Why NetHack?

There's a lot of software out there to explore, so a good first question is why would I pick NetHack as a place to focus my security research? A few reasons:
  • It's open source, making research easier.
  • I was already somewhat familiar with the code as I was the CS department administrator for NetHack during my time at Brown.
  • It's hosted on public servers like nethack.alt.org and hardfought.org, meaning it's theoretically a target for real attackers.
  • It had a history of publicly disclosed security issues, which suggested that it was possibly a good project to research and also that, if I found anything, the developers would be supportive.
  • It is written in C (K&R even!), and was written predominantly at a time when common security practices (like strlcpy or snprintf) were not really top-of-mind for programmers.
  • Many researchers are focused on software that offers bug bounties. We all have to eat, after all. Open source games like NetHack don't offer bounties, nor could they, really, given their development models. As a result, they were basically getting ignored by the security community.
  • It's one of my favorite games! I enjoy playing it and it's always more fun to work on something you care about.
One more thought on the public servers: as much as I enjoy the game stand-alone, it's significantly better played online. Sure, it's a single person game, but the servers add game logging, global metrics, tournament play, shared bones files, cloud hosting of your saved games, and more. It would be a real loss to the community if these servers ever had to come down because they were pwned by the North Koreans to mine bitcoin, or whatever. If I could do something to make these servers safer, it seemed worth doing.

Comments

Popular posts from this blog

Dungeon Crawl Stone Soup

NetHack 3.6.6, or, How to Glitch NetHack

Fuzzing NetHack