terrible programmers: my god, it's full of chars

The Something Awful Forums > Discussion > Serious Hardware/Software Crap > YOSPOS > terrible programmers: my god, it's full of chars

«‹›1446 »

Asshole Masonanie: Oct 27, 2009; by vyelkin

craisins posted:

best part about it is always shifting the blame to whoever made it

that's literally my job right now because the "10x engineer" quit and left me with a monstrosity

# ? Jan 29, 2016 00:07

Adbot: ADBOT LOVES YOU

# ? May 24, 2024 21:42

Asshole Masonanie: Oct 27, 2009; by vyelkin

667 neighbor of the beast

# ? Jan 29, 2016 00:07

craisins: May 17, 2004; A DRIIIIIIIIIIIIVE!

Power Ambient posted:

that's literally my job right now because the "10x engineer" quit and left me with a monstrosity

"sorry there's no good <insert js framework here> <component/plugin/directive> for that and it'd take too long to implement"

# ? Jan 29, 2016 00:42

Soricidus: Oct 21, 2010; freedom-hating statist shill

computer toucher posted:

lol probably not:

code:

def sort(a):
    b = []
    while len(a) > 0:
        s = n = None
        for n in a:
            if s < n:
               s = n
        b.append(s)
        a.remove(s)
    return b

this would be more efficient if you reverse-sorted a first, so that you could assume the best s was always the first element of a

# ? Jan 29, 2016 00:46

Hunter2 Thompson: Feb 3, 2005; Ramrod XTreme

I'm working on an IoThing that comes up as a wifi AP on first boot. The user connects to the AP, then uses our app to send the SSID and password of their home network to the IoThing (as the IoThing doesn't have a display or keyboard of its own).

The IoThing scans in-range wifi networks and presents a user with a list of SSIDs, to improve the ~user experience~.

This whole thing is done using a small webserver running on the IoThing and HTTP GETs, PUT, etc. If you know the URL, you can connect to the AP and get JSON back with a list of nearby SSIDs.

It turns out if there's an SSID named "*", you'll get the following in your JSON:

code:

{"wifi_survey: [
    {
          "BSSID": "REDACTED",
          "SSID": "factory_reset.sh factory_test.sh firmware_update.sh
            get_calibration.sh initial_setup.sh network_info.sh package_update.sh
            reboot.sh setup_lan.sh system_dump.sh wifi_survey.sh",
          "Channel": 1,
          "Mode": "11b/g/n",
          "Signal": 100,
          "Security": "WPA2PSK/AES"
     }, ...]
}

You can imagine what SSIDs like "/*" or "/*/*" produce...

# ? Jan 29, 2016 00:49

VikingofRock: Aug 24, 2008

meatpotato posted:

I'm working on an IoThing that comes up as a wifi AP on first boot. The user connects to the AP, then uses our app to send the SSID and password of their home network to the IoThing (as the IoThing doesn't have a display or keyboard of its own).

The IoThing scans in-range wifi networks and presents a user with a list of SSIDs, to improve the ~user experience~.

This whole thing is done using a small webserver running on the IoThing and HTTP GETs, PUT, etc. If you know the URL, you can connect to the AP and get JSON back with a list of nearby SSIDs.

It turns out if there's an SSID named "*", you'll get the following in your JSON:
code:
{"wifi_survey: [
    {
          "BSSID": "REDACTED",
          "SSID": "factory_reset.sh factory_test.sh firmware_update.sh
            get_calibration.sh initial_setup.sh network_info.sh package_update.sh
            reboot.sh setup_lan.sh system_dump.sh wifi_survey.sh",
          "Channel": 1,
          "Mode": "11b/g/n",
          "Signal": 100,
          "Security": "WPA2PSK/AES"
     }, ...]
}
You can imagine what SSIDs like "/*" or "/*/*" produce...

NICE!

# ? Jan 29, 2016 01:42

Zaxxon: Feb 14, 2004; Wir Tanzen Mekanik

craisins posted:

"sorry there's no good js framework"

# ? Jan 29, 2016 02:13

Soricidus: Oct 21, 2010; freedom-hating statist shill

meatpotato posted:

I'm working on an IoThing that comes up as a wifi AP on first boot. The user connects to the AP, then uses our app to send the SSID and password of their home network to the IoThing (as the IoThing doesn't have a display or keyboard of its own).

The IoThing scans in-range wifi networks and presents a user with a list of SSIDs, to improve the ~user experience~.

This whole thing is done using a small webserver running on the IoThing and HTTP GETs, PUT, etc. If you know the URL, you can connect to the AP and get JSON back with a list of nearby SSIDs.

It turns out if there's an SSID named "*", you'll get the following in your JSON:
code:
{"wifi_survey: [
    {
          "BSSID": "REDACTED",
          "SSID": "factory_reset.sh factory_test.sh firmware_update.sh
            get_calibration.sh initial_setup.sh network_info.sh package_update.sh
            reboot.sh setup_lan.sh system_dump.sh wifi_survey.sh",
          "Channel": 1,
          "Mode": "11b/g/n",
          "Signal": 100,
          "Security": "WPA2PSK/AES"
     }, ...]
}
You can imagine what SSIDs like "/*" or "/*/*" produce...

what the literal gently caress

what does an ssid like '"; rm -rf * #' do?

# ? Jan 29, 2016 02:44

kitten emergency: Jan 13, 2008; get meow this wack-ass crystal prison

meatpotato posted:

I'm working on an IoThing that comes up as a wifi AP on first boot. The user connects to the AP, then uses our app to send the SSID and password of their home network to the IoThing (as the IoThing doesn't have a display or keyboard of its own).

The IoThing scans in-range wifi networks and presents a user with a list of SSIDs, to improve the ~user experience~.

This whole thing is done using a small webserver running on the IoThing and HTTP GETs, PUT, etc. If you know the URL, you can connect to the AP and get JSON back with a list of nearby SSIDs.

It turns out if there's an SSID named "*", you'll get the following in your JSON:
code:
{"wifi_survey: [
    {
          "BSSID": "REDACTED",
          "SSID": "factory_reset.sh factory_test.sh firmware_update.sh
            get_calibration.sh initial_setup.sh network_info.sh package_update.sh
            reboot.sh setup_lan.sh system_dump.sh wifi_survey.sh",
          "Channel": 1,
          "Mode": "11b/g/n",
          "Signal": 100,
          "Security": "WPA2PSK/AES"
     }, ...]
}
You can imagine what SSIDs like "/*" or "/*/*" produce...

screenshot and send to @internetofshit pls

# ? Jan 29, 2016 02:49

DONT THREAD ON ME: Oct 1, 2002; by Nyc_Tattoo; Floss Finder

Soricidus posted:

what the literal gently caress

what does an ssid like '"; rm -rf * #' do?

probably happens pretty easily given that the tools are written in bash

# ? Jan 29, 2016 02:50

Hunter2 Thompson: Feb 3, 2005; Ramrod XTreme

A recently-departed (quit, not dead) coworker wrote most of the IoThing code and I'm attempting to clean up some of the mess.

Our IoThing hasn't shipped yet (and this will be fixed when it does), so I don't think it counts for InternetOfShit, as much as I wish it would. I'm sure I'll see our stuff there eventually because the product is ridiculous. We paid for ten grand for a security audit and they didn't find this --so I'm sure there will be lots of other, better bugs uncovered soon.

For those interested, the hole comes from using the shell builtin "read" to go line-by-line through the wifi site survey, I guess read globs the *. I don't think there's a remote-execution by a carefully-crafted SSID vulnerability but since I'm an idiot at shell-scripting I don't know for sure. I tried making an SSID named $(echo "owned" > /tmp/owned) but it did nothing.

I'm fixing the problem with a C++ program that uses ioctl to get the nearby APs and output JSON directly instead of this shell script string manipulation garbage.

Hunter2 Thompson fucked around with this message at 03:34 on Jan 29, 2016

# ? Jan 29, 2016 03:10

DONT THREAD ON ME: Oct 1, 2002; by Nyc_Tattoo; Floss Finder

yeah i can totally see making some lovely bash scripts like that to get the project up and running when its in early development.

# ? Jan 29, 2016 03:21

Shaggar: Apr 26, 2006

meatpotato posted:

A recently-departed (quit, not dead) coworker wrote most of the IoThing code and I'm attempting to clean up some of the mess.

Our IoThing hasn't shipped yet (and this will be fixed when it does), so I don't think it counts for InternetOfShit, as much as I wish it would. I'm sure I'll see our stuff there eventually because the product is ridiculous. We paid for ten grand for a security audit and they didn't find this --so I'm sure there will be lots of other, better bugs uncovered soon.

For those interested, the hole comes from using the shell builtin "read" to go line-by-line through the wifi site survey, I guess read globs the *. I don't think there's a remote-execution by a carefully-crafted SSID vulnerability but since I'm an idiot at shell-scripting I don't know for sure. I tried making an SSID named $(echo "owned" > /tmp/owned) but it did nothing.

I'm fixing the problem with a C++ program that uses ioctl to get the nearby APs and output JSON directly instead of this shell script string manipulation garbage.

security audits are the most useless poo poo

# ? Jan 29, 2016 04:31

Hunter2 Thompson: Feb 3, 2005; Ramrod XTreme

Shaggar posted:

security audits are the most useless poo poo

It's now my impression security audits like this exist only for CYA reasons, not to actually find or fix issues. One "critical" issue the audit uncovered was that you could get a root console on the device --if you had physical access, opened the case and soldered a serial cable to the right test pads. Give me a break.

From all the crazy poo poo I read on the internet I've learned that if somebody really wants to reverse-engineer your lovely IoT product, a password on the serial console isn't going to stop them. They're going to unsolder your flash memory and dump it over SPI...

# ? Jan 29, 2016 05:16

Maluco Marinero: Jan 18, 2001; Damn that's a
fine elephant.

Shaggar posted:

security audits are the most useless poo poo

security audits are a great way to convert an unforgivable process failure (no security audits) into an understandable human error (no one saw that vulnerability).

the absence of an audit is far harder to explain away than its failure to find anything.

# ? Jan 29, 2016 06:01

MeruFM: Jul 27, 2010

i forgot IoT was still a thing
that's so 2013-14

# ? Jan 29, 2016 08:01

JawnV6: Jul 4, 2004; So hot ...

meatpotato posted:

They're going to unsolder your flash memory and dump it over SPI...

And... and you didn't use an address-based hash to obscure the contents from such an attack..

*clucks and marks clipboard*

# ? Jan 29, 2016 08:50

Captain Foo: May 11, 2004; we vibin'
we slidin'
we breathin'
we dyin'

meatpotato posted:

I'm working on an IoThing that comes up as a wifi AP on first boot. The user connects to the AP, then uses our app to send the SSID and password of their home network to the IoThing (as the IoThing doesn't have a display or keyboard of its own).

The IoThing scans in-range wifi networks and presents a user with a list of SSIDs, to improve the ~user experience~.

This whole thing is done using a small webserver running on the IoThing and HTTP GETs, PUT, etc. If you know the URL, you can connect to the AP and get JSON back with a list of nearby SSIDs.

It turns out if there's an SSID named "*", you'll get the following in your JSON:
code:
{"wifi_survey: [
    {
          "BSSID": "REDACTED",
          "SSID": "factory_reset.sh factory_test.sh firmware_update.sh
            get_calibration.sh initial_setup.sh network_info.sh package_update.sh
            reboot.sh setup_lan.sh system_dump.sh wifi_survey.sh",
          "Channel": 1,
          "Mode": "11b/g/n",
          "Signal": 100,
          "Security": "WPA2PSK/AES"
     }, ...]
}
You can imagine what SSIDs like "/*" or "/*/*" produce...

by catching this before deploy you are in the top 10%

# ? Jan 29, 2016 14:29

fritz: Jul 26, 2003

MeruFM posted:

i forgot IoT was still a thing
that's so 2013-14

i was at an iot talk earlier this week and the speaker was excited about the possibility of his microwave tweeting at him when it was done cooking

# ? Jan 29, 2016 14:59

~Coxy: Dec 9, 2003; R.I.P. Inter-OS Sass - b.2000AD d.2003AD

i want my drat dishwasher to tweet at me when it gets yet another d14 error and i have to restart the cycle until it works

# ? Jan 29, 2016 15:03

Shaggar: Apr 26, 2006

Maluco Marinero posted:

security audits are a great way to convert an unforgivable process failure (no security audits) into an understandable human error (no one saw that vulnerability).

the absence of an audit is far harder to explain away than its failure to find anything.

my favorite security audit thing is explaining to them for the 100th time why they cant use the version numbers their network scanner found to determine centos patch levels

# ? Jan 29, 2016 15:29

JawnV6: Jul 4, 2004; So hot ...

ive updated my BLE stack

the old version smuggled functions around by hiding them behind #define's with \'s at endline to club a few of them together

that obfuscation wasn't good enough for the vendor. so now they're handling those callback inits with a 20 entry array passed in with mostly NULLs and I can't find the index definitions anywhere

# ? Jan 29, 2016 20:44

Hunter2 Thompson: Feb 3, 2005; Ramrod XTreme

JawnV6 posted:

ive updated my BLE stack

the old version smuggled functions around by hiding them behind #define's with \'s at endline to club a few of them together

that obfuscation wasn't good enough for the vendor. so now they're handling those callback inits with a 20 entry array passed in with mostly NULLs and I can't find the index definitions anywhere

Please name this vendor so I can avoid them tia

# ? Jan 29, 2016 21:20

Hunter2 Thompson: Feb 3, 2005; Ramrod XTreme

meatpotato posted:

I'm fixing the problem with a C++ program that uses ioctl to get the nearby APs and output JSON directly instead of this shell script string manipulation garbage.

No I'm not.

The ioctl returns the same column-formatted data that 'iwpriv iface scan' (or w/e) returns. Why try?

I looked into the wifi driver source code, dug around until I found a 900-line struct an noped the gently caress out.

Edit: I'm so amazed that operating systems don't crash more often due to terrible drivers. Does the kernel protect against drivers doing stupid poo poo?

Hunter2 Thompson fucked around with this message at 21:41 on Jan 29, 2016

# ? Jan 29, 2016 21:27

Hunter2 Thompson: Feb 3, 2005; Ramrod XTreme

Another great bug:

Sometimes the system would get into a state where HTTP GETs to our CGI handler would instead return the handler executable (!!!) rather than executing the handler and replying with its output.

# ? Jan 29, 2016 22:16

Soricidus: Oct 21, 2010; freedom-hating statist shill

meatpotato posted:

No I'm not.

The ioctl returns the same column-formatted data that 'iwpriv iface scan' (or w/e) returns. Why try?

I looked into the wifi driver source code, dug around until I found a 900-line struct an noped the gently caress out.

Edit: I'm so amazed that operating systems don't crash more often due to terrible drivers. Does the kernel protect against drivers doing stupid poo poo?

you could at least parse the column-formatted data in a language that doesn't helpfully treat strings as filesystem globs?

# ? Jan 29, 2016 22:37

JawnV6: Jul 4, 2004; So hot ...

meatpotato posted:

Please name this vendor so I can avoid them tia

who out there is super happy with their BLE folks? nordic seems like a moving target, TI's great if you're big enough to get support, broadcom/csr/etc won't talk to you until you're in the millions

vendor's been great for everything else, but this one part smells like a recent acquisition. and i should've been dealing with this stuff a while ago, but I kept the tools frozen until the last release

# ? Jan 29, 2016 22:56

Hunter2 Thompson: Feb 3, 2005; Ramrod XTreme

Soricidus posted:

you could at least parse the column-formatted data in a language that doesn't helpfully treat strings as filesystem globs?

Available tools: awk, sed, etc., C++ std lib.

Which do I use? I'm proficient at none, gonna learn something though.

Side note: Sorry people with leading or trailing spaces in your SSID, I guess we can't connect to you.

# ? Jan 29, 2016 22:57

JawnV6: Jul 4, 2004; So hot ...

meatpotato posted:

Side note: Sorry people with leading or trailing spaces in your SSID, I guess we can't connect to you.

wait until you have to deploy where this formatting is enforced by corp IT

# ? Jan 29, 2016 22:59

Hunter2 Thompson: Feb 3, 2005; Ramrod XTreme

JawnV6 posted:

who out there is super happy with their BLE folks? nordic seems like a moving target, TI's great if you're big enough to get support, broadcom/csr/etc won't talk to you until you're in the millions

vendor's been great for everything else, but this one part smells like a recent acquisition. and i should've been dealing with this stuff a while ago, but I kept the tools frozen until the last release

I was very happy with Nordic's nRF51822 when I did a project based on it. The SoftDevice was really easy to use and fit most of our non-exotic needs. We used CrossWorks' toolchain/IDE but if I had to go back I'd probably just make a GCC and CMake toolchain myself.

# ? Jan 29, 2016 23:00

computer parts: Nov 18, 2010; PLEASE CLAP

fritz posted:

i was at an iot talk earlier this week and the speaker was excited about the possibility of his microwave tweeting at him when it was done cooking

like literally tweeting or just notifications

because i would follow Bob's Microwave to see when his stuff finishes

# ? Jan 29, 2016 23:17

Jerry Bindle: May 16, 2003

what possible use-case is there for a tweeting microwave other than "has a vested interest in selling IoT hardware, software, or support"

# ? Jan 29, 2016 23:30

Baxate: Feb 1, 2011

Barnyard Protein posted:

what possible use-case is there for a tweeting microwave other than "has a vested interest in selling IoT hardware, software, or support"

deaf people who can't look up from their phones?

# ? Jan 29, 2016 23:33

Valeyard: Mar 30, 2012; Grimey Drawer

Barnyard Protein posted:

what possible use-case is there for a tweeting microwave other than "has a vested interest in selling IoT hardware, software, or support"

people that have a vested interest in their hot pockets being hot

# ? Jan 29, 2016 23:34

Share Bear: Apr 27, 2004

what would you microwave that would be tedious enough, or possible to get far away from, in its cooking time to require that

"Gotta live an optimized life, better refresh Twitter/LinkedIn/Facebook in these five minutes, but not in the food work zone, tha'ts unoptimal"

# ? Jan 29, 2016 23:34

Share Bear: Apr 27, 2004

I'd really like it if these hot pockets were ready when i walked in the door rather than wait 4 minutes, let me schedule this over the internet

# ? Jan 29, 2016 23:34

Soricidus: Oct 21, 2010; freedom-hating statist shill

yawn. wake me up when my microwave is paying the freezer in bitcoins for permission to cook its food.

# ? Jan 29, 2016 23:38

Jerry Bindle: May 16, 2003

Ludwig van Halen posted:

deaf people who can't look up from their phones?

oh thats actually a good one

# ? Jan 29, 2016 23:41

JawnV6: Jul 4, 2004; So hot ...

Barnyard Protein posted:

what possible use-case is there for a tweeting microwave other than "has a vested interest in selling IoT hardware, software, or support"

yeah, make absolutely every call blocking and never take advantage of an ISR to determine when something's interesting :rolleyes:

# ? Jan 30, 2016 01:06

Adbot: ADBOT LOVES YOU

# ? May 24, 2024 21:42

DaTroof: Nov 16, 2000; CC LIMERICK CONTEST GRAND CHAMPION
There once was a poster named Troof
Who was getting quite long in the toof

out of the 6 wordpress sites this company made, 3 have been hacked. out of the 3 that haven't been hacked, 2 aren't in production yet.

jfc

# ? Jan 30, 2016 16:56

The Something Awful Forums > Discussion > Serious Hardware/Software Crap > YOSPOS > terrible programmers: my god, it's full of chars

«‹›1446 »