DOCSLIB.ORG

Sandbox Culture a Study of the Application of Free and Open Source Software Licensing Ideas to Art and Cultural Production

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text

Load more

Sandbox Culture A Study of the Application of Free and Open Source Software Licensing Ideas to Art and Cultural Production Aymeric Mansoux Supervisor: Matthew Fuller Thesis presented for the degree of Doctor of Philosophy Centre for Cultural Studies, Goldsmiths, University of London, February 2017 I, Aymeric Mansoux, confirm that the work presented in this thesis ismy own. Where information has been derived from other sources, I confirm that this has been indicated in the thesis. Date: February 19, 2017 Signed: Abstract In partial response to the inability of intellectual property laws to adapt to data-sharing over computer networks, several initiatives have proposed techno-legal alternatives to encourage the free circulation and transfor- mation of digital works. These alternatives have shaped part of contem- porary digital culture for more than three decades and are today often associated with the “free culture” movement. The different strands of this movement are essentially derived from a narrower concept of soft- ware freedom developed in the nineteen-eighties, and which is enforced within free and open source software communities. This principle was the first significant effort to articulate a reusable techno-legal template to work around the limitations of intellectual property laws. It also of- fered a vision of network culture where community participation and sharing was structural. From alternate tools and workflow systems, artist-run servers, net- work publishing experiments, open data and design lobbies, cooperative and collaborative frameworks, but also novel copyright licensing used by both non-profit organisations and for-profit corporations, the impact on cultural production of practices developed in relation to the ideas of iii free and open source software has been both influential and broadly ap- plied. However, if it is true that free and open source software has indeed succeeded in becoming a theoretical and practical model for the trans- formation of art and culture, the question remains at which ways it has provided such a model, how it has been effectively appropriated across different groups and contexts and in what ways these overlap ordiffer. Using the image of the sandbox, where code becomes a constituent device for different communities to experience varying ideologies and practices, this dissertation aims to map the consequent levels of diver- gence in interpreting and appropriating the free and open source techno- legal template. This thesis identifies the paradoxes, conflicts, and contra- dictions within free culture discourse. It explores the tensions between the wish to provide a theoretical universal definition of cultural freedom, and the disorderly reality of its practice and interpretation. However, despite the different layers of cultural diffusion, appropriation, misun- derstanding and miscommunication that together form the fabric of free culture, this dissertation argues that, even though feared, fought, and crit- icised, these issues are not signs of dysfunctionality but are instead the evidence of cultural diversity within free culture. This dissertation will also demonstrate that conflicts between and within these sandboxes cre- ate a democratic process that permits the constant transformation of the free and open source discourse, and is therefore something that should be embraced and neither resisted nor substituted for a universal approach to cultural production. iv Table of Contents Abstract iii List of Illustrations ix Acknowledgements xi Introduction xiii What Is Free Culture? . xiii Research Question ........................... xxi Methodology ..............................xxii Limit of the Research . .xxviii Structure of the Argument ......................xxx Prologue xxxiii Part 1: Free as in… Culture 1 1 Paradigm Maintenance and User Freedom 6 1.1 Questioning the Revolution ................... 6 1.2 Source Code and the Individuation of the Programmer . 11 1.3 Engineering Freedom and User Groups . 19 1.4 UNIX Connects the Dots, People and Pipelines . 26 1.5 The Growing Unix Fellowship . 33 1.6 Controlling Software Development . 38 1.7 Fratricide Software ........................ 45 1.8 The Need to Define ........................ 49 1.9 Software Licenses ......................... 59 1.10 From Machine Instructions to Community Rules . 63 Interlude 73 2 In Search of Pluralism 76 2.1 Diffusion and Appropriation . 76 2.2 Prototyping Free Culture .................... 83 2.3 Defining Free Culture and the Decay of Pluralism . 91 2.4 The Political Denial of Open Everything . 96 2.5 The Liberal Democratic Industries of Freedom and Openness 103 Part 2: Free as in… Art 113 3 Art Libre 120 3.1 Free Art Incentives . 120 3.2 Licence Art Libre . 130 3.3 Usefulness of Legal Constraints as Safe Haven . 137 3.4 Artistic Freedom versus Software Freedom . 148 Interlude 154 4 The Practice of Free-Range Free Culture 161 4.1 Mattin - Production . 161 4.2 Nina Paley - Product . 167 4.3 Stéphanie Villayphiou and Alexandre Leray - Process . 175 4.4 A Note on the Artistic Appropriation of the Free Cultural Discourse ..............................185 4.4.1 Save the GNou! . 186 4.4.2 Fibre Libre . 191 4.4.3 CC Ironies . 195 Interlude 201 5 Free Cultural Misunderstandings 205 5.1 The Double Misunderstanding with Copyleft . 205 5.2 The Enduring Debate over the Commercial Exploitation of Free Culture ............................221 Part 3: Free as in … Trapped 235 6 The (Almost) Endless Possibilities of the Free Culture Template247 6.1 Free Software Art Publishing . 247 6.2 The Source of Free Cultural Expressions . 259 6.3 Sharing Is Caring but How Many Files Are Enough? . 270 Interlude 280 7 From Techno-Legal Templates to Sandbox Culture 285 7.1 Deceptive Participations in a RO/RW Remix Culture . 285 7.2 The Early Days of Mixes Between Operating Systems and Social Systems . 297 7.3 Policies, Jails, Chroot and Sandboxes . 304 Interlude 311 8 The Mechanics of Sandbox Culture 316 8.1 A Day in the Sandbox Life . 316 8.1.1 RjDj .............................318 8.1.2 Fuck the System . 328 8.2 Fork the System . 339 8.3 On Forking Homes, Sandboxes and Software Exile . 354 Conclusion 368 Summary of the Argument . 369 A Model for the Transformation of Art and Cultural Production? 374 Remark on Sandbox Culture and Future Research . 379 Appendix: Selection of Proto-Free Culture Licenses 382 References 453 List of Illustrations 1.1 UNIX license plate ........................ 32 3.1 Reuse and appropriation between FAL/LAL artists . 136 4.1 Mattin at make art festival . 165 4.2 Sita Sings the Blues . 169 4.3 Snapshots from OSP design process and tools . 181 4.4 Dépôt marque Française COPYLEFT . 188 4.5 Fibre Libre .............................193 4.6 CC Ironies (sample from a series of 42) . 197 5.1 RIP!: A Remix Manifesto . 210 5.2 Copyleft (L) sticker . 215 5.3 Cover of 1985 copy-left issue #3 . 217 6.1 self3[cpu] .............................256 6.2 A maybe free and highly compressed thumbnail . 261 6.3 How deep is your source? . 264 7.1 Community Memory walkthrough . 299 8.1 RjDj promotion . 321 ix In memory of Christine Mansoux Acknowledgements Des bisoux, Des bisoux, Des bisoux, Des bisoux, Des bisoux, Des bisoux, Des bisoux, Des bisoux, Des bisoux, Des bisoux, Des bisoux, Des bisoux, Des bisoux, Des bisoux, Des bisoux. — Philippe Katerine, Des Bisoux Dušan Barok, Maja Bekan, Casper Bentinck, Paul Brossier, André Castro, Ana Isabel Carvalho, Ruth Catlow, Jeroen Chabot, Ben Chang, Constant, Florian Cramer, Yves Degoyon, Annet Dekker, Kevin Driscoll, Quinn DuPont, Julien Deswaef, Eightycolumn, Bridget Elmer, Andy Farnell, Laura Fernández, Matthew Fuller, Marcos García, Marc Garrett, Anne Goldenberg, Olga Goriunova, Eleanor Greenhalgh, Dave Griffiths, Christoph Haag, Jean-Philippe Halgand, Graham Harwood, Sachiko Hayashi, Claude Heiland-Allen, Benjamin Mako Hill, Don Hopkins, Kennisland, Danny van der Kleij, Eric Kluitenberg, Kunsthuis SYB, Anne Laforet, Ricardo Lafuente, Chun Lee, Alexandre Leray, Libre Graphics Research Unit, Geert Lovink, Alessandro Ludovico, Nicolas Malevé, Alexia Mansoux, Bernard Mansoux, Christine Mansoux, Mattin, Chris McCormick, Bonnie Mitchell, Modern Poland Foundation, Antoine Moreau, Michael Murtaugh, Rob Myers, Sally Jane Norman, Eleonora Oreggia, Nina Paley, Simon Pummel, Uschi Reiter, Raquel Rennó, Leslie Robbins, Jaron Rowan, Steve Rushton, Eric Schrijver, servus.at, Femke Snelting, Manfred Vänçi Stirnemann, Michael Stuz, Bruno Tarin, Renee Turner, Marloes de Valk, Florian de Valk-Mansoux, Noam de Valk-Mansoux, Mirko Vidovic, Stéphanie Villayphiou, Dave Young, Simon Yuill. Thank you all so much! xi This research received financial support from Willem de Kooning Academy and Research Centre Creating 010 of the Rotterdam University of Applied Sciences. The thesis was written using the following software and operating sys- tems: acme, Debian, evilwm, Firefox, FreeBSD, git, hunspell, jabref, meld, pandoc, recoll, WordNet, XƎLATEX, zathura, zsh. xii Introduction What Is Free Culture? According to the website freeculture.org, developed by a “non-partisan group of students and young people who are working to get their peers involved in the free culture movement,”1 the term free culture was origi- nally coined by American law professor Lawrence Lessig in his 2004 book Free Culture: How Big Media Uses Technology and the Law to Lock Down Culture and Control Creativity.2 Lessig’s book is an elaborate collection of anecdotes, that together form a critique of the increasing discrepancy between,
Recommended publications
  • Free C Ulture Forum

    Free C Ulture Forum

    Free C ulture Free C ulture Forum March 23, 2006 11:30 am - 2:30 pm 450 Dodge Hall, Northeastern University PROGRAM Welcome Dani Capalbo NU Student, Class of 2010 Edward A. Warro Dean of Libraries Introduction of Panelists Marcus Breen Communication Studies Panelists Lawrence Lessig Derek Slater Nelson Pavlosky Will Wakeling Bios Additional Resources Lawrence Lawrence Lessig is a Professor of Law at Stanford Law School and founder of the school's The World Wide Web holds many examples of projects whose intent is to facilitate Center for Internet and Society. Prior to joining the Stanford faculty, he was the Berkman the sharing of ideas, scholarly research and creative works. Professor of Law at Harvard Law School and a Professor at the University of Chicago. He clerked for Judge Richard Posner on the 7th Circuit Court of Appeals and Justice Antonin Scalia on the United States Supreme Court. Professor Lessig represented web site operator Creative Commons (http://creativecommons.org/) is a nonprofit organization that Eric Eldred in the ground-breaking case Eldred v. Ashcroft, a challenge to the 1998 Sonny offers flexible copyright licenses for original works; creators may choose from a range Bono Copyright Term Extension Act. He has won numerous awards, including the Free of protections and freedoms. Software Foundation's Freedom Award, and was named one of Scientific American's Top 50 Visionaries, for arguing "against interpretations of copyright that could stifle innovation and Creative Commons Education (http://creativecommons.org/education/) helps with online discourse online." Professor Lessig is the author of Free Culture (2004), The Future of Ideas publishing of educational materials.
  • Open but Not Free — Publishing in the 21St Century Martin Frank, Ph.D

    Open but Not Free — Publishing in the 21St Century Martin Frank, Ph.D

    PERSPECTIVE For the Sake of Inquiry and Knowledge Research culture is far from knowledge. The new technology Disclosure forms provided by the author are available with the full text of this arti- monolithic. Systems that underpin is the internet. The public good cle at NEJM.org. scholarly communication will mi- they make possible is the world- grate to open access by fits and wide electronic distribution of From MIT Libraries, Massachusetts Insti- starts as discipline-appropriate op- the peer-reviewed journal litera- tute of Technology, Cambridge. tions emerge. Meanwhile, experi- ture and completely free and un- 1. Budapest Open Access Initiative (http:// ments will be run, start-ups will restricted access to it by all scien- www.opensocietyfoundations.org/ flourish or perish, and new com- tists, scholars, teachers, students, openaccess/read). munication tools will emerge, and other curious minds.” 2. Bethesda Statement on Open Access Pub- lishing (http://dash.harvard.edu/bitstream/ because, as the Bethesda Open There is no doubt that the pub- handle/1/4725199/suber_bethesda Access Statement puts it, “an old lic interests vested in funding .htm?sequence=1). tradition and a new technology agencies, universities, libraries, 3. Berlin Declaration on Open Access to Knowledge in the Sciences and Humanities have converged to make possible and authors, together with the (http://www.zim.mpg.de/openaccess-berlin/ an unprecedented public good. power and reach of the Internet, berlin_declaration.pdf). The old tradition is the willingness have created a compelling and nec- 4. Suber P. Open access. Cambridge, MA: MIT Press, 2012. of scientists and scholars to pub- essary momentum for open ac- 5.
  • Red Hat Enterprise Linux 6 Developer Guide

    Red Hat Enterprise Linux 6 Developer Guide

    Red Hat Enterprise Linux 6 Developer Guide An introduction to application development tools in Red Hat Enterprise Linux 6 Dave Brolley William Cohen Roland Grunberg Aldy Hernandez Karsten Hopp Jakub Jelinek Developer Guide Jeff Johnston Benjamin Kosnik Aleksander Kurtakov Chris Moller Phil Muldoon Andrew Overholt Charley Wang Kent Sebastian Red Hat Enterprise Linux 6 Developer Guide An introduction to application development tools in Red Hat Enterprise Linux 6 Edition 0 Author Dave Brolley [email protected] Author William Cohen [email protected] Author Roland Grunberg [email protected] Author Aldy Hernandez [email protected] Author Karsten Hopp [email protected] Author Jakub Jelinek [email protected] Author Jeff Johnston [email protected] Author Benjamin Kosnik [email protected] Author Aleksander Kurtakov [email protected] Author Chris Moller [email protected] Author Phil Muldoon [email protected] Author Andrew Overholt [email protected] Author Charley Wang [email protected] Author Kent Sebastian [email protected] Editor Don Domingo [email protected] Editor Jacquelynn East [email protected] Copyright © 2010 Red Hat, Inc. and others. The text of and illustrations in this document are licensed by Red Hat under a Creative Commons Attribution–Share Alike 3.0 Unported license ("CC-BY-SA"). An explanation of CC-BY-SA is available at http://creativecommons.org/licenses/by-sa/3.0/. In accordance with CC-BY-SA, if you distribute this document or an adaptation of it, you must provide the URL for the original version. Red Hat, as the licensor of this document, waives the right to enforce, and agrees not to assert, Section 4d of CC-BY-SA to the fullest extent permitted by applicable law.
  • Katalog Elektronskih Knjiga

    Katalog Elektronskih Knjiga

    KATALOG ELEKTRONSKIH KNJIGA Br Autor Naziv Godina ISBN Str. Porijeklo izdavanja 1 Peter Kent Pay Per Click Search 2006 0-471-74594-3 130 Kupovina Engine Marketing for Dummies 2 Terry Large Access 1 2007 Internet Freeware 3 Kevin Smith Excel Lassons & Tutorials 2004 Internet Freeware 4 Terry Michael Photografy Tutorials 2006 Internet Freeware Janine Peterson Phil Pivnick 5 Jake Ludington Converting Vinyl LPs 2003 Internet Freeware to CD 6 Allen Wyatt Cleaning Windows XP 2004 0-7645-7311-X Poklon for Dummies 7 Peter Kent Sarch Engine Optimization 2006 0-4717-5441-2 Kupovina for Dummies 8 Terry Large Access 2 2007 Internet Freeware 9 Dirk Dupon How to write, create, 2005 Internet Freeware promote and sell E-books on the Internet 10 Chayden Bates eBook Marketing 2000 Internet Freeware Explained 11 Kevin Sinclair How To Choose A 1999 Internet Freeware Homebased Bussines 12 Bob McElwain 101 Newbie-Frendly Tips 2001 Internet Freeware 13 Windows Basics 2004 Poklon 14 Michael Abrash Zen of Graphic 2005 Poklon Programming, 2. izdanje 15 13 Hot Internet 2000 Internet Freeware Moneymaking Methods 16 K. Williams The Complete HTML 1998 Poklon Teacher 17 C. Darwin On the Origin of Species Internet Freeware 2/175 Br Autor Naziv Godina ISBN Str. Porijeklo izdavanja 18 C. Darwin The Variation of Animals Internet Freeware 19 Bruce Eckel Thinking in C++, Vol 1 2000 Internet Freeware 20 Bruce Eckel Thinking in C++, Vol 2 2000 Internet Freeware 21 James Parton Captains of Industry 1890 399 Internet Freeware 22 Bruno R. Preiss Data Structures and 1998 Internet
  • Embedded Linux Systems with the Yocto Project™

    Embedded Linux Systems with the Yocto Project™

    OPEN SOURCE SOFTWARE DEVELOPMENT SERIES Embedded Linux Systems with the Yocto Project" FREE SAMPLE CHAPTER SHARE WITH OTHERS �f, � � � � Embedded Linux Systems with the Yocto ProjectTM This page intentionally left blank Embedded Linux Systems with the Yocto ProjectTM Rudolf J. Streif Boston • Columbus • Indianapolis • New York • San Francisco • Amsterdam • Cape Town Dubai • London • Madrid • Milan • Munich • Paris • Montreal • Toronto • Delhi • Mexico City São Paulo • Sidney • Hong Kong • Seoul • Singapore • Taipei • Tokyo Many of the designations used by manufacturers and sellers to distinguish their products are claimed as trademarks. Where those designations appear in this book, and the publisher was aware of a trademark claim, the designations have been printed with initial capital letters or in all capitals. The author and publisher have taken care in the preparation of this book, but make no expressed or implied warranty of any kind and assume no responsibility for errors or omissions. No liability is assumed for incidental or consequential damages in connection with or arising out of the use of the information or programs contained herein. For information about buying this title in bulk quantities, or for special sales opportunities (which may include electronic versions; custom cover designs; and content particular to your business, training goals, marketing focus, or branding interests), please contact our corporate sales depart- ment at [email protected] or (800) 382-3419. For government sales inquiries, please contact [email protected]. For questions about sales outside the U.S., please contact [email protected]. Visit us on the Web: informit.com Cataloging-in-Publication Data is on file with the Library of Congress.
  • Full Circle Magazine #63 1 Full Circle Magazine Is Neither Affiliated With, Nor Endorsed By, Canonical Ltd

    Full Circle Magazine #63 1 Full Circle Magazine Is Neither Affiliated With, Nor Endorsed By, Canonical Ltd

    Full Circle THE INDEPENDENT MAGAZINE FOR THE UBUNTU LINUX COMMUNITY WEB DEV ISSUE #63 - July 2012 LAMP & WEB DEVELOPMENT ) m o c . r k c i l F ( e u S : o t o h P RREEDDUUCCEE **BBUUNNTTUU BBOOOOTT TTIIMMEE WWIITTHH TTHHIISS IINN DDEEPPTTHH AARRTTIICCLLEE.. WWIITTHH GGRRAAPPHHSS!! full circle magazine #63 1 Full Circle Magazine is neither affiliated with, nor endorsed by, Canonical Ltd. contents ^ HowTo Full Circle Opinions THE INDEPENDENT MAGAZINE FOR THE UBUNTU LINUX COMMUNITY My Story p.39 Python - Part 34 p.07 Columns LibreOffice - Part 15 p.11 Command & Conquer p.05 Audio Flux p.52 My Opinion p.41 Amateur Astronomy - Pt1 p.14 Ask The New Guy p.26 Ubuntu Games p.54 Review p.44 Letters p.46 GIMP - Beanstalk Pt3 p.17 Linux Labs p.29 Q&A p.49 Inkscape - Part 2 p.19 Ubuntu Women p.53 Closing Windows p.36 Web Dev - Pt1 p.22 Graphics Web Dev The articles contained in this magazine are released under the Creative Commons Attribution-Share Alike 3.0 Unported license. This means you can adapt, copy, distribute and transmit the articles but only under the following conditions: you must attribute the work to the original author in some way (at least a name, email or URL) and to this magazine by name ('Full Circle Magazine') and the URL www.fullcirclemagazine.org (but not attribute the article(s) in any way that suggests that they endorse you or your use of the work). If you alter, transform, or build upon this work, you must distribute the resulting work under the same, similar or a compatible license.
  • Who Pays for Music?

    Who Pays for Music?

    Who Pays For Music? The Honors Program Senior Capstone Project Meg Aman Professor Michael Roberto May 2015 Who Pays For Music Senior Capstone Project for Meg Aman TABLE OF CONTENTS ABSTRACT ....................................................................................................................... 3 LITERATURE REVIEW ................................................................................................ 4 INTRODUCTION ................................................................................................................. 4 MUSIC INDUSTRY BACKGROUND ...................................................................................... 6 THE PROBLEM .................................................................................................................. 8 THE MUSIC INDUSTRY ..................................................................................................... 9 THE CHANGING MUSIC MARKET .................................................................................... 10 HOW CAN MUSIC BE FREE? ........................................................................................... 11 MORE OR LESS MUSIC? .................................................................................................. 12 THE IMPORTANCE OF SAMPLING ..................................................................................... 14 THE NETWORK EFFECTS ................................................................................................. 16 WHY STREAMING AND DIGITAL MUSIC STORES ............................................................
  • Mac OS X Server Administrator's Guide

    Mac OS X Server Administrator's Guide

    034-9285.S4AdminPDF 6/27/02 2:07 PM Page 1 Mac OS X Server Administrator’s Guide K Apple Computer, Inc. © 2002 Apple Computer, Inc. All rights reserved. Under the copyright laws, this publication may not be copied, in whole or in part, without the written consent of Apple. The Apple logo is a trademark of Apple Computer, Inc., registered in the U.S. and other countries. Use of the “keyboard” Apple logo (Option-Shift-K) for commercial purposes without the prior written consent of Apple may constitute trademark infringement and unfair competition in violation of federal and state laws. Apple, the Apple logo, AppleScript, AppleShare, AppleTalk, ColorSync, FireWire, Keychain, Mac, Macintosh, Power Macintosh, QuickTime, Sherlock, and WebObjects are trademarks of Apple Computer, Inc., registered in the U.S. and other countries. AirPort, Extensions Manager, Finder, iMac, and Power Mac are trademarks of Apple Computer, Inc. Adobe and PostScript are trademarks of Adobe Systems Incorporated. Java and all Java-based trademarks and logos are trademarks or registered trademarks of Sun Microsystems, Inc. in the U.S. and other countries. Netscape Navigator is a trademark of Netscape Communications Corporation. RealAudio is a trademark of Progressive Networks, Inc. © 1995–2001 The Apache Group. All rights reserved. UNIX is a registered trademark in the United States and other countries, licensed exclusively through X/Open Company, Ltd. 062-9285/7-26-02 LL9285.Book Page 3 Tuesday, June 25, 2002 3:59 PM Contents Preface How to Use This Guide 39 What’s Included
  • Ethereal Developer's Guide Draft 0.0.2 (15684) for Ethereal 0.10.11

    Ethereal Developer's Guide Draft 0.0.2 (15684) for Ethereal 0.10.11

    Ethereal Developer's Guide Draft 0.0.2 (15684) for Ethereal 0.10.11 Ulf Lamping, Ethereal Developer's Guide: Draft 0.0.2 (15684) for Ethere- al 0.10.11 by Ulf Lamping Copyright © 2004-2005 Ulf Lamping Permission is granted to copy, distribute and/or modify this document under the terms of the GNU General Public License, Version 2 or any later version published by the Free Software Foundation. All logos and trademarks in this document are property of their respective owner. Table of Contents Preface .............................................................................................................................. vii 1. Foreword ............................................................................................................... vii 2. Who should read this document? ............................................................................... viii 3. Acknowledgements ................................................................................................... ix 4. About this document .................................................................................................. x 5. Where to get the latest copy of this document? ............................................................... xi 6. Providing feedback about this document ...................................................................... xii I. Ethereal Build Environment ................................................................................................14 1. Introduction .............................................................................................................15
  • Smashing the Stack Protector for Fun and Profit

    Smashing the Stack Protector for Fun and Profit

    Smashing the Stack Protector for Fun and Profit Bruno Bierbaumer1 ( ), Julian Kirsch1, Thomas Kittel1, Aurélien Francillon2, and Apostolis Zarras3 1 Technical University of Munich, Munich, Germany [email protected] 2 EURECOM, Sophia Antipolis, France 3 Maastricht University, Maastricht, Netherlands Abstract. Software exploitation has been proven to be a lucrative busi- ness for cybercriminals. Unfortunately, protecting software against attacks is a long-lasting endeavor that is still under active research. However, certain software-hardening schemes are already incorporated into current compilers and are actively used to make software exploitation a compli- cated procedure for the adversaries. Stack canaries are such a protection mechanism. Stack canaries aim to prevent control flow hijack by detecting corruption of a specific value on the program’s stack. Careful design and implementation of this conceptually straightforward mechanism is crucial to defeat stack-based control flow detours. In this paper, we examine 17 different stack canary implementations across multiple versions of the most popular Operating Systems running on various architectures. We systematically compare critical implementation details and introduce one new generic attack vector which allows bypassing stack canaries on current Linux systems running up-to-date multi-threaded software altogether. We release an open-source framework (CookieCrumbler) that identifies the characteristics of stack canaries on any platform it is compiled on and we propose mitigation techniques against stack-based attacks. Although stack canaries may appear obsolete, we show that when they are used correctly, they can prevent intrusions which even the more sophisticated solutions may potentially fail to block. 1 Introduction Buffer overflow vulnerabilities are as old as the Internet itself.
  • Rmox: a Raw-Metal Occam Experiment

    Rmox: a Raw-Metal Occam Experiment

    Communicating Process Architectures – 2003 269 Jan F. Broenink and Gerald H. Hilderink (Eds.) IOS Press, 2003 RMoX: A Raw-Metal occam Experiment Fred BARNES†, Christian JACOBSEN† and Brian VINTER‡ † Computing Laboratory, University of Kent, Canterbury, Kent, CT2 7NF, England. {frmb2,clj3}@kent.ac.uk ‡ Department of Mathematics and Computer Science, University of Southern Denmark, Odense, Denmark. [email protected] Abstract. Operating-systems are the core software component of many modern com- puter systems, ranging from small specialised embedded systems through to large distributed operating-systems. This paper presents RMoX: a highly concurrent CSP- based operating-system written in occam. The motivation for this stems from the overwhelming need for reliable, secure and scalable operating-systems. The major- ity of operating-systems are written in C, a language that easily offers the level of flexibility required (for example, interfacing with assembly routines). C compilers, however, provide little or no mechanism to guard against race-hazard and aliasing er- rors, that can lead to catastrophic run-time failure (as well as to more subtle errors, such as security loop-holes). The RMoX operating-system presents a novel approach to operating-system design (although this is not the first CSP-based operating-system). Concurrency is utilised at all levels, resulting in a system design that is well defined, easily understood and scalable. The implementation, using the KRoC extended oc- cam, provides guarantees of freedom from race-hazard and aliasing errors, and makes extensive use of the recently added support for dynamic process creation and channel mobility. Whilst targeted at mainstream computing, the ideas and methods presented are equally applicable for small-scale embedded systems — where advantage can be made of the lightweight nature of RMoX (providing fast interrupt responses, for ex- ample).
  • Linux at 25 PETERHISTORY H

    Linux at 25 PETERHISTORY H

    Linux at 25 PETERHISTORY H. SALUS Peter H. Salus is the author of A n June 1991, at the USENIX conference in Nashville, BSD NET-2 was Quarter Century of UNIX (1994), announced. Two months later, on August 25, Linus Torvalds announced Casting the Net (1995), and The his new operating system on comp.os.minix. Today, Android, Google’s Daemon, the Gnu and the Penguin I (2008). [email protected] version of Linux, is used on over two billion smartphones and other appli- ances. In this article, I provide some history about the early years of Linux. Linus was born into the Swedish minority of Finland (about 5% of the five million Finns). He was a “math guy” throughout his schooling. Early on, he “inherited” a Commodore VIC- 20 (released in June 1980) from his grandfather; in 1987 he spent his savings on a Sinclair QL (released in January 1984, the “Quantum Leap,” with a Motorola 68008 running at 7.5 MHz and 128 kB of RAM, was intended for small businesses and the serious hobbyist). It ran Q-DOS, and it was what got Linus involved: One of the things I hated about the QL was that it had a read-only operating system. You couldn’t change things ... I bought a new assembler ... and an editor.... Both ... worked fine, but they were on the microdrives and couldn’t be put on the EEPROM. So I wrote my own editor and assembler and used them for all my programming. Both were written in assembly language, which is incredibly stupid by today’s standards.