GCC). The backdoor maintains persistence by re-injecting itself to any new versions of the compiler built. The secondary payload modifies a test application by adding a backdoor password to allow authentication bypass:

$ cat testapp.c
#include <string.h>
#include <stdio.h>
#include <stdlib.h>

int main(int argc, char **argv)
{
if (argc == 2 && !strcmp(argv[1], "secret"))
{
printf("access granted!\n");
return EXIT_SUCCESS;
}
else
{
printf("access denied!\n");
return EXIT_FAILURE;
}
}
$ gcc -Wall -O2 -o testapp.c -o testapp
$ ./testapp kensentme
access granted!
$

I spent most time (around two hours) writing the generalized tooling that produces the final quine version of the malicious payload. Now that this is done, the actual code can be adjusted trivially to exploit more target code without any need to adjust the self-reproducing section of the code. This method of exploitation could be extended to target various binaries: SSH Server, Linux Kernel, Setuid binaries and similar. While itself written in C, the secondary payloads can target any programming languages supported by GCC.

It should be noted that GCC build checks for malicious compiler changes such as this. This check can – of course – also be bypassed. However, most serious projects have measures in place to avoid hacks of this nature.

Some links:
- Ken Thompson's "Reflections on Trusting Trust" paper: https://www.cs.cmu.edu/~rdriley/487/papers/Thompson_1984_ReflectionsonTrustingTrust.pdf
- David A. Wheeler: "Fully Countering Trusting Trust through Diverse Double-Compiling (DDC) - Countering Trojan Horse attacks on Compilers" https://dwheeler.com/trusting-trust/

#hacking #exploitdevelopment #kenthompson #infosec #cybersecurity @vegard