Showing posts with label code. Show all posts
Showing posts with label code. Show all posts

01 May 2016

Mayday, Mayday

by Leigh Lundin

TeleType telex TTY
TeleType – early texting
It’s May Day, which got me thinking about mayday and codes. How did ‘mayday’ come to be a distress signal? It’s a mispronunciation of the French m’aider, from venez m’aider, “Come to my aid,” or “Come help me.”

So, parents and writers, it’s been a long time since we posted SMS codes and acronyms in use by kids, counter-culture, and people in technology. Some mnemonics have faded into obscurity like ROFL (rolling on floor laughing) and others have been truncated like WTF.

But OMG, a number remain with us (LOL). Some not only predate texting, but at least two, BRB and GA, date back to the days of that early messaging system, the telex. I wouldn't be surprised if Samuel Morse used such abbreviations.

I confess to liking ILYSM and 'bae' (short for bae-bae). Yet, as kids search for ever-more-circumspect communication, codes change rapidly.

You may see ‘Kik’ floating around. It’s not an acronym but a messaging phone app, popular with the young and bad guys because its messages evaporate after reading.
code meaning…
AF As ƒ, in context with other words, e.g, “That’s cool as ƒ.”
AFAIK As far as I know.
bae Babe, baby.
BMS Broke my scale, i.e, high marks for looks or deeds.
BRB Be right back.
cook Gang-up, dump on someone.
DOC Drug of choice.
FML ƒ my life, chagrin.
GA Go ahead.
HMU Hit me up, request for phone or message contact.
IDK I don't know.
ILYSM I love you so much.
KOTD Kicks of the day, sneakers.
LMAO Laughing my ass off.
LOL Laughing out loud. (still in use)
OMG Oh my God. (still in use)
OOTD Outfit of the day.
RN Right now.
smash Sexy, want sex.
SO Shout out, give recognition.
TBH To be honest.
TBR To be rude.
TF WTF? (What) the ƒ?
6 Sex, often used in combination with other codes, e.g, IW26U.
9, CD9 Parent in the room, or PIR. Formerly, POS meant parent over shoulder.

What codes are your kids sending?

08 March 2015

The Kaspersky Code

by Leigh Lundin

Three weeks ago, Kaspersky Lab, the Russian security software maker exposed a cyber-espionage operation that many believe originated within the NSA. The devilishly clever bit of code hides in the firmware of disc drives and has the ability to continuously infect a machine. If you use a Windows computer, there’s a good chance it’s not only infected but was built that way likely without the manufacturers' knowledge.

Kaspersky researcher Costin Raiu says the NSA couldn’t have done it without the source code.

What?!!

The contention that the NSA definitely had access to the source code is not only patent nonsense, it ignores that fact that Kaspersky themselves supposedly didn’t have the code. Having the source code is the easy way, perhaps the preferred way, but it’s hardly the only way.

A Reuters article speculates how the NSA might have obtained the source code and indeed, one of those is a likely scenario. But it’s also feasible to do the job without the source and I’ll show you what I mean, a technique I used to unravel computer fraud programs. Fasten your seat belt because this is going to get technical.

World’s Greatest Puzzle

Those around in my Criminal Brief days know that I love puzzles. For me, the ultimate puzzle has been systems software programming, making the machine do what I want. But sometimes I’ve come up against puzzles, some benign, some not, where I didn’t have the source code.

Let’s try an example. What if we found mysterious code in our computer that looked something like this:

confused pseudo code snippet
Mysterious Snippet of Computer Code

If you can’t make sense out of this, you’re not alone. 98% of computer programmers wouldn’t know what to make of it either. But if you look closely, the data populating the upper block looks different from that in the lower block. This is a clue.

Unlike commercial and scientific programs, systems software deals with the operation of the computer itself– utilities, communications, and especially the operating system. The realm of a computer’s internals are abstract, far more so than the Tron movies. Key aspects seldom relate to real-world equivalents. Sure, we say that RAM is a little like notes spread out on your work table and that disc storage is kinda sorta like a file cabinet… but not really. Even the term RAM– random access memory– is misleading; there’s nothing random about it.

Back in the real world, let’s say you want to write a simple program that adds the number of apples and oranges. In most programming languages, this code would look like this:
total = apples + oranges
Internally, a program loads apples and oranges into registers (kind of like keying them into a calculator), adds them, and stores them in a variable called total. If we were to write this in the argot of the computer, we’d use assembly language mnemonics, an abstraction of the computer’s machine language. Deep, deep down in a program, we’d see nothing but numbers where we count…
0, 1, 2, 3, 5, 6, 7, 8, 9, A, B, C, D, E, F
Yes, A-F are digits in this context. Within the computer, our little program above might resemble…

simple pseudo-code program: total=apples+oranges
total = apples + oranges

What isn’t obvious to many programmers is that computer instructions are data. Indeed, some black-hat crackers (the bad guys) have used this property to sneak malware onto unsuspecting computers.

If you look again at the original sneak peek of data, you’ll start to see patterns and may even pick out the machine instructions from our code example above.

clarified pseudo code snippet
Less Mysterious Code Snippet

This puzzle solving is called reverse engineering. It’s possible to write a program called a disassembler (I have) or a de-compiler (I haven’t) to decode the machine language into something more intelligible. The program has to be smart enough to not only separate actual data from instructions, but distinguish the type of data.

As you see, compiling source into binary executable code isn’t a one-way street. With dedication and know-how, reversing the process is well within reach.

How safe do you feel now?