Often the solution given to newbies in response to their computer programs is to format c:. However funny the theoretical outcome of this action may be, this suggestion is often made without the suggester really knowing what will happen. This afternoon I decided to look at format c: and it’s cousin rm -Rf / and found some pretty interesting results.
heh, nice article
Although in windows I would have thought it would never let you wipe your HD if you were a non-admin user.
If you pipe the windows del command to the nul device, it will complete in about the same time as linux – It’s the reporting of each file deleted and scrolling the screen upwards that is slowing the system down.
EI:
del /F /S /Q * >nul
The results for Win32 weren’t too surprising, although I did find it interesting how well windows handled being fubared – and even more amusing how badly linux reacted. That’s the thing about linux though, you have to have the Root password to truly screw up the system bad – The problem is on a home machine most users HAVE the root password. (at least you can restrict that in an office environment)
It’s:
rm –rf /
Yes, the caps matter. Look at the screenshot … there’s nothing recursive about it.
You could also try the classic “mv * /dev/null” – That one worked wonders under Xenix back in the eighties.
Completely pointless, but a fun read. I particularly like the fact that he marked windows up for shutting down gracefully after he’d completely borked it. What’s he worried about? Data loss? That was the best bit.
This certainly was a cut above the Ballmer advertorial we had to endure earlier today. Far more informative.
Matt
A few years back, a friend was was about to reinstall his windows box, but instead of just killing it, he deleted one file in the winnt/* folders each time he shut down (once+ a day). It lasted a good couple of months before it died.
>Linux, however, lost in style points as it simply gave up, spewing a pink mess across the screen.
LOL, I think http://hohle.net/images/linux8.png is a peace of art and remings me all those science-fiction movies about aliens
Fun reading, nice article, congratulations!
rm -rf not rm -RF. Also, by default, in Ubuntu, the root AND user passwords are identical…actually the root account is disabled. The first user set up has super user privaledges executed through the sudo command.
Is there anyone else here with enough time on their hands to actually spend the time installing two operating systems just to destroy them???? Just wondering.
Fun article, especially the conclusion.
I think it’s shows nicely that as root you are very much in control of linux, it will just execute your commands to it’s best. (even a self destructing one)
Windows seems to be a bit more protective about what users do with the system, well ‘seems’, because on one hand it can be a pain to get rid of some file or process windows thinks is a critical system one (perhaps mainly because of it’s obscurity)…and on the other it leaves some doors wide open.
This left a lot of useful applications in the file tree. Linux, however, loads programs into memory and doesn’t worry about locking them, so nearly everything was removed, even programs that were currently running when I removed them.
Both OSs memory map the executables, only Windows locks it, and Linux doesn’t. What happens is that the delete request get’s processed, but the actual delete isn’t carried out until the program is shut down. The Linux way is better, mainly because you can upgrade and remove programs without having to bother to make sure that they are shut down.
@Anonymous (IP: —.cg.shawcable.net)
rm -rf not rm -RF Wouldn’t that be more likely this:
rm -Rf?
@ Rayiner Hashem:
but the actual delete isn’t carried out until the program is shut down.
I first stopped iptables from being processed during start up sequence with “update-rc.d -f iptables” then i deleted ip-tables whereever it existed in the filesystem.However
on Debian ls -al wouldn’t reveal any sign of ip-tables in
the specific directories.Yet most of the ports ALL in and ALL out execpt 4 still are closed.If it isn’t realy deleted
untill the app/daemon itself isn’t deleted, where did it go do you think? Or did you refer to it being deleted from hardisk and only present in memory for the time the app/deamon is running?
rm -rf etc
and
rm -Rf etc
are both valid.
The f can be only lower case.
IMHO these commands are totally different, format is for formatting your filesystem. rm is for deleting files.
You should use format and mkfs.ext3 for example
I think that “format c:”‘s Linux version should be “mkfs.X /dev/hdYn” (Where X is reiserfs, xfs, jfs, ext2 or ext3; Y is a, b, c, …; n is 1, 2, 3, …) and not “rm -rf /”
Check the manual page:
-r Equivalent to -R
And the comparison is indeed weird. There once was a discussion about the rm -rf command on the FreeBSD mailinglist and DragonFly added a flag to rm to prevent mistakes with rm IIRC.
the author himself admits what you are saying, but he did so because most people makes those jokes about rm -rf and format c: – it’s about jokes! 🙂
a very amusing article, well-written and actually informative, too. i don’t like the file locking in windows, quess what happens when you try to delete an virus infected program?
and maybe windows was slower because windows has a system files protection service, which monitors deletion attempts to system files and tries to recover them when something happens… that’s why he got messages about “being replaced by an older version” (maybe)
fdisk /dev/hda
then press “d”
🙂
ever tried this?
low level format made easy
byez
chmod -R 0 /
in root mode is funny
or rm -rf /var is a nice variant.
All of this is fun because you _beleive_ you could repare it.
dd if=/dev/zero of=/dev/kmem should be funny also…
You, of course, can repair it.
By booting from CD-ROM, mounting partitions and changing thir perms.
> Is there anyone else here with enough time on their
> hands to actually spend the time installing two
> operating systems just to destroy them???? Just wondering.
A few years back, I routinely installed and destroyed various operating systems (Linux, DOS, Windows 3.x, Windows 9x, and Oberon System 3). I learned a lot about paring down each of the OSes to the bare minimum needed to run my programs 🙂
It’s certainly more interesting than your comment.
Thank you. I sincerely take that as a compliment.
Hey chill out guys, this was just a fun article, and probably a lot of fun to do. What’s more pointless; destroying two working OS installations, or installing Linux distribution no. 27563, and writing a review about that? Ohh it has Mozilla
.
Fun article, nice work.
Ubuntu’s default file permissions and user accounts are much more mature then Windows XPs, […]
In fact, the file permissions themselves are almost certainly just as restrictive. The difference is you are comparing (as you note straight after) an administrator user to a regular one.
Try running your “del *” as a regular user, to get an apples to apples comparison on the file permissions and draw a valid conclusion.
What the auteur was referring to is:Windows XP (unless specified being Professional version) only asks you to pick a username and that’s about it, to give the login icons a name.Other than that the users are password less admin accounts with terminal services enabled by deafault as well
as restrict anonymous set to *0*.Which means you could very easy enumerate the user accounts,and then getting access with C:
et use \victim.orgipc$ password(which is quite easy in this case) /u:victim.comusername
Try running your “del *” as a regular user, to get an apples to apples comparison on the file permissions and draw a valid conclusion.
victim.comusername
slashbackward is stripped from the stream 🙂
victom.com””username
What the auteur was referring to is:Windows XP (unless specified being Professional version) only asks you to pick a username and that’s about it
sorry for the confusion about this issue, my install was Windows XP Pro, I was asked for a username (and the usernames of other people who would be using the system, which i didn’t enter), and never asked for a password, nor what an administrator password, nor what privileges my account should have.
it also seems that there were more efficient windows commands i could have used, and that printing files probably slowed the system down more then NTFS (though writing to standard out is generally slower in Windows then Linux).
i did the del /F /S /Q on a school computer once it was funny to see the comp go down hehehe the whole comp was gone for about 3 weeks until they could afford a techie i was like hahaha
wish we had linux running at school…
If it isn’t realy deleted untill the app/daemon itself isn’t deleted, where did it go do you think?
It stays on harddisk – disk blocks taken by the file are still not free, though there are no references to the file from the file system tree, so you can’t see it anywhere (1). The disk space will be reclaimed when last process that references the file closes it – in case of executable, it will happen when the process exits.
(1) It’s not exactly true – the file can still be reached via /proc subdirectory corresponding to the running process.
> I first stopped iptables from being processed during start up sequence with “update-rc.d -f iptables” then i deleted ip-tables whereever it existed in the filesystem.However
on Debian ls -al wouldn’t reveal any sign of ip-tables in
the specific directories.Yet most of the ports ALL in and ALL out execpt 4 still are closed.If it isn’t realy deleted
untill the app/daemon itself isn’t deleted, where did it go do you think? Or did you refer to it being deleted from hardisk and only present in memory for the time the app/deamon is running?
You probably really did delete iptables. However, iptables is just the user-space interface to iptables in the kernel; the actual rules will stay there until you reboot [or re-install iptables and delete them].
Iptables isn’t a daemon. However, daemons do keep running even if you delete their binary; binaries aren’t _exactly_ deleted until they exit. They’re unlinked from their old place on the filesystem, but still referenced through /proc as long as at least one process is using them [this is true for other files too].
This should have been tried on Win 98 as this is still the predominant Win OS out there. All you have to do is drop into DOS and format c: will completely wipe your hard disk (though you could recover via Norton’s Utilities). Since Win 98 suffered from rapid aging (some sort of accelerated rate of bit rot), I usually had to do this every 6 months, wipe clean, install clean.
Pretty dumb article… especially considering that any experienced user should be able to predict EXACTLY what will happen.
the quickest way to kill a windows box
c:debug
-w 100 0 0 0 1000
-quit
then reboot
Happy happy
not to get defensive, but you would have expected the pink screen of death and/or that windows would have few problems, despite most of its files being removed? or windows prompting you that files had been changed (when really they were deleted), you would have predicted EXACTLY that?
if that’s the case, what are you doing in the dorms? with that kind of insight you could either have a) a high paying tech job or b) a spot on the psychic friend’s network!
that would be
c:debug
-w 0 0 0 1000
-quit
reboot
POSIX OPTIONS
[snip]
-r or -R
Recursively remove directory trees.
[snip]
The man has spoken.
Now if you had booted from a floppy and tried Format c:
I like the initiative of the author.You could argue about
the way he has written the article or planned/executed the
test itself but nevertheless the initiative was fun.
You could ask yourself what’s the point of overclocking
a Pentium 4 2.4 so it runs at 4.2 ghz and finally fries like
the people from [H]ard|ocp did in 2002.Well i’m just curious to know what’s the ultimate boundary is and haven’t the means in terms of hardware etc to perform such a test.I’m glad ther’re are sites that go to the outer limits in order
to present the reader the outcome , whatever it may be.
What’s the meaning? Because its there!
su
rm -rf /proc
reboot
Also, by default, in Ubuntu, the root AND user passwords are identical…actually the root account is disabled.
Oh, is it now? Just sudo passwd root and then su. Doesn’t look disabled to me.
>with that kind of insight you could either have a) a high paying tech job
Yep, seems like a good question for an interview.
In BSD you can prevent this by setting ‘system immutable flag’ on system files and going to higher secure level. The downside is that you will need to reboot or go down to single user mode if you want to upgrade|remove one of these files.
If it isn’t realy deleted untill the app/daemon itself isn’t deleted, where did it go do you think?
It stays on harddisk – disk blocks taken by the file are still not free…
That’s right, each open file, including executables and shared libraries which are in use, have in-core inodes with a reference count which is incremented by one for each filesystem link and once for each process which references them. Whenever a process exits, the reference counts for the executable and library files are decremented. Whenever a count reaches zero, the file is actually deleted from disk.
Processes can arrange to have their temporary files “automatically” deleted, by creating them with open() and then deleting the filesystem link with unlink(). The file remains on disk and may be read & written as usual until the file descriptor is closed. The close() decrements the reference count to zero and file management then deletes the file from disk.
Yes…you…have to do sudo passwd root before you can do su. That, to me, equals ‘disabled’, no?
I think it would be easier to actually run debug and then scramble the HDD and invoking certain IRQ# and passing parameteres to the good old DS, ES, AX registers.. !!!
How would both OS’s cope with brute force coding of this nature eh ??
I think it would be easier to actually run debug and then scramble the HDD and invoking certain IRQ# and passing parameteres to the good old DS, ES, AX registers.. !!!
How would both OS’s cope with brute force coding of this nature eh ??
deltree /y c: is nice.
Is there anyone else here with enough time on their hands to actually spend the time installing two operating systems just to destroy them???? Just wondering.
i’ve tried it with Toms Root Boot disk. just don’t rm -rf a mounted filesystem on the hard drive. i could still “cd” but i couldn’t “ls”.
What’s the root password after I install? How do I use the root account?
The root account is disabled when you first install Ubuntu. The first user created during the installation has administrative rights on the system, and can run programs as root with sudo, using only their normal user password. For example: sudo apt-get update.
All uses of sudo will require the user’s password.
Note that the root account does not have a password at all after the initial install. You can set the root password by typing sudo passwd root.
If you need a shell with root privileges, run sudo -s.
The benefits of this are mentioned in the wiki
————————————————————
There. straight from Ubuntu’s webpage. I love making stupid people feel even more stupid. Also I saw a report on some webpage that states that XP Home and Pro together (along with Media Center Edition too if you want) have a greater market share than Win98.
deltree doesn’t seem to exist in Windows XP any more. Not the one at home or this machine I have at work, at least. Weird, it was one DOS command I liked…
> If it isn’t realy deleted untill the app/daemon itself isn’t
> deleted, where did it go do you think?
It didn’t go anywhere, the file was still there on disk. However, it wasn’t “linked” anymore to the directory it originally belonged, so you couldn’t see it, and another file with the same name could be created without problems.
In unix you have a split between a file and its name. The file is represented by the “inode”, the name is just an handle to that inode. The name can go away, and the inode can still live on, until the file is closed, at which point it gets completely deleted.
The author was somewhat impressed that Windows didn’t die “as much” as Linux did. Well, that’s easy. A lot of shit is built right into the kernel in Windows.
You don’t have to do much reading about operating systems to understand how fundamentally stupid this is (most of the time). There are situations where moving kernel and userspace closer together has performance benefits (like graphics), but, most of the time, you’d prefer stuff like ls and rm to be in userspace, so that developers can change it, fix bugs, etc. without a kernel recompile.
> but, most of the time, you’d prefer stuff like ls and rm
> to be in userspace, so that developers can change it, fix
> bugs, etc. without a kernel recompile.
Unless of course you are dealing with commands as moronically simple as ls or rm, (or dir/del) which operating systems have done since their inception in memory, and one would hope is so simple there would be no chance for bugs or need for changes.
agree. And those commands aren’t built in to ‘the kernel’, anyway, they’re built into the shell – cmd.exe. Just like bash has builtins.
There. straight from Ubuntu’s webpage. I love making stupid people feel even more stupid.
Unfortunately you lack the intelligence to follow a thread. The original quip was that root is disabled and can’t be used — not that it is disabled and shouldn’t be used. Moron.
has anybody mirrored this article?
Hmm, the author must have tried to make a followup article, and accidentally done the new tests on the wrong box…
The author was somewhat impressed that Windows didn’t die “as much” as Linux did. Well, that’s easy. A lot of shit is built right into the kernel in Windows.
For example ?
You don’t have to do much reading about operating systems to understand how fundamentally stupid this is (most of the time). There are situations where moving kernel and userspace closer together has performance benefits (like graphics), but, most of the time, you’d prefer stuff like ls and rm to be in userspace, so that developers can change it, fix bugs, etc. without a kernel recompile.
Please don’t tell me you’re not seriously suggesting things like ‘del’ are in Windows’ kernel ?
There’s this old trick not many people are aware about. It works on DOS and Win9x and such –
echo y|format c:
I knew one guy employed this trick in school, putting that line in autoexec.bat on some 15 computers in his class literally driving the teacher mad, because she wouldn’t understand what was going on… And it’s such a simple thing too.
I remember once showing somebody at work the basics of DOS: CD, DIR, DEL, and COPY. The next day she came into work and said she had some problems with her computer. She had looked at all the directories and saw the entries for . and … Not knowing what they were, she attempted to delete them. Typing “del .” in dos removes all the files in the directory. She did this with every directory on her disk, including the root. When she rebooted the computer, she got COMMAND.COM not found. Poor thing.
I prefer to use rmdir /s to remove directories and files. It seems to go faster and complain less than del.
oh, wow, you’re such a l33t h4x0r. You (I’m sorry, your ‘friend’) managed to wipe a school PC running DOS or Win9x. I am in awe of your amazing skillz. I’m sure no other school student has ever managed such sophisticated hacking!
I mean, come on, that’s about as smart as wiping the blackboard before the teacher comes into the room. And about as worthy of respect.
yikes, looks like I got out of the cranky side of the bed this morning.
The author was somewhat impressed that Windows didn’t die “as much” as Linux did. Well, that’s easy. A lot of shit is built right into the kernel in Windows.
For example ?
A large part of the windowing system. The stuff that the X server does on linux (which it couldn’t do after the rm as it runs as a separate process) is mostly built into the windows kernel, which is why it still worked without any files. This has some advantages in that you don’t have to use a tcp loopback connection on your desktop box, but it means there’s a lot more code running in kernel space and a gdi bug can easily be a root exploit. There’s a good reason many linux distributions tell you not to run X as root.
A large part of the windowing system.
No, it isn’t.
The stuff that the X server does on linux (which it couldn’t do after the rm as it runs as a separate process) is mostly built into the windows kernel, which is why it still worked without any files.
Actually it probably worked because a) the relevant files hadn’t been deleted (since they were locked) and b) they were in memory.
This has some advantages in that you don’t have to use a tcp loopback connection on your desktop box, but it means there’s a lot more code running in kernel space and a gdi bug can easily be a root exploit.
“In kernel space” and “in the kernel” are very different things.
There’s a good reason many linux distributions tell you not to run X as root.
X itself runs SUID root AFAIK (certainly on the typical Linux box it does). Not to mention DRI.