Recently, I made some comments on the unfortunate change in popular usage of the word "hacker", from a positive term for a skilled programmer, to a negative term for a skilled programmer, to a negative term for someone who can figure out Sarah Palin's zip code.
I like to think of myself as a hacker in the original, positive sense, and I have a story about what that means.
Ten years ago, I upgraded my OS to Windows 98. Unfortunately, during the upgrade my hard drive, which had been compressed using DriveSpace, one of the worst pieces of software ever, was corrupted.
Now, I'll grant I'm a pack rat, but there wasn't much of sentimental value on there. There was, however, the most recent installment of KateStory, Book IX. It turned out Steve had a backup, but it was incomplete.
That gnawed at me for years. I kept the hard drive and never wiped it, and every now and again I'd hook it up and see if I could find a way to recover the data. I could never get it to mount. My instinct was that I shouldn't be working with the physical drive anyway, that I should copy the data from it to an image so I could make additional copies and freely mess with them without worrying about losing the original data. But none of the disk-imaging tools I could find would image a disk that wouldn't mount.
By the summer of 2004, I was familiar enough with Linux to know that dd was the tool I wanted, that it would make a bit-for-bit copy of the data on a device regardless of whether it could make any sense of it. I copied the drive to a file and went to take a look at what I could do with it.
File recovery software pulled up some images and some old E-Mails, but not the ones I wanted. In fact, searching the raw hex, I found the text "Subject: Re: KateStory IX: Third Anni" followed by gibberish; the data literally went from plain text to incomprehensible compressed bytes in the middle of the subject line I was looking for. I abandoned the project for a few months.
As the fall rolled around and the KateStory's tenth anniversary approached, I got to thinking about it again. I looked up information on how to recover DriveSpace volumes, and happened upon Dean Trower's DriveSpace 3 Disaster Recovery Kit. Since it required DriveSpace to run, and since DriveSpace won't run on modern versions of Windows, I set up VMWare on my computer and installed Windows 98 on it. My memory of what I tried then is fuzzy; I'm not sure what I did wrong but I still didn't recover the data.
It seems like I tried a couple more things over the years that followed. I think there was a period where I thought maybe the compression I couldn't get past wasn't DriveSpace's but Netscape's. (In retrospect, I believe Netscape Mail's "compress folders" option didn't actually compress text, it just deleted the text of E-Mails that had been deleted from the mailbox but not removed from the mail files.) I definitely remember at least one occasion where I dumped the entire 545MB hard drive image into a Thunderbird folder -- now, whether or not I qualify as a hacker, I think we can all agree that qualifies as a hack. When it didn't work under Thunderbird, I found old copies of Netscape 3 and 4 and tried it there; that didn't work either.
About a month ago, with KateStory XVII beginning, the anniversary approaching once more, and my going back through Books XIII-XVI to put them on this site, I got the urge to take another crack at IX. I did what I'd done before: set up VMWare, set up Windows 98, and got a copy of the Disaster Recovery Kit.
Without getting into too much detail, a DriveSpace "compressed drive" is actually a single file stored on a physical hard drive, then mounted as a virtual drive. As I said, I couldn't mount the drive. The docs for Trower's program mentioned creating an empty DriveSpace volume and looking at its file header; I got the idea from there to look at the header bytes on a fresh file and see where I could find them in my disk image. I found them -- the beginning of the compressed file -- and deleted everything prior to them on the image. (It bears noting that at this point I had numerous backups of the image and wasn't hacking up my only copy.)
Following the advice in Trower's Readme, I started with the simplest solution: copy the compressed file to a host drive and see if Windows mounts it. He cautioned that it might not work and Windows's attempt to "fix" the corrupted data could hose it; he was right. I was thrilled to see the filenames in the root directory show up, but I couldn't access the data in any of them.
On to step two: I tried using Trower's decmprss program. I tried it several times and discovered that it kept outputting empty files; they were the same size as my image but made up entirely of zeroes.
There was a line in the Readme: "DCMPRESS ought to work under Windows, but nevertheless I recommend running it in MS-DOS mode." All right. I did a Shut Down/Restart in MS-DOS Mode, but Windows 98 and VMWare weren't quite playing nice; any time I did that DOS would run for a minute or two and then freeze up and require a simulated hard reset.
So I went back to Windows, and checked to see why decmprss was outputting empty files. I started by trying it on a new compressed image that I knew didn't contain any corrupt data. I got the same result, proving that it wasn't just a problem reading my corrupt image.
Trower's toolkit included the source code, so I jumped into it to see if I could find out what was wrong. For the first time in years I found myself coding in Pascal -- coincidentally the same language Dr. Wily teaches at Prescott High School in KateStory IX. I didn't do anything particularly clever, just added some traces to see where the problem was occurring. I confirmed that the problem lay not in the Pascal portion of the code, but in the x86 assembler.
All right, I thought, my guess is that Windows 98 doesn't like the direct system calls that the assembler portion of the code is making. So that takes us back to trying to run it under DOS -- and if that doesn't work, the only thing left to try is to learn x86 assembler and pore through the DriveSpace API.
Booting to DOS from Win98 shutdown still didn't work, but it turned out that picking it from the boot menu worked just fine -- once I went into OSX's keyboard settings and disabled F8 for pulling up Spaces so I could use it in VMWare.
That worked, and generated a file that contained KateStory chapters that, I could confirm, were not in the copy I had.
That would be where the rest of Trower's toolkit came in -- reassembling files that had been partially compressed -- but I was confident that KateStory IX had been entirely compressed. So now it was time for my Thunderbird hack.
So I copied the entire, 1GB+ uncompressed image into Thunderbird's mail folders. Success -- Thunderbird correctly parsed out all the files that were E-Mails. I sorted them out, exported the ones that had "KateStory IX" in the sub line, and copied them out of the Win98 VM into my "real" system. From there I went through them all, cut out the stuff that was redundant or off-topic (which was most of it), and lo: today, this fourteenth anniversary of the original KateStory and eleventh anniversary of this installment, I have KateStory IX in its entirety.
So, back to my initial point: what does "hacker" mean to me? Well, eleven years ago my friends and I wrote a goofy story. Ten years ago, I lost it. And over the intervening years, I used my skill and my determination to get it back. (A friend once told me that when I want something I go after it like a pit bull, I don't let go. Comparisons to pit bulls may be the only thing Sarah Palin and I have in common.) I'm not some scary terrorist stealing your credit card or breaking into the Pentagon, I'm a guy who used his skill to recover a lost piece of his childhood.
Of course, I'm sure there are those who will say this doesn't make me a hacker. And maybe they're right. In the final analysis, all I did was use the dd command, set up a virtual machine, install Windows 98, do some very cursory hex editing, boot to DOS, use someone else's recovery tools, and copy a giant file into Thunderbird's mail folders. When all's said and done, I only wrote a few lines of code, and all they wound up doing was confirming what the Readme had already told me. So maybe that's not enough to qualify me as a hacker.
But you know what? If that's not enough to qualify as hacking, then plugging Sarah Palin's zip code into a password hint field sure as shit isn't.