‘Hack’の意味
「hackという語に69もの異なる意味があるわけではない」と、MITのハッカーPhil Agreは言う。「実のところ、hackにはただ一つの意味しかない。きわめて微妙で深遠な、言葉にしがたい意味である。実際に使われたとき、そのどの含意が意図されているかは、同じく深遠な仕方で文脈に依存する。同様のことが他のいくつかのハッカー語、とりわけrandomにも当てはまる」。
ハッキングは‘創意の適切な適用’と特徴づけられるかもしれない。結果が手早く雑な間に合わせ仕事であれ、丹念に作り上げられた芸術品であれ、そこに注ぎ込まれた巧妙さには感嘆せざるをえない。
hackの重要な第二の意味は‘創造的な悪ふざけ’である。この種のハックは、プログラミングのそれよりも非ハッカーに説明しやすい。もちろん、両方の性質を持つハックもある。辞典項目のpseudoとkgbvaxを参照。だが、ここにハッキング精神を例証する純粋な悪ふざけの例をいくつか挙げる。
In 1961, students from Caltech (California Institute of Technology, in
Pasadena) hacked the Rose Bowl football game. One student posed as a reporter
and ‘interviewed’ the director of the University of Washington
card stunts (such stunts involve people in the stands who hold up colored
cards to make pictures). The reporter learned exactly how the stunts were
operated, and also that the director would be out to dinner later.
While the director was eating, the students (who called themselves the
‘Fiendish Fourteen’) picked a lock and stole a blank direction
sheet for the card stunts. They then had a printer run off 2300 copies of the
blank. The next day they picked the lock again and stole the master plans for
the stunts — large sheets of graph paper colored in with the stunt
pictures. Using these as a guide, they made new instructions for three of the
stunts on the duplicated blanks. Finally, they broke in once more, replacing
the stolen master plans and substituting the stack of diddled instruction
sheets for the original set.
The result was that three of the pictures were totally different.
Instead of ‘WASHINGTON’, the word ‘CALTECH’ was
flashed. Another stunt showed the word ‘HUSKIES’, the Washington
nickname, but spelled it backwards. And what was supposed to have been a
picture of a husky instead showed a beaver. (Both Caltech and MIT use the
beaver — nature's engineer — as a mascot.)
After the game, the Washington faculty athletic representative said:
Some thought it ingenious; others were indignant. The
Washington student body president remarked: No hard feelings, but at
the time it was unbelievable. We were amazed.
これは今や古典的なハックとみなされている。特に、案内表を書き換えることが一種のプログラミングを構成していたからである。
ここにもう一つの古典的なハックがある。
On November 20, 1982, MIT hacked the Harvard-Yale football game. Just
after Harvard's second touchdown against Yale, in the first quarter, a small
black ball popped up out of the ground at the 40-yard line, and grew bigger,
and bigger, and bigger. The letters ‘MIT’ appeared all over the
ball. As the players and officials stood around gawking, the ball grew to six
feet in diameter and then burst with a bang and a cloud of white
smoke.
The Boston Globe later reported: If you
want to know the truth, MIT won The Game.
The prank had taken weeks of careful planning by members of MIT's Delta
Kappa Epsilon fraternity. The device consisted of a weather balloon, a
hydraulic ram powered by Freon gas to lift it out of the ground, and a
vacuum-cleaner motor to inflate it. They made eight separate expeditions to
Harvard Stadium between 1 and 5 AM, locating an unused 110-volt circuit in the
stadium and running buried wires from the stadium circuit to the 40-yard line,
where they buried the balloon device. When the time came to activate the
device, two fraternity members had merely to flip a circuit breaker and push a
plug into an outlet.
This stunt had all the earmarks of a perfect hack: surprise, publicity,
the ingenious use of technology, safety, and harmlessness. The use of manual
control allowed the prank to be timed so as not to disrupt the game (it was
set off between plays, so the outcome of the game would not be unduly
affected). The perpetrators had even thoughtfully attached a note to the
balloon explaining that the device was not dangerous and contained no
explosives.
Harvard president Derek Bok commented: They have an awful lot of
clever people down there at MIT, and they did it again. President Paul
E. Gray of MIT said: There is absolutely no truth to the rumor that I
had anything to do with it, but I wish there were.
上記のハックは検証可能な史実である。実際に起きたと証明できる。MITその他からの他の多くの古典的ハックの物語は、史実として語り継がれてはいるものの、Jan Brunvandが‘都市伝承’と呼んだものの特徴を備えている(FOAFを参照)。おそらくこれらの中で最もよく知られているのは、悪名高いトロリーカー・ハックの伝説、すなわち工学部の学生たちがテルミットでトロリーカーを線路に溶接したという真偽の定かでない事件である。この話は1940年代から現在まで数多くのバージョンが記録されており、大半はMITが舞台だが、少なくとも一つ、CMUを舞台とする非常に詳細なバージョンがある。
Brian Leibowitzは実在のものも神話的なものも含めてMITのハックを広範に研究した。興味のある読者は、彼の楽しい絵入りの集成The Journal of the Institute for Hacks, Tomfoolery, andPranks(MIT Museum, 1990; ISBN 0-917027-03-5)を参照されたい。Instituteはhttp://hacks.mit.edu/Hacks/Gallery.htmlにウェブページを持っている。Is This The Way To Baker House?と題された続編もある。Caltech Alumni AssociationはLegends of CaltechとMore Legends ofCaltechと題された同様の二冊を出版している。
ここに古典的なコンピュータハックの一つにまつわる物語がある。
Back in the mid-1970s, several of the system support staff at Motorola
discovered a relatively simple way to crack system security on the Xerox CP-V
timesharing system. Through a simple programming strategy, it was possible
for a user program to trick the system into running a portion of the program
in ‘master mode’ (supervisor state), in which memory protection
does not apply. The program could then poke a large value into its
‘privilege level’ byte (normally write-protected) and could then
proceed to bypass all levels of security within the file-management system,
patch the system monitor, and do numerous other interesting things. In short,
the barn door was wide open.
Motorola quite properly reported this problem to Xerox via an official
‘level 1 SIDR’ (a bug report with an intended urgency of
‘needs to be fixed yesterday’). Because the text of each SIDR was
entered into a database that could be viewed by quite a number of people,
Motorola followed the approved procedure: they simply reported the problem as
‘Security SIDR’, and attached all of the necessary documentation,
ways-to-reproduce, etc.
The CP-V people at Xerox sat on their thumbs; they either didn't realize
the severity of the problem, or didn't assign the necessary
operating-system-staff resources to develop and distribute an official
patch.
Months passed. The Motorola guys pestered their Xerox field-support
rep, to no avail. Finally they decided to take direct action, to demonstrate
to Xerox management just how easily the system could be cracked and just how
thoroughly the security safeguards could be subverted.
They dug around in the operating-system listings and devised a
thoroughly devilish set of patches. These patches were then incorporated into
a pair of programs called ‘Robin Hood’ and ‘Friar
Tuck’. Robin Hood and Friar Tuck were designed to run as ‘ghost
jobs’ (daemons, in Unix terminology); they would use the existing
loophole to subvert system security, install the necessary patches, and then
keep an eye on one another's statuses in order to keep the system operator (in
effect, the superuser) from aborting them.
One fine day, the system operator on the main CP-V software development
system in El Segundo was surprised by a number of unusual phenomena. These
included the following:
Tape drives would rewind and dismount their tapes in the middle of a
job.
Disk drives would seek back and forth so rapidly that they would attempt
to walk across the floor (see walking drives).
The card-punch output device would occasionally start up of itself and
punch a ‘lace card’ (card with all positions punched). These
would usually jam in the punch.
The console would print snide and insulting messages from Robin Hood
to Friar Tuck, or vice versa.
The Xerox card reader had two output stackers; it could be instructed
to stack into A, stack into B, or stack into A (unless a card was
unreadable, in which case the bad card was placed into stacker B). One
of the patches installed by the ghosts added some code to the
card-reader driver... after reading a card, it would flip over to
the opposite stacker. As a result, card decks would divide themselves
in half when they were read, leaving the operator to recollate them
manually.
Naturally, the operator called in the operating-system developers. They
found the bandit ghost jobs running, and killed them... and were once
again surprised. When Robin Hood was gunned, the following sequence of events
took place:
!X id1
id1: Friar Tuck... I am under attack! Pray save me!
id1: Off (aborted)
id2: Fear not, friend Robin! I shall rout the Sheriff
of Nottingham's men!
id1: Thank you, my good fellow!
Each ghost-job would detect the fact that the other had been killed, and
would start a new copy of the recently slain program within a few
milliseconds. The only way to kill both ghosts was to kill them
simultaneously (very difficult) or to deliberately crash the system.
Finally, the system programmers did the latter — only to find that
the bandits appeared once again when the system rebooted! It turned out that
these two programs had patched the boot-time OS image (the kernel file, in
Unix terms) and had added themselves to the list of programs that were to be
started at boot time (this is similar to the way Windows viruses
propagate).
The Robin Hood and Friar Tuck ghosts were finally eradicated when the
system staff rebooted the system from a clean boot-tape and reinstalled the
monitor. Not long thereafter, Xerox released a patch for this problem.
It is alleged that Xerox filed a complaint with Motorola's management
about the merry-prankster actions of the two employees in question. It is not
recorded that any serious disciplinary action was taken against either of
them.
最後に、新しい千年紀のための素晴らしいハックの物語をひとつ。
1990年のエイプリルフールRFCの神聖な伝統への追加は、RFC 1149、A Standard for the Transmission of IP Datagrams on AvianCarriersであった。これは伝書鳩でIPパケットを送信する方法の概略を示していた。
11年後の2001年4月28日、Bergen Linux User's Groupは、ノルウェーのBergenにある小さな山の反対側で動く二台のLinuxマシンの間で、CPIP(Carrier Pigeon IP)の実証に成功した。彼らのネットワークスタックは、プリンタを使ってパケットを紙に16進ダンプし、鳩がその紙を運び、OCRソフトウェアが反対側でダンプを読み取り、それを受信側マシンのネットワーク層に送り込んだ。
ここに、彼らが見事に実行したpingコマンドの実際のログがある。並外れたパケット時間に注目せよ。
Script started on Sat Apr 28 11:24:09 2001
vegard@gyversalen:~$ /sbin/ifconfig tun0
tun0 Link encap:Point-to-Point Protocol
inet addr:10.0.3.2 P-t-P:10.0.3.1 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:150 Metric:1
RX packets:1 errors:0 dropped:0 overruns:0 frame:0
TX packets:2 errors:0 dropped:0 overruns:0 carrier:0
collisions:0
RX bytes:88 (88.0 b) TX bytes:168 (168.0 b)
vegard@gyversalen:~$ ping -i 450 10.0.3.1
PING 10.0.3.1 (10.0.3.1): 56 data bytes
64 bytes from 10.0.3.1: icmp_seq=0 ttl=255 time=6165731.1 ms
64 bytes from 10.0.3.1: icmp_seq=4 ttl=255 time=3211900.8 ms
64 bytes from 10.0.3.1: icmp_seq=2 ttl=255 time=5124922.8 ms
64 bytes from 10.0.3.1: icmp_seq=1 ttl=255 time=6388671.9 ms
— 10.0.3.1 ping statistics —
9 packets transmitted, 4 packets received, 55% packet loss
round-trip min/avg/max = 3211900.8/5222806.6/6388671.9 ms
vegard@gyversalen:~$ exit
Script done on Sat Apr 28 14:14:28 2001
写真付きでこの出来事を記録したウェブページがhttp://www.blug.linux.no/rfc1149/にある。インターネットの最良の伝統に則り、関係するすべてのソフトウェアはオープンソースであった。カスタム部分はサイトからダウンロードできる。
誰もがこの偉業の大きさを認めたが、BLUGの実装がRFCに適切に準拠していたかどうかについて、いくらか議論が起きた。どうやら彼らは、1149で指定された、メッセージを鳩の脚に取り付けるためのダクトテープを使わず、代わりに鳩にとってより不快でない別の方法を採用していたらしい。この議論は、ダクトテープの仕様がMUSTで前置きされておらず、したがって要件ではなく推奨であることが指摘されて、見事に決着した。
実行犯たちは予備的な報告をこう締めくくった。「さて、我々は誰かが他の実装を書いてくれるのを待っている。そうすれば相互運用性テストができるし、ひょっとしてついにこのRFCを標準化トラックに乗せられるかもしれない……」。
論理的な次の段階は、RFC2549の実装であるべきだろう。