Sigh... do I seriously have to keep saying this? I said that --writing a whole program using only a hex-editor-- is not an important skill.... knowing how instructions are encoded and whatnot can be important, yes. Being able to output opcodes is important, yes.
On 4/10/2011 12:56 PM, Ken Perry wrote:
Sina just stop arguing he knows he is right leave it alone it is not important at all to know how to write your own binary by hand. ken -----Original Message----- From: programmingblind-bounce@xxxxxxxxxxxxx [mailto:programmingblind-bounce@xxxxxxxxxxxxx] On Behalf Of Christopher Coale Sent: Sunday, April 10, 2011 2:46 PM To: programmingblind@xxxxxxxxxxxxx Subject: Re: Searching for blind programmer to start a school for blind programmers On 4/10/2011 11:20 AM, Sina Bahram wrote:A shell exploit about six months ago, maybe a year. Closer to a yearactually. You wrote a shell exploit by writing an executable via a hex-editor? Not editing a dll's contents via a hex-editor?And then op code by op code for a hypervisor, namely Xen, around their 3.23.3 versions, and mainly in their page manager. Again, you're saying that you wrote code for Xen that was purely writing an executable using a hex-editor? I'm not referring to emitting opcodes from a source (in JIT which it sounds like Xen does, since it's a virtualization software). You actually wrote the body of the software using a hex-editor, not an IDE? I can't imagine you being picked up on a development team if you do that.Then there was the virtual machine introspection stuff which was bit forbit analysis, in memory, at real-time. There's actually apaper on that one, if you'd like.In memory, at real time? Tell me.. how can one dynamically write an application that runs in real-time while editing the bytecode using a hex-editor? (see my last response)Let's see, and then there was some malware analysis with afriend/colleague of mine, but that was mainly him, and I was just havingfun.Again, malware software is going to use a source (C, C++, C#, whatever) to read in an executables bytecode and determine the behavior. This is far from writing an application in machine code via a hex-editor.Oh yes, and stepping through some code for a friend's engineering project,byte for byte; however, that was an 8-bit, then a 16-bitprocessor, so if that counts, then wonderful.I find it odd that your friend consistently decided to write his machine code instead of writing an assembler for it. Must have been tough. I'm an EE/CS engineering student -- I would never think of doing that. To test specific instructions, sure. To test whole programs? Absolutely not. I hope you realize a consistency in all of my replies here.. all of your examples were either editing a binary or emitting opcodes JIT. None of your examples were --writing a program in pure machine code using a hex-editor--. I think I've said that single phrase about 300 times now, and it's just not going through for some reason. -- Writing a whole program in pure machine code using a hex-editor -- is absolutely not an important skill. It just isn't. -- Chris On 4/10/2011 11:20 AM, Sina Bahram wrote:Oh, and last year/semester I wrote a compiler, so I guess that counts. I also collaborated on a paper to automatically prevent every singlepossible return oriented programming hack/technique bymodifying the compiler, namely LLVM, to rewrite all generated op codeswithout using a ret, so as to prevent alignment errors alongany kind of boundary, be they logical, page, byte, or otherwise; such thatunprivileged jumps can't actually escalate themselves.The researcher on that one then used this technique to recompile theentire kernel into a running system, think they settled on BSDbecause of issues with Klang back then, using that protection technique.That's actually a great paper, and I'd recommend it toanyone. But, *shrug*, it doesn't come up all that often. I'm going to go back towriting speech recognition code into a computer visionalgorithm for Android because HCI is way more fun! Bye for now Take care, Sina -----Original Message----- From: programmingblind-bounce@xxxxxxxxxxxxx[mailto:programmingblind-bounce@xxxxxxxxxxxxx] On Behalf Of Ken PerrySent: Sunday, April 10, 2011 12:40 PM To: programmingblind@xxxxxxxxxxxxx Subject: RE: Searching for blind programmer to start a school for blindprogrammersI think you might find it was more recent than you think judging by what Sina has been doing. Ken -----Original Message----- From: programmingblind-bounce@xxxxxxxxxxxxx [mailto:programmingblind-bounce@xxxxxxxxxxxxx] On Behalf Of Christopher Coale Sent: Sunday, April 10, 2011 12:27 PM To: programmingblind@xxxxxxxxxxxxx Subject: Re: Searching for blind programmer to start a school for blind programmers Stop being ignorant, Sina. You seem to be quite fond of the straw man. So please, stop changing my words. First of all, I agree that computer programmers need to understand the basics. I never once said they didn't. I never once said that low-level was bad. So if your whole point is that "understanding low-level is important", then I agree and nobody is this thread thus far disagreed with that claim. So then, given that, what is your point that makes me wrong? Sina, when was the last time you wrote a program from scratch using ONLY A HEX-EDITOR? On 4/10/2011 5:40 AM, Sina Bahram wrote:Well, you definitely proved that I didn't need the other 65%, since yourmessage summed up exactly what my impression of thediscussion was. And yes, I do feel it's important. Not crucial, or even necessary to besuccessful, but most definitely extremely important.Understanding the fundamentals is something that gets ignored day in andday out.Take care, Sina -----Original Message----- From: programmingblind-bounce@xxxxxxxxxxxxx[mailto:programmingblind-bounce@xxxxxxxxxxxxx] On Behalf Of Christopher CoaleSent: Saturday, April 09, 2011 10:36 PM To: programmingblind@xxxxxxxxxxxxx Subject: Re: Searching for blind programmer to start a school for blindprogrammersHow kind of you to join, master. Can you tell me who said that low-level was NOT important to know and understand? You admittedly stated that you ignored 65% of the messages, but then tell everyone to take Ken's side? Are you kidding me? You admit that you don't know what the argument (friendly argument) is about, yet you still pick a side? Come on now... Ken stated that --being able to write a program in pure machine code (no compiler or assembler)-- is important. I disagreed saying that it is not important. Knowing low-level concepts (like I pointed out earlier.. how the processor works, operating system design, etc.) is definitely important. Writing a program in pure machine code is an unnecessary skill, not an important one. On 4/9/2011 7:27 PM, Sina Bahram wrote:I haven't read 65% of the messages in this thread, frankly because theSNR is far too low.So can you guys please just listen to Ken on this one? low level is important to know and understand. End of conversation. Now go do something fun. It's Saturday night. Take care, Sina -----Original Message----- From: programmingblind-bounce@xxxxxxxxxxxxx[mailto:programmingblind-bounce@xxxxxxxxxxxxx] On Behalf Of Ken PerrySent: Saturday, April 09, 2011 8:06 PM To: programmingblind@xxxxxxxxxxxxx Subject: RE: Searching for blind programmer to start a school for blindprogrammersI think we are just going to have to disagree on this. While I doubtanyoneis going to rush out and write a bit of Machine language I think it isstillimportant to know how. It's sort of like saying it's not important toknowthat there is a linker and what it does most people on this list willneverknow what the linker does because they deal mainly with High levellanguagesbut that doesn't mean the linker is not important. Most people willneverwrite machine language but when creating electronic circuits withsmallerchips it is a useful tool. True you may never hand write it but increatinghardware it is very useful in reading it. I just found learning towriteitwas very useful back in the good old Hack hardware cartridges days.Surethe Intel book has both got bigger and more complex but I just saw apostwhere a guy wrote a hello world in Machine language just to prove itcouldbe done. Now I will point out he did it in Linux and he had to make hisownlinker of sorts well a shell linker all it did was write the file withthenumbers he wanted but I think he did that just so he could use a normal editor and he had to add the Aelf stuff on top but he did it in 120biteswhich I find pretty impressive since 80 of the bites were AELF stuff. Anyway I am sure we are boring most of the people on this list. Ken -----Original Message----- From: programmingblind-bounce@xxxxxxxxxxxxx [mailto:programmingblind-bounce@xxxxxxxxxxxxx] On Behalf Of Christopher Coale Sent: Saturday, April 09, 2011 7:39 PM To: programmingblind@xxxxxxxxxxxxx Subject: Re: Searching for blind programmer to start a school for blind programmers Wait, you are adding new stuff in here. Yes, to me, it is important to know how to optimize code for either size or speed. It is also important to know how programs are executed and created (knowing the PE32 format, for example); however, knowing how to write a program by scratch by using a hex editor and writing pure byte code is not important. And, you are misinterpreting my reason for saying it is not important. I'm not saying it's not important because it is nasty studying. I'm saying it is not important because it is simply not practical and teaches you no more than studying assembly and operating systems (assuming you are actually learning). And I didn't say it wasn't useful, either. Knowledge for knowledge's sake is always good. But, I said it wasn't important. You seem to be mixing up the knowledge required to do something and the knowledge gained from doing said thing. In order to start editing a program using a hex editor, you have to already have the knowledge to do it (as in, you have to know that there is a data section, a symbolic table, etc.). You gain no new knowledge (aside from knowing how to edit executables) from editing, and/or writing, executables from within a hex-editor. On 4/9/2011 3:59 PM, Ken Perry wrote:Oh really? I found it very useful knowing how to minimize code anddatasections by hand. It explains what compilers and linkers have to gothroughand ways to get around problems that exist. It even is nice knowinghowexefiles are laid out. I agree that it's a nasty bit of study to get tothatpoint but I totally disagree that the knowledge is not useful. In factifyou ever want to get involved with the GNU compiler group believe meit'suseful. Ken -----Original Message----- From: programmingblind-bounce@xxxxxxxxxxxxx [mailto:programmingblind-bounce@xxxxxxxxxxxxx] On Behalf Of Christopher Coale Sent: Saturday, April 09, 2011 6:52 PM To: programmingblind@xxxxxxxxxxxxx Subject: Re: Searching for blind programmer to start a school for blind programmers My knowledge of how the processor works (by means of knowing assembly and OS development) is useful. Knowing how to write a program usingonlybyte code is not (and I couldn't do it without many free hours and lots of reference manuals, and even then it would be a difficult task). Not to belittle your knowledge, but I'm just saying that being able towritea program using a hex-editor (and if you can, more power to you) is not very helpful in understanding how computers work; learning assembly and learning operating system design is where it is important, I would say. On 4/9/2011 3:45 PM, Ken Perry wrote:Yes and us true geeks used to dream hex in our sleep. I think therearestill some of us left and I am no longer one, I know of all the possibilities and I can still code in ASM for burning chips but I nolongerdream in op codes and registers, memory locations and IRQ's. All Iwassaying is learning of the existence and how it works is invaluable toaprogrammer even today. Are you telling me your knowledge of thesubjectisnot useful? Ken -----Original Message----- From: programmingblind-bounce@xxxxxxxxxxxxx [mailto:programmingblind-bounce@xxxxxxxxxxxxx] On Behalf OfChristopherCoale Sent: Saturday, April 09, 2011 3:30 PM To: programmingblind@xxxxxxxxxxxxx Subject: Re: Searching for blind programmer to start a school forblindprogrammers I didn't say it was impossible (after all, how else would a compiler work?) I said that it was asinine and impractical. I say this because the x86 instruction set is amazingly complex. Sure someone could use a debugger to look around at machine code, that's not hard at all (in fact, I do it a lot with vc++ to debug things and get performance boosts). But, writing a binary file from scratch? I see it being possible, but you would need to know the encoding of every instruction you use. For example, "int imm8" is apparently 0xCD + the immediate byte, so to do int 80h, you'd have 0xCD80. That is fairly simple, but the "mov" instructions where you can have memory, immediate, and register operands are difficult, and then for each memory, immediate, and register operand you have an 8-bit, 16-bit, 32-bit, and for x64, 64-bit versions. It's no small feat to write a binary by hand.Laugh yes I have read them and there was a time I could write someverygoodstuff with nothing but a debugger. Just because it's nasty don'tmeanit'simpossible. I was not even in the same class of some of the guys Iusedtohang out with. I knew one that won a programming contest who wrote a program to display a naked woman with nothing more than Assembler andatexteditor. As for machine language you can write it on your own if youknowenough. Unfortunately time has dulled my memory of uselessinterruptsbecause we have so much easier ways to do things now. I think Icouldprobably get a command line app to run with nothing but a hex editorbutcalling the GUI might be beyond me because you would have to do someseriousdigging to get that to work and sometimes the information is just not available anymore. Ken Ken -----Original Message----- From: programmingblind-bounce@xxxxxxxxxxxxx [mailto:programmingblind-bounce@xxxxxxxxxxxxx] On Behalf OfChristopherCoale Sent: Saturday, April 09, 2011 2:23 AM To: programmingblind@xxxxxxxxxxxxx Subject: Re: Searching for blind programmer to start a school forblindprogrammers What? Have you ever read the x86 information sheets? Teaching someone assembly is a good way to teach them how a computer works -- havingthemwrite programs in pure byte code (especially for x86) is both asinine and impractical. Maybe not so much for an extremely extremely simple virtual machine or basic processor, but complex instruction sets like x86 are flat-out beyond writing op-codes by hand. If you don'tbelieveme, just take a poke at the NASM source code. ;) On 4/8/2011 6:47 PM, Ken Perry wrote:I am not quite as old as you but I come from the same time zone. Ihadtolearn assembler to hack games on the Vic 20 and the commodore 64 andtheTIbut more than that when I joined the Air Force and took onElectronicsAssembler made my life easier. Then later in life after I lost mysiteItook software engineering and had to burn chips and while we couldhavewrote stuff in C it was much easier to control the registers andstuffwithASM. If we used C we allot of the time had to use special assembler keywords to get things to work quite right. If you look on theFruitBasketpage I was also insane enough to write the fruit basket in Assemblerforwindows xp and it runs in vista. I am not sure if that runs inWindows7but I should revisit it and make sure it does. Lost knowledge isnotagoodthing. Assembler may not be a way I would write a project now daysbutifyou want to teach someone how your computers work there is only onethingbetter. The one thing better is straight opt codes using a debuggerandwatching what is going on. Well you could also write straightbinaryfileslike a good Fortran coder but who does that any more. That what Ishoulddois create the fruit basket with nothing but a hex editor. Ken -----Original Message----- From: programmingblind-bounce@xxxxxxxxxxxxx [mailto:programmingblind-bounce@xxxxxxxxxxxxx] On Behalf Of Bill Cox Sent: Friday, April 08, 2011 11:40 AM To: programmingblind@xxxxxxxxxxxxx Subject: Re: Searching for blind programmer to start a school forblindprogrammers On Fri, Apr 8, 2011 at 11:16 AM, Littlefield,Tyler<tyler@xxxxxxxxxxxxx>wrote:Assember? Really? You must be almost as old as me! I can't even find people who care about speed or memoryusageanymore.I love assembler. It's a great way to teach people what's going onunderthehood and make them think about what they do. Every time I seesomeonereserve a 100k buffer just because, I cringe. :)We must be from the same generation. I'm 47, and learned to program in machine code on an 8080 based Intel board with a hex keypad and some LEDs. It was a couple of years before I found out that people programmed using assemblers, rather than entering hex by hand. I worry that the new generation's early experience with computers is amazing games and technology so complex they could neverrealisticallyhope to understand it. What's the natural path now days for kids to go from playing computer games to writing them? On the old AppleIIs,you just typed list instead of run, and there was all the code. Bill __________ View the list's information and change your settings at //www.freelists.org/list/programmingblind __________ View the list's information and change your settings at //www.freelists.org/list/programmingblind__________ View the list's information and change your settings at //www.freelists.org/list/programmingblind __________ View the list's information and change your settings at //www.freelists.org/list/programmingblind__________ View the list's information and change your settings at //www.freelists.org/list/programmingblind __________ View the list's information and change your settings at //www.freelists.org/list/programmingblind__________ View the list's information and change your settings at //www.freelists.org/list/programmingblind __________ View the list's information and change your settings at //www.freelists.org/list/programmingblind__________ View the list's information and change your settings at //www.freelists.org/list/programmingblind __________ View the list's information and change your settings at //www.freelists.org/list/programmingblind __________ View the list's information and change your settings at //www.freelists.org/list/programmingblind__________ View the list's information and change your settings at //www.freelists.org/list/programmingblind __________ View the list's information and change your settings at //www.freelists.org/list/programmingblind__________ View the list's information and change your settings at //www.freelists.org/list/programmingblind __________ View the list's information and change your settings at //www.freelists.org/list/programmingblind __________ View the list's information and change your settings at //www.freelists.org/list/programmingblind__________ View the list's information and change your settings at //www.freelists.org/list/programmingblind __________ View the list's information and change your settings at //www.freelists.org/list/programmingblind
__________View the list's information and change your settings at //www.freelists.org/list/programmingblind