top | item 40888940

(no title)

>So he cheated, he got Linus to run BK commands at his house and he snooped the network. He had no legal access to those bytes. Without those snoops, no chance he reverse engineered it.

Snooping the network is a common and entirely legal means of reverse engineering.

>There is absolutely zero chance he figured out the pull protocol via telnet. I will happily pay $10,000 to anyone could do that with zero access to BK. Can't be done. If I'm wrong, I'll pay up. But I'll have a lot of questions that can't be answered.

I just tried this myself. Here's the telnet session:

https://paste.sr.ht/~sircmpwn/0b3f1f1d77896a96b0777471785cdc...

I confess that I had to look up the name of the BK_REMOTE_PROTOCOL environment variable after a few false starts to put the pieces together, but it would be relatively easy to guess.

I also looked over Tridge's original sourcepuller code and didn't really see anything that you couldn't infer from this telnet session about how bk works.

So, do I just send you my bank account number or?

discuss

No comments yet.