Ken Thompson 的密碼

剛剛看到這串還蠻歡樂的...

起因於 BSD 3 的程式碼裡面有個 /etc/passwd,而且是帶有 crypt 的版本:「unix-history-repo/etc/passwd」。

裡面有蠻多密碼都已經被解出來了,但還是有些還沒解出來... 而最近的消息是 ken (Ken Thompson) 的密碼被解了出來:「Ken Thompson's Unix password」。

From: Nigel Williams <nw@retrocomputingtasmania.com>
Cc: TUHS main list <tuhs@minnie.tuhs.org>
Subject: Re: [TUHS] Recovered /etc/passwd files
Date: Wed, 9 Oct 2019 16:49:48 +1100

ken is done:

ZghOT0eRm4U9s:p/q2-q4!

took 4+ days on an AMD Radeon Vega64 running hashcat at about 930MH/s
during that time (those familiar know the hash-rate fluctuates and
slows down towards the end).

另外解出來的人也發現了這組密碼是一組西洋棋的 Descriptive notation,跟 Ken Thompson 的背景也相符:

From: Nigel Williams <nw@retrocomputingtasmania.com>
Cc: TUHS main list <tuhs@minnie.tuhs.org>
Subject: Re: [TUHS] Recovered /etc/passwd files
Date: Wed, 9 Oct 2019 16:52:00 +1100

On Wed, Oct 9, 2019 at 4:49 PM Nigel Williams
<nw@retrocomputingtasmania.com> wrote:
> ZghOT0eRm4U9s:p/q2-q4!

BTW, is that a chess move?

不過我覺得最好玩的是這個,不確定是不是本尊就是了:

From: Ken Thompson via TUHS <tuhs@minnie.tuhs.org>
To: Andy Kosela <akosela@andykosela.com>
Cc: TUHS main list <tuhs@minnie.tuhs.org>
Subject: Re: [TUHS] Recovered /etc/passwd files
Date: Wed, 9 Oct 2019 01:53:25 -0700

congrats.

On Wed, Oct 9, 2019 at 1:16 AM Andy Kosela <akosela@andykosela.com> wrote:
>
> On 10/9/19, Warner Losh <imp@bsdimp.com> wrote:
> > On Tue, Oct 8, 2019, 11:52 PM Nigel Williams
> > <nw@retrocomputingtasmania.com>
> > wrote:
> >
> >> On Wed, Oct 9, 2019 at 4:49 PM Nigel Williams
> >> <nw@retrocomputingtasmania.com> wrote:
> >> > ZghOT0eRm4U9s:p/q2-q4!
> >>
> >> BTW, is that a chess move?
> >>
> >
> > Most common opening.
> >
>
> Descriptive chess notation is not as popular today as it was back in
> the 70s, but it actually makes perfect sense as Ken is a long time
> chess enthusiast.
>
> --Andy

還有 Rob Pike 對這件事情不怎麼贊同的看法:

From: Rob Pike <robpike@gmail.com>
To: Nigel Williams <nw@retrocomputingtasmania.com>
Cc: TUHS main list <tuhs@minnie.tuhs.org>
Subject: Re: [TUHS] Recovered /etc/passwd files
Date: Wed, 9 Oct 2019 09:59:43 -1000

I coulda told you that. One tends to learn passwords (inadvertently) when
they're short and typed nearby often enough. (Sorry, ken.)

If I remember right, the first half of this password was on a t-shirt
commemorating Belle's first half-move, although its notation may have been
different.

Interesting though it is, though, I find this hacking distasteful. It was
distasteful back when, and it still is. The attitudes around hackery have
changed; the position nowadays seems to be that the bad guys are doing it
so the good guys should be rewarded for doing it first. That's disingenuous
at best, and dangerous at worst.

-rob


On Tue, Oct 8, 2019 at 7:50 PM Nigel Williams <nw@retrocomputingtasmania.com>
wrote:

> ken is done:
>
> ZghOT0eRm4U9s:p/q2-q4!
>
> took 4+ days on an AMD Radeon Vega64 running hashcat at about 930MH/s
> during that time (those familiar know the hash-rate fluctuates and
> slows down towards the end).
>

意外的引誘到一群人跑出來...

反過來在 ARM 上面跑 x86 模擬器...

看到「Box86 - Linux Userspace x86 Emulator with a twist, targeted at ARM Linux devices」這個專案,在 ARM 的機器上跑 x86 模擬器:

然後其實作者還弄了不少東西,像是透過 GL4ES 處理 OpenGL 的界面,其實前面做的功夫比想像中高不少...

然後從作者給的範例可以看出來主力在遊戲 XDDD

AI 版的星海爭霸二將直接透過歐洲區的 Battle.net 匿名與人類對戰

前幾天 Blizzard 公佈的消息,DeepMind 的星海爭霸二 AI (AlphaStar) 將會透過 Blizzard 的 Battle.net 歐洲區伺服器跟人類對戰:「DeepMind Research on Ladder」。

Experimental versions of DeepMind’s StarCraft II agent, AlphaStar, will soon play a small number of games on the competitive ladder in Europe as part of ongoing research into AI.

預設是不會對到的,需要選擇參與:

If you would like the chance to help DeepMind with its research by matching against AlphaStar, you can opt in by clicking the “opt-in” button on the in-game popup window. You can alter your opt-in selection at any time by using the “DeepMind opt-in” button on the 1v1 Versus menu.

但你仍然不會知道對手是人還是 AI,而且如同一般對戰情況,這會影響到你的戰績:

For scientific test purposes, DeepMind will be benchmarking AlphaStar’s performance by playing anonymously during a series of blind trial matches. This means the StarCraft community will not know which matches AlphaStar is playing, to help ensure that all games are played under the same conditions. AlphaStar plays with built-in restrictions that the DeepMind team has defined in consultation with pro players. A win or a loss against AlphaStar will affect your MMR as normal.

okay,這樣大概知道為什麼只開放歐洲區了...

加州從今年七月開始,禁止 AI 偽裝成人類 (前幾天也有一些新聞在報導):「A California law now means chatbots have to disclose they’re not human」,對應的法條在「Bill Text - SB-1001 Bots: disclosure」這邊可以看到:

17941. (a) It shall be unlawful for any person to use a bot to communicate or interact with another person in California online, with the intent to mislead the other person about its artificial identity for the purpose of knowingly deceiving the person about the content of the communication in order to incentivize a purchase or sale of goods or services in a commercial transaction or to influence a vote in an election. A person using a bot shall not be liable under this section if the person discloses that it is a bot.

(b) The disclosure required by this section shall be clear, conspicuous, and reasonably designed to inform persons with whom the bot communicates or interacts that it is a bot.

而加州是 Blizzard Entertainment 的總部...

法條上面對「online platform」有設計排除條款,不過如果只算星海二的人數,有可能不到這個豁免限制... 所以得避開而改用歐洲區來測試?

(c) “Online platform” means any public-facing Internet Web site, Web application, or digital application, including a social network or publication, that has 10,000,000 or more unique monthly United States visitors or users for a majority of months during the preceding 12 months.

(c) This chapter does not impose a duty on service providers of online platforms, including, but not limited to, Web hosting and Internet service providers.

美國軍方應該是超級關注這個議題,相較於 AlphaGo 或是 AlphaZero 是資訊完全透明的遊戲,這次要踏入非對稱資訊的遊戲。

如果在這個領域上有成果的話,可以預期未來的戰爭 (yeah 實體戰爭) 會開始大量採用 AI 了...

日本圍棋界使用 AWS 分析棋局的情況

看到「圍棋AI與AWS」這篇譯文,原文是「囲碁AIブームに乗って、若手棋士の間で「AWS」が大流行 その理由とは?」。

沒有太意外是使用 Leela Zero + Lizzle,畢竟這是 open source project,在軟體與資料的取得上相當方便,而且在好的硬體上已經可以超越人類頂尖棋手。

由於在 Lizzle 的介面上可以看到勝率,以及 Leela Zero 考慮的下一手 (通常會有多個選點),而且當游標移到這些選點上以後,還會有可能的變化圖可以看,所以對於棋手在熟悉操作介面後,可以很快的擺個變化圖,然後讓 Leela Zero 分析後續的發展,而棋手就可以快速判斷出「喔喔原來是這樣啊」。

網路上也有類似的自戰解說,可以看到棋手對 Lizzle 的操作與分析 (大約從 50:50 開始才是 Lizzle 的操作):

不過話說回來,幹壞事果然是進步最大的原動力... 讓一群對 AWS 沒什麼經驗的圍棋棋手用起 AWS,而且還透過 AMI 與 spot instance 省錢... XD

連安裝 Windows 95 都可以 Speedrun...

看到「Speedrunning Windows 95」這篇,連裝 Windows 95 都可以有 speedrun:

Now, there’s a world record speedrun, installing Windows 95B in just 1 minute 10.9 seconds.

可以看到是在 VirtualBox 裡面裝的,這樣看起來也跟電腦速度有關... (把所有東西都塞到 memory 裡面?)

把掃地機器人的資料轉成 DOOM 的地圖...

看到「DOOMBA」這篇文章,介紹了 Noesis 這個工具,然後拿這個工具把 Roomba 的軌跡資料轉成 DOOM 的地圖:

第一個想法是「XDDD」,但第二個想法是「咦,程式怎麼不是放在 GitHub 或是其他 Git Hosting 上面」...

Fortnite 看起來沒上 Auto Scaling?(或是沒正確設好?)

Fortnite 遊戲的伺服器放在 AWS 上,看起來這波 Meltdown 的安全更新 (KPTI) 造成非常大的 overhead:

不過看起來出了問題:

We wanted to provide a bit more context for the most recent login issues and service instability. All of our cloud services are affected by updates required to mitigate the Meltdown vulnerability. We heavily rely on cloud services to run our back-end and we may experience further service issues due to ongoing updates.

最有可能的是把 AWS 當作一般的 VPS 在用,另外一種可能是有部份內部服務沒有 scale,造成上了 KPTI 後 overhead 增加,就卡住了...

在 TeX 上輸出圍棋棋譜的套件 psgo_emitter

忘記是在哪邊看到 avysk/psgo_emitter 這個套件,提供 TeX 語法輸出成圍棋棋盤的圖示,不過說明裡說只支援 Windows 平台:

psgo_emitter is a (Windows) console utility to create go diagrams for go life-and-death problems (tsumego).

可以只輸出角部,像是這段語法:

    \begin{psgopartialboard}{(1,1)(8,6)}
            \stone{black}{b}{3}
            \stone{black}{d}{3}
            \stone{black}{b}{4}
            \stone{white}{d}{5}
            \stone{white}{g}{2}
            \stone{black}{d}{2}
            \stone{white}{b}{5}
            \stone{white}{c}{4}
            \stone{white}{e}{4}
            \stone{white}{e}{3}
            \stone{white}{e}{2}
            \stone{black}{e}{1}
    \end{psgopartialboard}

會輸出這樣的圖:

另外也可以把手順放進去:

    \begin{psgopartialboard}{(1,1)(8,6)}
            \stone{black}{b}{3}
            \stone[\marklb{1}]{black}{a}{2}
            \stone{black}{d}{3}
            \stone{black}{b}{4}
            \stone[\marklb{8}]{white}{f}{1}
            \stone[\marklb{6}]{white}{d}{1}
            \stone{white}{e}{2}
            \stone{white}{g}{2}
            \stone{black}{d}{2}
            \stone{white}{b}{5}
            \stone[\marklb{7}]{black}{b}{2}
            \stone[\marklb{9}]{black}{a}{1}
            \stone{white}{c}{4}
            \stone[\marklb{4}]{white}{c}{2}
            \stone{white}{e}{4}
            \stone[\marklb{5}]{black}{c}{3}
            \stone{white}{e}{3}
            \stone[\marklb{2}]{white}{b}{1}
            \stone{white}{d}{5}
            \stone[\marklb{3}]{black}{a}{4}
            \stone{black}{e}{1}
    \end{psgopartialboard}

就會輸出:

套件還很新,不知道之後會發展成什麼樣子...

各種道路設計對於流量的影響?

在「The rates of traffic flow on different kinds of 4-way intersections」這邊看到有趣的東西,利用遊戲 Cities: Skylines 模擬各種道路設計對流量的影響:

This is an animation of traffic flows simulated on 30 different kinds of four-way junctions, from two roads intersecting with no traffic lights or signs to complex stacked interchanges that feature very few interactions between individual cars. It was recorded in a game called Cities: Skylines, a more realistic take on SimCity.

影片在這:

記得這是模擬,實際情況會有其他考量,所以裡面的結果參考就好...

然後裡面有看到很多常見的設計,還有一些沒看過的神奇設計 XD 另外有些設計超級複雜,第一次開的人真的會知道怎麼開嗎 XDDD

AlphaGo 的電影將會上在 Netflix

Twitter 上看的消息,2018 年上到 Netflix

沒幾天了,來等吧...