Battlestar Cluelessness
Alright. This is the first time I feel a need to rant about Battlestar lameness. This always happens when a show or a movie decides to talk about something that I know intimately and then gets it wrong.Apparently Cylons have installed a hidden "logic bomb" in Galactica systems. I'd call it a rootkit+trojan but who cares. What pisses me off is that to find the rootkit they decided to "go through the code line by line". What? What code? Does Galactica onboard systems run on a interpreted language? And if you have the code, how the fuck can you not find shit that was not there before? Here is a hint:
diff old_code new_codeYea, that's how simple would it be to find a rootkit if you'd have the code. Therefore I call bullshit on this. Any large system with this kind of scope needs to access the hardware directly, and hence it will be written in a fast native language, and compiled. You use the system in binary form only.
When someone breaks into your system, and installs a rootkit - they do that by swapping out one or more of your binary files for a tampered one - which contains viral code. The dead giveaway of a rootkit is the fact that a tampered file will hash to a different value than the original.
Now if you don't know where to look for the rootkit, you essentially need to take a hash of every single binary on your system. And you can never be sure that something is not modifying the binaries you just cleared behind your back. In other words, you are rooted. The only way to fix this is to recompile or wipe and reinstall.
Which is essentially what they did on the show. But not after much talk about the code. Source code does not have anything to do with finding a rootkit. It's the binaries that were corrupted - the code is intact! The only thing they could have been reading were hexdumps of binaries or perhaps some disassembler verbiage. I'll say hexdumps because their "code" seemed very dense regular with separate columns.
Sharon somehow magically takes one look at the code, and recognizes the "virus". First of all, we already established that they are probably looking at hexdumps. I don't care if you are a cylon. If you can look at page of hex and say "ah, that's the malicious code right there" you are a fucking digital god or something. And even if it is high level code - most of the time I can't even figure out what the hell did I code three months ago without spending quite a bit of time refreshing my memory. Sure, she is a Cylon, but it would be much more realistic to show her studying the code for few hours before freaking out.
And don't give me that "their technology is much more advanced than this" bullshit. If you think this way, it just shows that you are clueless. Everything I have seen on that show suggests that their electronics are not that much different from ours. Sure, they probably have figured out some really nifty stuff in the OS field, and they probably don't use C (but I wouldn't be surprised if they were running on a legacy COBOL system lol). But the basic concepts are the same.
Anyways... It's interesting to see that Sharon does have mechanical parts in her. The port in the wrist thing is kinda useful it seems. But this type of thing could probably be easily tested for. Wouldn't it show up on x-rays? Is it bio-based technology?
Now whoever tells me that Sharon "hacked" the Cylon attack ships will be punched in the head. It is very obvious to me that as one of the higher caste Cylons she still holds the absolute power over her metallic brethren. I think any meat-based cylon could do the same thing - ie. switch off bunch of attack grad machines. Furthermore, if Galactica Sharon is an exact copy of the Cylon Sharon model, then they probably can't take away this ability from her, without locking out all the other active Sharon models out there.
I liked the episode but this stupid rootkit hunting stuff annoyed me.
posted by Luke @ 9/16/2005 11:04:00 PM permalink
Szaman2
Atom Feed
icons? See 
2 Comments:
At Sat Sep 17, 06:43:00 PM,
Luke said…
What's to prevent the Cylon virus from intercepting the diff output and substituting its own output to show nothing is wrong?
You isolate the two copies of the code code and run it on an unpluged machine that has been formated, and cleaned offline. You just make sure that copies of your code are not executable (chmod -x code). Anyway's I just make that example to illustrate why I think the stuff they were printing out were hexdumps - not the actual source code.
The look she had after briefly seeing the hexdump was that of a subversive program being activated. We've seen that look before....
Very good point. I actually had a discussion about this with someone today. Personally I think she was just shocked that they decided to do this while she was still onboard. But you are rigth - they did say that the child must be protected... Very interesting.
At Mon Sep 19, 12:57:00 AM,
Luke said…
as soon as they were talking about reformatting the hard drive I was ready to get my screwdriver and help them out 'cause I'm no *so* the expert at this now!
Don't you wish your computer had this kind of recovery speed? Reinstalling windows from scratch usually takes 2-3 hours (if you count formating, all the rebooting, installing all the drivers and etc). Linux is a little better at this (you usually reboot once, and most of the stuff works out of the box), but not all hardware is supported :)
It also kinda scared me a whee bit that even my laptop knows what's going to happen on BSG.
Oh no! You must have caught the Cylon virus too! lol Btw, if a Sharon model Cylon pops out in your apartment one day offering to help with the infection, can you package her nicely and send here here once you are done? ;)
Um... This is strictly for scientific purposes actually. No really... I'm just interested in... Er... "scientifically" investigating the physiological differences between Cylons and humans.
Post a Comment
<< Home