Recently I was pretty busy at work, and during the rare moments when I watched TV I happened to see movies and shows with almost no computers in them. However, I have gotten some suggestions and will try to review them at some point. In the mean-time my comments on the few computer-related scenes I watched.
The movie scene is absolutely ridiculous ("Install D-Day's Revenge Virus" as a shell command ???), but the actual question is (slightly) interesting. Can a hacker crash a computer that easily? The answer is, as usual: it depends.
As usual: spoiler alert. If you haven't seen Better off Ted (shame on you!) go watch it, and then come back (although it wouldn't be tragic if you read this post first). Trust me: Better off Ted is a great show.
Fortress is a really old (and rather bad) movie, and there is probably a good chance you have already seen it, or don't want to see it anyway. It's probably safe to read on.
Better off Ted S01E06 - Goodbye, Mr. Chips.
In this episode Ted is inadvertently removed from Veridian's system when he tries to correct his ID. The only way to get him back is to reboot the system, which Veridian doesn't want to do, since it would cost money. Ted and his team conclude that they can force a reboot by crashing the system. While Ted and his team fail on the attempt Veronica is successful.
She achieves this by attaching several employee badges to Lem just before his demonstration of a jet-pack. The badges are position-tracked by the system, which can't make sense out the information it receives. The system reboots and Ted is saved.
Clearly the plot is for amusement only, and the writers didn't really need to justify the reboot, but it is interesting that something similar actually lead to a real very expensive crash. In 1996 the rocket Ariane 5 was lost on its maiden flight due to a software bug: http://en.wikipedia.org/wiki/Cluster_(spacecraft)
Citing Wikipedia: "The Ariane 5 reused the inertial reference platform from the Ariane 4, but the Ariane 5's flight path differed considerably from the previous models. Specifically, the Ariane 5's greater horizontal acceleration caused the computers in both the back-up and primary platforms to crash and emit diagnostic data misinterpreted by the autopilot as spurious position and velocity data."
In short: the rocket crashed because it couldn't make sense of the information it received.
I don't think that the writers of Better off Ted thought of Ariane 5 when they wrote their episode, but the similarities are funny.
To be fair: many computer crashes are because of assumptions that are violated. Frequently these assumptions lead to real security issues, and many of the existing exploits (see for example http://www.exploit-db.com/) are because of missing checks.
Fortress (1992) with Christopher Lambert
This is a pretty old (and to be honest "bad") sci-fi movie, but there is one scene that was "interesting": during his escape, John Brennick and his friends need to disable the computer "Zed" who is controlling the defenses. D-Day (one of the prisoners) sits down at the controls, writes 5 lines (see screenshot) and infects Zed with a virus (of course, dying while pressing "enter").
The movie scene is absolutely ridiculous ("Install D-Day's Revenge Virus" as a shell command ???), but the actual question is (slightly) interesting. Can a hacker crash a computer that easily? The answer is, as usual: it depends.
Frequently systems are protected against the outside world. The famous "Firewall" guards against malicious access from the outside. Once you are inside the wall many network systems aren't really protected anymore. Depending on how much less protected the systems are, it becomes trivial to shut down "Zed".
Usually users can simply shut down computers when they have physical access. The movie scene would have been much less ridiculous (although more boring) if D-Day had typed "shutdown" in the console...
It is, however, reasonably to assume that there were still some protections in place. A real hacker would now try to detect the operating system (OS) the computer was running. More importantly a hacker wants to know its version and if there are exploits available. Writing exploits takes time, and there is absolutely no way D-Day could have written one in the short time he had. However using existing exploits can be very fast and sometimes surprisingly trivial.
Among my favorite exploits (and I'm using the term "exploit" loosely here, since I'm including crashing attacks) are:
- con, prn, aux, nul: early versions of Windows could be crashed by simply trying to access con\con or aux\aux:
http://wiki.answers.com/Q/What_are_con_prn_aux_nul_in_windows - ping of death: a very simple attack which consists of sending a large ping package to a computer. With the right tools it is trivial to craft such a package, but it was surprisingly efficient: according to insecure.org "[Windows] NT and 95 can actually lock up hard [...]. Also, early 2.0.x Linux, Solaris x86, and Macintosh systems are often vulnerable".
http://insecure.org/sploits/ping-o-death.html
http://en.wikipedia.org/wiki/Ping_of_death - fork bombs: many systems (including Linux) are susceptible to fork bombs. The attack consists of writing a program that replicates itself until the system can't deal with the shear number of programs (and their used resources) anymore.
Fork bombs are extremely easy to write. For example the Linux version consists of a single short line: :(){ :|:& };:
http://en.wikipedia.org/wiki/Fork_bomb
Comments
Post a Comment