
Why the Sun 2 has a message “Love your country, but never trust its government” - longwave
https://nohats.ca/wordpress/blog/2016/01/24/why-the-sun-sparc2-has-the-message-love-your-country-but-never-trust-its-government/
======
lewiscollard
HN hug of death, so cached version (text-only):

[http://webcache.googleusercontent.com/search?q=cache:https:/...](http://webcache.googleusercontent.com/search?q=cache:https://nohats.ca/wordpress/blog/2016/01/24/why-
the-sun-sparc2-has-the-message-love-your-country-but-never-trust-its-
government/&num=1&strip=1&vwsrc=0)

~~~
bostonpete
HN has a hug of death now? Man, this place is turning into reddit... _ducks_

------
_0ffh
When digging inside my Acorn Risc-PC I once found a message along the lines of
"Help! We are being kept in a cellar and forced to write software!"... :-)

~~~
_0ffh
Okay, I checked on the details. The verbatim message was "Help! We're being
held prisoner in a software factory!". Close enough! :)

~~~
rwmj
A reference to this story? [https://store.bbc.com/jackanory/help-i-am-a-
prisoner-in-a-to...](https://store.bbc.com/jackanory/help-i-am-a-prisoner-in-
a-toothpaste-factory)

~~~
mikeash
The general form of this joke apparently goes back to at least the 1950s:

[http://boards.straightdope.com/sdmb/showthread.php?t=264228](http://boards.straightdope.com/sdmb/showthread.php?t=264228)

------
jamescun
With regards to the copy protection aspect, it was a pretty common practice
back in the day (perhaps even still is).

In the Macintosh Classic's ROM, there were debug sequences that not only would
display pictures of the development team, but write the text "STOLEN FROM
APPLE COMPUTER" to the screen.
[http://appletothecore.me/files/mac_se_easter_egg.php](http://appletothecore.me/files/mac_se_easter_egg.php)

~~~
Tloewald
That's in part because Apple was the canonical case of a company whose ROMS
were stolen by cloners.

------
Kristine1975
Oracle did something similar with the network protocol of its database driver.
Not to prevent copying, but to prevent others from writing their own drivers:
[http://dacut.blogspot.de/2008/03/oracle-
poetry.html](http://dacut.blogspot.de/2008/03/oracle-poetry.html)

~~~
tempVariable
OK, is this for real ? Does everyone have to use the Oracle OCI library under
the hood ?

~~~
Natsu
Definitely real. I WTF'd the first time I read that poem out of a packet
capture.

------
dsugarman
If anyone was curious, this quote is credited to Robert A. Heinlein, a science
fiction writer.

~~~
digi_owl
More and more it seems like trusting any large org structure is a fools
errand.

~~~
robotresearcher
> More and more

Same as always, rather.

------
johngalt
I had a fluke network tester that would put "elvis lives" in the padding of
it's ping tests.

------
Hello71
> NFS ran in plaintext and used the sender’s IP address for authentication

and it still does

~~~
DonHopkins
It was much worse than that.

Back when I was a summer intern at Sun in 1987, it was common knowledge among
the engineers at Sun that NFS stood for "No File Security", and the rpc mount
protocol would trust the client to tell the server its host name, which the
server would look up in /etc/exports to decide how much to trust it.

So if you know that Scott McNealy's workstation's name was "doober" (which it
was), and it gave permission to a server named "mama", then on any workstation
you could type:

% hostname mama; mount doober:/usr /mnt; hostname `hostname`

And you'd have Scott McNealy's /usr file system mounted.

This also worked over the internet!

~~~
tptacek
NFS used to be one of the most popular ways to break into machines on the
1990s Internet. Leendert van Doorn wrote a CLI for NFS that was modified with
a bunch of different exploits and passed around among hackers. _Everyone_ who
attacked Unix systems in (say) 1995 had a copy of NFS shell.

~~~
apk17
I wrote one myself. Fun things: 'int getuid() { return 0; }' in the userland
code was sufficient for authentication. And the mountd returned the root
handle of the file system. When you presented that handle to nfsd it would
happily serve you even when you are no longer in the exports table.

~~~
tptacek
NFS also hosted one of the first widely-exploited integer overflows (not for
code exec, but for privilege escalation).

------
tokenizerrr
I may be missing something, but what is the link between the DES chip and the
message being triggered? Because the message shouldn't be triggered without
doing the convoluted key combination, right?

~~~
ams6110
Gilmore's reply seems to be in the context of a thread that had discussed the
DES chip.

~~~
DonHopkins
It had nothing to do with the DES chip, which was optional. The phrase was in
the Sun-2 boot ROMs, which John wrote.

------
eternalban
Sun Microsystems Founders Panel - CHM [1].

[1]:
[https://youtu.be/dkmzb904tG0?t=1h38m29s](https://youtu.be/dkmzb904tG0?t=1h38m29s)

------
webXL
Isn't there a name for this? Poison pill? Logic bomb? Honey token?

[http://www.sans.edu/research/security-
laboratory/article/log...](http://www.sans.edu/research/security-
laboratory/article/log-bmb-trp-door)

~~~
nisse72
Copyright trap

[https://en.wikipedia.org/wiki/Fictitious_entry#Copyright_tra...](https://en.wikipedia.org/wiki/Fictitious_entry#Copyright_traps)

------
United857
Apple does something like this as well:

[https://news.ycombinator.com/item?id=8579272](https://news.ycombinator.com/item?id=8579272)

------
alienjr
Ask NSA...

------
draw_down
Nor its marketing industry.

------
lultimouomo
I wonder if this trap street message, which was inserted in some code
initializing a DES chip, was chosen because it was rumored that NSA had
backdoored DES. The article doesn't mention it, but it would be quite a
coincidental choice!

~~~
tptacek
The entire article explains what the string is doing there. You don't have to
speculate.

~~~
lultimouomo
The article explains that the message is a trap street; it says that Gilmore
had read it and noted it years before and at he "plucked it" as the secret
message.

I can't seem to find in the article the reason he plucked just that message,
and why he stuffed it in the DEC routine.

Am I missing something?

~~~
new299
John Gilmore's political views are well known. And the statement was likely
chosen because he felt it was inline with his own beliefs:

[https://en.wikipedia.org/wiki/John_Gilmore_%28activist%29](https://en.wikipedia.org/wiki/John_Gilmore_%28activist%29)

~~~
nailer
Whoa.

Fifth employee at Sun, wrote the first version of what became DHCP, started
the EFF. What an awesome life.

~~~
coldpie
He stopped by our offices last year on his way across the country and we took
him out to lunch. He seemed genuinely thankful when I told him I'm an EFF
supporter. Fun guy to talk to, and he's really into what the EFF is doing.

