The Mac OS X Expert Challenge — 2005.1
© Amit Singh. All Rights Reserved.The Background
Current Challenge Status >>>
I acquired my first Macintosh computer on April 1st, 2003, thus recently completing two years as a Mac OS X user. Having spent over ten years researching and studying a variety of operating systems, I found Mac OS X to be rather interesting subject matter. It differs from other prevalent systems on many fronts: architecture, philosophy, industry-perception, as well as the size, techno-culture, and nature of the user-base. One aspect that I have no feel for, but have always wanted to somehow quantify, is the system-level expertise spectrum of the Mac OS X user-base.
On a related note, there has been considerable hue and cry recently regarding the purported security and potential insecurity of Mac OS X, with hardly any logically plausible arguments made by any of the camps involved.
Along these lines, I thought of offering a small challenge to the Mac OS X community. "Challenge" is perhaps too strong a word, but I hope it kindles the interest and enterprise of the targeted audience.
The problem posed here simulates a scenario that a Mac OS X system or security expert may face, say, when dealing with malicious or potentially malicious software of unknown origin. "Dealing with" could mean several things, such as:
- Approximating the extent and nature of damage caused by malware (after the fact)
- Defending against existing malware
- Designing and developing generic or "future" defenses against yet unknown malware
In particular, a "security company" — one that creates or sells security solutions (especially host-based, but perhaps even network-based) for Mac OS X — is expected to to be able to tackle such problems and much harder ones.
Finally, I believe the problem posed may also be within the realm of some power-users with programming experience.
For detailed overviews of various security-related topics in operating systems and networking, please refer to A Taste Of Computer Security.
The challenge encompasses two partially overlapping areas of expertise:
- Operating System Internals (to a greater extent)
- Security (to a lesser extent)
My goals for this endeavor are the following:
- Probe popular interest in system-level Mac OS X topics. Knowledge of such interest is currently valuable to me as I am creating a book on such topics.
- Gauge the initiative and inquisitiveness of the Mac OS X community based on the kind of response generated.
- Use the outcome to roughly quantify, if possible, Internet-wide Mac OS X expertise outside of Apple.
- Facilitate sharing of Mac OS X knowledge.
- At the very least, provide an interesting problem for some people to solve.
The Problem
The problem involves a command line program called "panpipes", which has the following key properties:
- It is a user-space program.
- It runs with normal privileges (that is, does not require "root" access).
- It causes a kernel panic.
- It has been created on Mac OS X 10.3 "Panther". It may produce the same result on newer versions too.
- It uses some crude and intentionally weak measures to cloak its operation. I would rate the difficulty of defeating these measures to be 4 on a scale of 1 to 10, with 10 being the most difficult. My rating is primarily based on my having analyzed more sophisticated measures on other platforms, and the feasibility of similar measures on Mac OS X.
While a user-space program causing a kernel panic is alarming, and the corresponding system flaw must be fixed, such situations may occur on any operating system at one time or another. Only when there are too many flaws like this is the problem a reflection on the quality or stability of the operating system. To reiterate, this challenge should not be construed as an indicator of Mac OS X security or stability as compared to other systems.
The Challenge
- Analysis: Describe briefly what "panpipes" does to cause the kernel panic, including how you determined its operation. All other things being equal, a more satisfactory description will be one that includes the determination and deciphering of the cloaking measures used by "panpipes". You must specify the total amount of time you spent in analyzing the problem and describing your analysis. This is only for statistical reasons — whether you took 60 seconds or 60 days will have no explicit bearing on the merit of your submission. However, time is implicitly critical since the first satisfactory entry wins, as described in the rules.
- Example: Provide your own user-space program — one that is as simple as possible — that triggers the same kernel panic as "panpipes".
- Fix: Propose a reasonable fix for the Mac OS X flaw that is responsible for this behavior. With the fix implemented, "panpipes" must not be able to trigger a kernel-panic. Note that you do not actually have to implement the fix.
The Reward
- The winner's solution and analysis will be published in an appropriate section of kernelthread.com.
- The winner will receive a complimentary copy of my forthcoming book on Mac OS X internals, which is slated for publication (Addison-Wesley) in the second half of 2005. If the winner so desires, I will sign the book.
The Rules
- Submissions must be emailed to challenge@kernelthread.com.
- Submissions must be in English.
- The challenge is not open to Apple employees or their family members. I expect this to be a trivial problem for the relevant people at Apple, and in any case, a goal of this endeavor is to gauge interest and expertise in Mac OS X outside of Apple. However, the challenge is open to friends of Apple employees, provided the former do not receive help of any kind from the latter.
- Submissions will be evaluated by me (Amit Singh).
- The sender of the first email that I receive with a satisfactory solution will be the winner.
- The definition of "first email" will be based on my mail server's perception of time.
- The definition of "satisfactory solution" will be entirely up to my discretion, and will be binding and final.
- More than one person may choose to work together as a team. If a team is the winner, each of its members, up to a maximum of five members, will receive an individual copy of the book.
- The challenge has no explicit deadline, but it will implicitly end as soon as I have accepted a solution as satisfactory, and all subsequent submissions will not be considered. In this sense, the time taken to solve the problem matters. I will make every attempt to announce the challenge's termination as soon as possible. However, depending on the number of satisfactory solutions received after termination and before the result is published, I may post a list of all those whose solutions were satisfactory. Please see below for deadline update.
- I reserve the right to end the challenge at any arbitrary time for any arbitrary reason, even if no winner exists.
- Use this discussion thread on Kernelthread Forums for seeking any clarifications regarding the challenge, unless you have good reason for not using a public forum.
- No purchase necessary.
Disclaimer, Terms, and Conditions
- Important: You understand that "panpipes" is meant to crash the operating system. While the program does nothing harmful or destructive beyond attempting to trigger a kernel panic, there may be data loss as a side-effect of the crash (as is the case with any kernel panic).
- You understand that you have been advised not to run "panpipes" on a production system, or on any system containing or providing useful information or service.
- You take full responsibility for any potential damage that may occur as a result of using "panpipes".
- You agree not to use "panpipes" for any purpose other than to analyze and determine its operation as part of this challenge.
- You agree not to redistribute "panpipes".
- You understand and agree to the terms of the following legalese:
THIS SOFTWARE IS PROVIDED BY THE AUTHOR "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
The Program
Do you understand the disclaimer and agree to the terms and conditions of The Mac OS X Expert Challenge?
Challenge Status
Deadline Update
I am happy to share that the challenge has generated worldwide interest from various research labs, major and minor software companies, universities, and individuals.
I initially announced the challenge with no explicit deadline, and intended to terminate the challenge abruptly as soon as I accept a solution as "satisfactory". Some of the audience have expressed a desire for a fixed deadline, so that they can plan better and decide if they wish to participate. I tend to agree that having a fixed deadline to begin with would have been more appropriate.
Deadline
I am hereby establishing a firm deadline for the challenge: it closes at 6:00 pm PST, April 12, 2005 (Tuesday). A submission must be in my mailbox by that time to be considered. All submissions received after the deadline will not be evaluated.
Evaluation
Submissions will still be evaluated in the order they are received. Until the challenge closes, all submissions logically stay in a FIFO queue. Thus, if you have already sent your entry, please rest assured that I will do my utmost to achieve fair evaluation, even if doing so warrants painful subjectivity.
Announcement of Results
I do apologize to those who have submitted already and are awaiting results. I am sorry for testing your patience. I expect to announce the results, along with the winner's analysis and my own narrative, on the morning (PST) of April 13, 2005 (Wednesday). Result Announced
- The challenge is CLOSED.
- The challenge was open for 6 days and 15 hours.
- The challenge page was viewed 8030 times during the challenge.
- The "panpipes" program has been downloaded
times. It was downloaded 1071 times during the challenge.
- There were 5 submissions.