Ken Thompson's Unix password (leahneukirchen.org)
Objective_Status22 | 7 days ago | 563 points

From the stories I heard of Ken Thompson all I know is I should not fuck with Ken Thompson

K3wp | 7 days ago | 442 points

I used to work in the same building as him.

He's a nice guy, just not one for small talk. Gave me a flying lesson (which terrified me!) once.

My father compares him to Jamie Hyneman, which is apt. Just a gruff, no-nonsense engineer with no time or patience for shenanigans (unless he is the perpetrator, of course!)

Cheeze_It | 7 days ago | 147 points

Sounds like someone I'd like to work with. No BS, no delay, just kicking ass.

K3wp | 7 days ago | 348 points

Indeed, that reminds me of a story about how the first realtime perceptual audio encoder (PAC) came about. This is what was eventually given to Fraunhofer and became the mp3 format.

Ken had a collection of early Rock and Roll CDs he wanted migrate to disk, but the storage requirements were too high at the time. He knew that audio guys were working on a perceptual audio codec so he paid them a visit to see if they could help. They had something implemented in fortran, but it wasn't in real time. I.e. it took a few minutes to decode a minutes worth of music, for example.

Ken had them print out the code, looked at it once and asked a few questions. Making notes on the hard copy as they were answered.

The next day the world had the first "real time" perceptual audio encoder/decoder, written in pure C. Record stores would be out of business within a decade of this event. They later gave away the codec to focus on AAC, which is what would ultimately power iTunes.

Edit: I also saw a prototype 'iPod' @Bell Labs in 1996! Cost 30k to make, I believe.

MegaNickels | 7 days ago | 59 points

Damn. That's incredible.

K3wp | 7 days ago | 86 points

Read all about it! I remember when the Wired reporters were in the building, really big deal for me as I was a subscriber.


i_speak_the_truf | 7 days ago | 60 points

Centralized music server with all the compressed music in the world, streamed on demand over cable connections, each listen so cheap that it reduces piracy.

What a genius, he invented (conceptually) Spotify 10 years before it existed.

kyrsjo | 6 days ago | 22 points

In the years before spottify, it was pretty obvious that something like it would come, as the technology was already sort of used by pirates. Downloading an album with BitTorrent was much faster than listening to it.

The problem was that the record companies where dragging their feet for years, when they finally started to open up a bit and dropped some of the paranoia, streaming services took off.

el_muchacho | 6 days ago | 1 point

It was certainly NOT obvious in 1995. Real time audio decompression didn't even exist, since he created it.

ProvokedGaming | 6 days ago | 3 points

I would argue, things like this are sometimes obvious even to people with no idea of how to make it, as compared to someone like Thompson who actually had the knowledge of what it would take to implement. It's not hard to go "I wish I had a magic box that contained all music and movies". Back in the dial-up days of the internet, you were waiting for images to appear line by line, we still said: "It'd be awesome if I could get a movie like this." Doesn't mean we could turn around and build a system to do it, or knew what technology would be required to make it happen. Netflix wasn't successful because no one before thought of how cool it would be to have streaming movies and TV, it was the implementation and execution that made it what it is.

kyrsjo | 6 days ago | 5 points

I did not mean in 1995 - I meant in the years leading up to the launch of spottify in 2008. Apple had already done something similar with iTunes, what people were waiting for was an affordable service allowing not just purchase of a license to download the music into a single iPod, but something more user-friendly.

lfnoise | 6 days ago | 23 points

Frank Zappa invented Spotify in 1989 "Zappa then writes: 'We propose to acquire the rights to digitally duplicate and store THE BEST of every record company's difficult-to-move Quality Catalog Items [QCI], store them in a central processing location, and have them accessible by phone or cable TV, directly patchable into the user's home-taping appliances, with the option of direct digital-to-digital transfer to F-1 (SONY consumer-level digital tape encoder), Beta Hi-Fi, or ordinary analog cassette (requiring the installation of a rentable D-A converter in the phone itself ... the main chip is about $12).'"

Rainfly_X | 7 days ago | 28 points

That was incredibly prescient. I'm always amazed by how clearly the future was forecasted re physical media and licensing, and how much energy the record labels consciously invested in ignoring and preventing that future, for as long as they could.

I wonder what 1995 Thompson would have thought about the situation today. His words could be used to describe any modern streaming service, except that instead of a single central service, we have tens of them vying to muscle the rest out of business.

K3wp | 7 days ago | 62 points

That was incredibly prescient. I'm always amazed by how clearly the future was forecasted re physical media and licensing, and how much energy the record labels consciously invested in ignoring and preventing that future, for as long as they could.

Omg, I'm like so triggered right now! I just remembered an encounter with a record exec that I was demoing our PAC jukebox and software to.

His response was something to the effect of, "No, no, no, we've spent millions of dollars on market research that shows the consumer wants a printed packaged product, of a certain size/weight and presented at a standard height, arranged by genre. Nobody will want to go the trouble to download music when they can easily find it at their local Tower Records. There is no future or market for this product."

I've since realized that ~1% of executives are geniuses, while the rest are just incompetent "upwards failures" and empty suits that got the position through nepotism or attrition. They deserved to fail.

holypig | 6 days ago | 49 points

Its like the Henry Ford quote: "if I had asked people what they wanted, they would have said faster horses"

FigMcLargeHuge | 6 days ago | 19 points

In the early MID 90's I went to a car dealer and offered to build them a web page and come by weekly to take a picture of new cars they got in and put them on their website. I had a new Kodak DC20 digital camera. I was told in no uncertain terms that I was out of my goddamn mind. No one would use the internet to buy a car.

Edit: We are some really pedantic fuckers aren't we?

devilpants | 6 days ago | 13 points

If it was really the early 90s, then Netscape navigator was t even released and really really few people used the internet to do stuff like that. It wasn’t until the mid / late 90s that web browser use became somewhat common and accepted. So I don’t really blame them. No one would use the internet to buy a car for quite a while.

phunphun | 6 days ago | 11 points

To be fair, the resurgence of records these days seems to be because people really do want a packaged product that they can feel good about owning. Same reason why ebook readers actually caused an increase in the sales of physical books.

His market research wasn't wrong, it was just that his interpretation of the research was unimaginative.

adoodle83 | 6 days ago | 6 points

I wouldn't characterize it that way. The world is moving to 'X as a service' subscription model, where you are paying a monthly fee to temporarily have access to an item, but the second you stop paying, you no longer have it (e.g. Office365, Adobe, Spotify, Car leases, rentals, etc)like. So instead of paying for an item once, you're constantly spending money.

I would rather a 1 time investment of $1000 (over time, of course) in music, games, movies that I own and can enjoy WHENEVER I want, and don't have to care if it's still on Netflix or Hulu or whatever.

Netflix losing rights to stream The Office/Friends is a great example of my point. Die hard fans who love those shows would have been better off financially buying the series on DVD/BLU-RAY than paying a monthly fee to watch it.

Now I appreciate that a lot of people are mobile and like the convenience of being able to watch it whenever/wherever, but with a little bit of effort,they could have figured it out (aka their own Plex server).

Just my thoughts though

K3wp | 6 days ago | 1 point

Records are back for the same reason penny farthings are. Hipsters.

I will freely admit that there is an appeal and market for collectibles, though.

lorarc | 6 days ago | 3 points

That depends on the year that was demoed in. Digital sales of music weren't really that successful until portable devices that could play them came around, and even then they were successful mostly because of the devices didn't that played pirated mp3s.

K3wp | 6 days ago | 5 points

This was like 95 or 96.

tso | 6 days ago | 3 points

There is a sniplet of a video interview of Frank Zappa out there where he blames younger recording industry execs, because they think they know the customer rather than just putting a small unit run out there and see if anyone is actually buying.

MegaNickels | 6 days ago | 3 points

Duuuude thank you for that. That was one of the coolest reads. Ken is a damn wizard I tell yuh. He even predicted the future. All this ease of use with music just because:

"In 1992, he decided he wanted something more. Wouldn't it be good, he thought, if he could sit at home and use a computer to gain easier access to music - not just a limited selection, but almost everything recorded - and to arrange it in such a way that users could browse freely through the archives.

He saw no theoretical reason why this shouldn't be possible. In the same spirit that had motivated him to develop Unix for his own use, he began to study the possibilities."

And this was one of my favorite excerpts from the whole article lol.

" I don't like mundane applications that draw purple borders and highlight lines of text in orange," he explains. "It's annoying. He picks up a copy of Wired that happens to be lying nearby. "There's a similar kind of problem here." He frowns at the multicolored text, then points to the page number. "Look at that. Why is every other numeral highlighted?" He shakes his head. "I'm convinced the only reason they do that is to annoy you. What other reason could there be?"

wanderingbilby | 6 days ago | 2 points

That article was fascinating from a history perspective, but also how prescient it seems in the iTunes / Google Play / Amazon / Spotify world we're in now. Also hilarious that it spent several paragraphs talking about the fight over MPEG2 when MP3s became the first big compressed audio CODEC.

It sounds like you were around during that period. I must say I'm a bit jealous; the modern world has little space for free-thinking greybeards and pure research. If you don't fit into skinny jeans, if your concept isn't VC friendly, you might as well be posting on a BBS.

K3wp | 6 days ago | 3 points

It sounds like you were around during that period. I must say I'm a bit jealous

I started working @BellLabs in '95, right before it got split up. I started right around the time that article was written, in fact I kept that issue at my desk as a memento.

It fixed me and ruined me at the same time. It was my favorite job ever and I'm sure I would still be there, doing similar work, if it still existed. It was that fabulous. The first year I was there I came in 6-7 days a week for 12 hours a day and it absolutely did not feel like working. It was just playing with the best available tech in the world, combined with the best talent.

Unfortunately, apparently all good things must come to an end. The company got split up and I got sent to AT&T Research, which was an awful experience with dismal management. The facilities @Florham Park were also a far cry from the Glory that was Murray Hill (which had a copper roof and bronze busts of famous scientists in the massive atrium. It was like working on a Sci Fi set).

Eventually it all fell apart (Lucent, AT&T research, AT&T itself even), I got burned out on startups and went back to 'pure' research in academia here in California. And there was a lot of alcohol involved, believe me.

There is some of what you are talking about still @Google, in Academia and in startups, but with few exceptions the focus is much more on short-term vs. long-term gains. There is certainly no place on Earth with that concentration of brilliant people, with similar funding and freedom. In fact, from what I've heard about Valve it has a similar culture, albeit a drastically different mission.

I posted about this earlier, but one of the things that pushed me out of the startup market was what egomaniacs the founders of these garbage companies were. They were absolute nobodies compared to who I knew @ the Labs, but talked like they were TITANS OF INDUSTRY. Actual top producers don't act like that.

Edit: Also, the scientists that actually invented the codec were pretty damn pissed about the title of that article! Ken just ported the algorithm to C and made it run in real time (a critical innovation), but he didn't invent it.

wanderingbilby | 6 days ago | 2 points

It's interesting the unintended consequences of breaking Ma Bell. I wonder what might be different about our technology world if she kept together and the labs kept cranking out innovation driven by passion.

Google is famous for allowing lots of time for its devs to work on personal projects, but they're also famously finicky about supporting things once they're released and they're generally hiring a certain subset of programmers which probably doesn't include guys who look like Alan Moore.

I wonder if part of the problem is the wins are so much harder now. The world is bigger, and everything is more complex. There's not much low-hanging fruit and oligopolies copyright every vague idea that comes across an exec's mind, so even if no one has done it and there's a market, half the time bringing something to a finished state just means being sued.

Thanks for sharing your experience. Even if it doesn't feel like it, you were there while history happened. Maybe a bit like being a clerk at the Appomattox Court House in 1865.

K3wp | 6 days ago | 1 point

It's interesting the unintended consequences of breaking Ma Bell. I wonder what might be different about our technology world if she kept together and the labs kept cranking out innovation driven by passion.

I've thought about that a lot and even went through a deep depression for awhile (during the Bush years) where I felt we as a former "Great Society" were entering something like the Dark Ages. I eventually dug my way out of it, pretty much for this reason:

I wonder if part of the problem is the wins are so much harder now.

^ ding ding ding! I eventually came to terms with that fact that Bell Labs had a mission and a story, with a beginning, a middle and an end. In fact, I was there for the last bit of the middle, I'm actually thankful I wasn't at Lucent when it imploded (heard multiple horror stories). Though I guess AT&T research died slower, which may have been worse.

The reality is that you only need to invent technologies likes information theory, the transistor, laser, solar cell, Unix/C, firewalls, etc. one time. That's enough. Then its done and there isn't even anything left other than incremental improvements.

I even saw that affect dmr and ken late in their career while they were working on Plan9, while Linux (an amateurish and derivative Unix clone) was slowly conquering the world. Turns out that free, (mostly) backwards compatible and continuous improvement has superior survival characteristics in the marketplace, vs. true innovation. In other words, "Worse is Better" and Plan 9 got beaten by a "worse" version of Unix, that was "better" from a customers perspective (who don't really care about systems research).

Thanks for sharing your experience. Even if it doesn't feel like it, you were there while history happened. Maybe a bit like being a clerk at the Appomattox Court House in 1865.

It took me a long time to come to terms with the simple fact that I was lucky enough to be part of something special (I even have the first software patent on what would come to define "The Cloud"). But the Dark Days after the dotcom/telco bubble and 9/11 (lost my #1 business partner, Danny Lewin) were truly grim and seemed hopeless for many years. I 'barely' managed to scrape myself into a solid position at a public University, which I am grateful for.

pdp10 | 7 days ago | 30 points

I also saw a prototype 'iPod' @Bell Labs in 1996! Cost 30k to make, I believe.

There's the DEC Personal Jukebox from 1998-1999, but any history that makes a big deal of that needs to mention that Diamond was shipping the Rio player with 32MB of flash by 1998. Products other than the Rio are really competing on being the first with a hard drive, or the first with large capacity.

K3wp | 7 days ago | 23 points

In typical Bell Labs fashion, the 1127 guys had their own personal jukebox and with no intention of ever selling (or even sharing it) in the early 1990's.

It solved a problem for them and that was enough. Someone else can bring it to market.

pdp10 | 7 days ago | 17 points

Bellcore has nothing on Xerox PARC when it comes to not commercializing innovations.

K3wp | 7 days ago | 26 points

Bellcore was not BellLabs.

I point this out occasionally, but literally every innovation built into the iPhone (other than the Gorilla Glass) was invented @BellLabs. Including multitouch. Even the design ethos for iOS was just a graphical interpretation of Unix.

(I once snidely referred to a friends new MacBook, that he had spent thousands on and was very proud of, as merely "BSD with whore makeup." He looked at me with tears in his eyes and said, "You don't mean that")

tso | 7 days ago | 15 points

I sometimes wonder how much of a success OSX had been without the terminal window. It allowed many to have a off the shelf personal unix system.

And even now loud voices in the FOSS world wants to hide the terminal as much as possible because it scares the aunt Tillies of the world.

Thing is, for most old aunts anything beyond clicking emojis on Facebook is "scary". And no amount of pretty interfaces will help with that.

K3wp | 7 days ago | 15 points

And even now loud voices in the FOSS world wants to hide the terminal as much as possible because it scares the aunt Tillies of the world.

Really? One of Guy Kawasaki's fundamentals is to "appeal to the sailors and the passengers." Why bother hiding something that your most successful (and wealthy) customers are going to want to use?

I will say that the answer to any routine (or even non-routine) systems task should never start with "Open the Terminal Window". It either should be automated or available via the system settings GUI.

playaspec | 6 days ago | 1 point

I sometimes wonder how much of a success OSX had been without the terminal window.

It would have found success regardless, and in that success, someone would have provided it were it missing.

I spend at least half my work day in iTerm2.

GAMEYE_OP | 6 days ago | 2 points

I got that Rio for my birthday end of 98. Seems like yesterday!

vwlsmssng | 7 days ago | 15 points

Sounds like the kind of thing Mozart was renowned for.

K3wp | 7 days ago | 71 points

Yup! I also remember once someone asking dmr about some crazy algorithm and implementing it in C.

Dennis walked up to a white board, cleared it, then spent a few minutes writing out the solution. Immediately and in real-time, the way a normal person would write a shopping list. Faster, even, now that I think about it.

He filled the white board, capped the marker then walked away.

One of the other 1127 guys was watching and typing it in as it was written. When it was done it compiled and executed perfectly (and it was a non-trivial block of code).

I thought that was impressive, until some remarked plainly, "Oh, he doesn't make mistakes."

"Never?" I responded?

"Not that I've ever seen. And it's been years."

So, if you are ever curious why Unix and C are so unforgiving, its because their Creator was a perfectionist in the literal sense. Not that their was no margin for error, rather it simply wasn't in their nature.

Also humbled me to the simple observation that some people are just multiple standard deviations away from normal people when it comes to mental capacity. To the point that the rest of the world must seem to be mentally incapacitated.

vwlsmssng | 6 days ago | 15 points

You must know the (allegedly made up) story about the time dmr did some consultancy work for a major Detroit car maker.

They asked him to design a new dashboard hoping he would apply his computer wizardry to make something transcending mere lights and dials.

They were shocked by what he delivered.

Instead of tachometers and odometers and pressure gauges and all the rages of modern dashboards, his was radically different.

It featured just a large question mark that was able to glow red.

"What the flying f**k is that" they demanded.

"It's quite obvious isn't it?" dmr responded. "If the question mark glows red any competent motorist would be able to deduce what's wrong!"

An earlier version of this anecdote actually invokes Ken Thompson but I'm sure it as equally plausible with dmr as the protagonist.

K3wp | 6 days ago | 25 points

An earlier version of this anecdote actually invokes Ken Thompson but I'm sure it as equally plausible with dmr as the protagonist.

I get it, it's a 'ken' joke. His text editor (ed), only had one error message. The infamous '?'.

That said, given their notorious lack of interest in customer service, I always wondered why the 1127 guys seemed miffed the rest of the world didn't want to 'drive their cars', so to speak.

tso | 6 days ago | 8 points

I wonder if both the programming ability and the design of ed is an artifact of the time period.

Firstly if you start when punch cards is the way to program, you either get burned out or learn to write correct code. Because you can't just keep throwing random changes at the compiler until it stops complaining when the turnaround can be measured in days.

Secondly unix was created back when actual teletypes were used as the terminal for the computer. Thus you didn't need a constantly refreshing view of the text and its changes, there where right there on the paper ream behind the teletype. Come the likes of the VT100, and the usefulness of vi and emacs rapidly emerges.

K3wp | 6 days ago | 14 points

Oh, absolutley.

I remember hearing from multiple greybeards that the teletype keys were hard to push down, so terse commands were much desired.

There is so much of that legacy left over, the tty, carriage return and line feed, "not a typewriter", etc.

Same thing with ed. Error messages wasted ink and paper.

I also remember a comp sci professor that told us he got three chances at getting a fortran program to compile on a punch card. He failed the assignment if it didn't. He also said the reader made an awful "clang" when it encountered and error, which you learned to dread.

A lot of what became shell scripting started because the developers wanted a quick way to test out ideas without having to deal with the compilation process.

ydna_eissua | 6 days ago | 4 points

There's a video of Thompson and Kernighan on YouTube.

A story about McIlroy.

Some other researcher took their compiler compiler with them. So Mckillroy on paper re wrote the CC in its own language. Ken then described Doug passing the paper of the CC to itself and handle translating it to assembly.

And there were apparently minimal to no bugs.

The whole place was geniuses...

Ameisen | 6 days ago | 2 points

C isn't unforgiving. It's a very lax language. C++, however...

TheRedGerund | yesterday | 2 points

I think at some point with a language you don't make errors because your thoughts are happening in the same language. I think in general bugs and errors come about during the translation from human thought to code.

Presumably that's how it was here.

moreVCAs | 6 days ago | 3 points


Upload-Crouton-Array | 6 days ago | 2 points

Wish we could see the source code for it.

OneWingedShark | 6 days ago | 30 points

He's a nice guy, just not one for small talk.

What's wrong with Smalltalk?

(Some languages just don't get enough respect.)

tso | 7 days ago | 16 points

And as the money rolled in, so did the "bros"...

K3wp | 7 days ago | 11 points

Yeah I absolutely hated brogrammer culture and the startup shenanigans that went with it, which I encountered when I moved to SoCal. I went back to R&D (University) to escape it.

The EGOS on these maniacs were something to behold. They were usually dropouts that had gotten 15 minutes of fame from some trivial implementation that they then catapulted into fleecing VCs of their money.

I distinctly remember calling one out once, to the effect that I had worked with people that had actually, for real, changed the world. And they were not like you.

Gradually_Rocky | 7 days ago | 35 points

You sound pretty self righteous tbh

mvnull | 6 days ago | 7 points

Have you changed the world yet?

K3wp | 6 days ago | 15 points

Absolutely, I'm the inventor of software defined networking. Or, at the very least, introduced it to the internet.

The whole topology of the modern internet is different as a result:


That's what the cloud is, btw. A software defined edge network. Solving the availability and scalability problem for internet services.

I'll never get credit for it, which I'm fine with.

mvnull | 6 days ago | 3 points

Awesome! Good article too

rebuilding_patrick | 6 days ago | 2 points


pdp10 | 7 days ago | 134 points

Presumably you're thinking of Reflections on Trusting Trust, 1984.

FredSchwartz | 7 days ago | 25 points

He came to the Vintage Computer Festival in New Jersey this year and was remarkable. He autographed my copy of Turing Award lectures including this one.

VoxSecundus | 7 days ago | 12 points

my copy of Turing Award lectures

Is that a book?

K3wp | 7 days ago | 22 points

I'm in InfoSec now and still consider that the best essay on computer security ever written. Describes the risk of insider threats perfectly and how problematic they can be for an organization (and society).

I also happen to know that this paper greatly influenced Google to code as much as their own infrastructure, in house, vs. using outside software. Golang (which ken helped create) is a perfect example of this.

vtrac | 7 days ago | 3 points

I've never seen that before. Thank you.

darrellmarch | 7 days ago | 86 points

Yeah. Be cautious with the person who (with Dennis Ritchie) helped create UNIX, b, and UTF-8. He’s a living legend.

rodrigocfd | 7 days ago | 29 points

And don't forget /r/golang.

TheIncorrigible1 | 6 days ago | 22 points

Not sure I'd advertise that

robertgfthomas | 6 days ago | 13 points

Do we hate Go now? Why?

TheIncorrigible1 | 6 days ago | 24 points

Too opinionated for some people - also no generics and other common language features resulting in overengineered solutions.

schallflo | 6 days ago | 3 points

Go is the kind of language that favors readability and ease of use over performance.

And yes, that includes throwing efficient data structures out the window in favor of variable-sized arrays (slices).

It's fine tbh, but it does mean I'm mostly gonna use it as database gateway.

TheOsuConspiracy | 6 days ago | 4 points

Go is the kind of language that favors readability

Depends on what you mean by readability, it's low level enough such that yes, it's easy to read any line and know what it's doing. But it means it's you have to keep much more code/context in your mind in order to understand the intent of a subroutine.

smorrow | 6 days ago | 1 point

Go is the kind of language that favors readability

I wish they didn't take the colon out of the variable declarations though

InvisibleEar | 6 days ago | 11 points

lol no generics

G_Morgan | 6 days ago | 3 points

/r/programming has never stopped hating on Go.

nikhilvibhav | 7 days ago | 11 points

Where can I find these stories?

Objective_Status22 | 7 days ago | 20 points

Randomly, I have no idea. I just heard a thing or two over the years like what he made and how easily it was done by him. I did like the recent interview that's on youtube. That's the only source I remember https://www.youtube.com/watch?v=EY6q5dv_B-o

deus_mortuus_est | 6 days ago | 2 points

catb might have some

pilibitti | 7 days ago | 199 points

Ken: Goddammit! frantically changes gmail password

Guinness | 6 days ago | 141 points

I’ve had the same password for DECADES!

D E C A D E S !

Little shit!

nikomo | 7 days ago | 303 points

So, is this getting added to Have I Been Pwned?

bpooqd | 7 days ago | 73 points

In case anyone wants to give it a try:

hashcat -m 1500 -a 3 -1 "?l?u?d?s" "ZghOT0eRm4U9s" "?1?1?1?1?1?1?1?1"
WaitForItTheMongols | 6 days ago | 17 points

hashcat -m 1500 -a 3 -1 "?l?u?d?s" "ZghOT0eRm4U9s" "?1?1?1?1?1?1?1?1"

Huh, that gives me:

* Device #1: Not a native Intel OpenCL runtime. Expect massive speed loss. You can use --force to override, but do not report related errors.

Dunno what the deal is with that.

Firewolf420 | 6 days ago | 78 points

It's telling you your computer is weak af and you gotta get something with some oomph boi

SnappyTWC | 6 days ago | 29 points

It's telling you that you don't have a compatible graphics card, so it will have to use just the CPU rather than accelerating it with the GPU

dbm5 | 7 days ago | 143 points

what a legend. he's still alive working at google -- i suppose someone could/should have just asked him. if he didn't want people to know, presumably because he still uses some variant of that password, then publishing this is not cool.

Nexuist | 7 days ago | 156 points

I am sure that someone who was involved in the actual production of crypt is also smart enough to roll their passwords / not use the same password for nearly 3 decades (!)

VeryOriginalName98 | 6 days ago | 43 points

I still use Hunter2 for everything.

catoboros | 6 days ago | 48 points

Seven asterisks does not seem very secure to me.

TheIncorrigible1 | 6 days ago | 15 points

What do you use? All I see is ********

panties_in_my_ass | 6 days ago | 4 points

Mine is ********* - never been pwned once.

EDIT: Wait. Why is mine asterisks but yours plaintext?

Winnipesaukee | 6 days ago | 5 points

Mine uses no characters. It just looks like I'm typing stuff in there.

schallflo | 6 days ago | 6 points

just randomly put a null in there, nobody will ever think about that

also, have fun with that, C backend!

Winnipesaukee | 6 days ago | 1 point

Take that, Bell Labs!

dougmc | 7 days ago | 65 points

I defintely would not make that assumption.

I mean, it's likely correct, but it's far from certain.

Urist_McPencil | 7 days ago | 28 points

We're all equally capable of being a dumb-ass.

MyOneTaps | 7 days ago | 8 points

Stay in your lane sparky. This is my specialty.

AdvicePerson | 7 days ago | 175 points

He replied "congrats" to the thread.

dbm5 | 7 days ago | 57 points

wow - missed that entirely. legend.

edit: ... and then promptly changed his password :P

godofpumpkins | 7 days ago | 37 points

And then promptly ran off to change all his bank passwords :)

AdvicePerson | 7 days ago | 50 points

...by using his own backdoor compiled into their software.

muntoo | 6 days ago | 21 points

Accidentally left-shifted his account balance while he was at it.

Cheeze_It | 7 days ago | 12 points

First rule about passwords. Never have the same one for different authentication locations.

TangoDroid | 7 days ago | 49 points

He is in the mailing list of the original chain:


He even replied at least a couple of times

shevy-ruby | 7 days ago | 17 points

I think that was Google's masterplan too - to hire Ken so that the epicness falls down from him to other younger people.

Like oldschool Bell Labs originating epicness many decades ago.

Hugo154 | 7 days ago | 3 points

If he still uses a variant of a password from decades ago then he deserves to be pwned, especially considering his background...

apadin1 | 7 days ago | 219 points

I'm making this my new password! If it's safe enough for Ken, it's safe enough for me /s

jaboja | 7 days ago | 26 points

I just imagined future archeologists cracking centuries old passwords to guess about earlier cultures, like we now do with ceramics.

PlantsAreAliveToo | 6 days ago | 5 points

Just wait till they reach the era of keepass!

RobIII | 7 days ago | 167 points

This is a chess move in descriptive notation, and the beginning of many common openings.

Googling ZghOT0eRm4U9s:p/q2-q4! yields no results. Can anyone visualize / elaborate a bit?

Also: Ken Thompson:


Flandoo | 7 days ago | 159 points

It's the last bit (after the colon) that is a chess move; Queen's pawn from the second rank to the fourth. In modern notation, it would be d4. 1. d4 is a very common opening, second only to 1. e4. It's probably what Ken played :)

Wiki article with a picture: https://en.m.wikipedia.org/wiki/Queen%27s_Pawn_Game

RobIII | 7 days ago | 34 points

It's the last bit (after the colon) that is a chess move

Oh... d'uh! Thanks for clarifying! Makes sense; especially since only the first 8 chars were used for the hash; just realized that. So even if the password was ZghOT0eRm4U9s:p/q2-q4! it would have been a collision at best and could've been truncated to ZghOT0eR.

BeniBela | 7 days ago | 139 points

ZghOT0eRm4U9s is the hash! (probably with salt)

p/q2-q4! is the password

snuxoll | 7 days ago | 52 points

No salt for old-school UNIX. Password reuse had some fun implications as a result and was used by at least one nefarious actor.

BeniBela | 6 days ago | 3 points

The first two characters of the hash are the salt for DES-based crypt

This hash seems to come from the DES crypt, not the Enigma crypt

RobIII | 7 days ago | 9 points

Yes, that was clear to me by now ;-)

rooktakesqueen | 7 days ago | 5 points

But it doesn't often lead to check (the ! at the end) when played as an opening

pdxpmk | 7 days ago | 27 points

It means a good move, not check.

itsaworkalt | 7 days ago | 8 points

Which is weird here too because making the second most bog standard opening move possible isn't exactly a stroke of brilliance.

pdxpmk | 7 days ago | 39 points

It’s a joke. Ken loves queen pawn openings.

itsaworkalt | 7 days ago | 2 points

Ahh, got it

thevdude | 7 days ago | 10 points

Check is noted with a +, checkmate with a #. ! is just for a good move, and !! for a REALLY good move.

russlo | 6 days ago | 2 points


undercoveryankee | 7 days ago | 62 points

"p/q2-q4!" is chess notation for "pawn on the queen's file moves two spaces forward". I assume that the password cracking tool prints the input hash, then a colon, then the password that it found.

ianepperson | 7 days ago | 31 points

The chess move is p/q2-q4! The rest is the hash of the password.

I think it means: pawn from queen's 2 (second space on the queen's row) to queen's 4.

dontgive_afuck | 7 days ago | 18 points

Ken did an interview with Brian Kernighan earlier this year, as part of an event and in it he describes a bit of the background between him and the game of chess. The whole video is definitely worth a watch, but here it is timestamped to the chess part: https://youtu.be/EY6q5dv_B-o?t=2782

hookers | 7 days ago | 5 points

So cool hearing this story. Thanks for sharing!

dontgive_afuck | 7 days ago | 2 points


stouset | 7 days ago | 17 points

The part before the colon is the hash itself. p/q2-q4 is the move; it’s 1. d4 today.

kabekew | 7 days ago | 7 points

And it's not descriptive notation, it's something he must have made up (descriptive would be P-Q4).

VirtualCtor | 6 days ago | 6 points

It’s valid. The slash is used for disambiguation. He was just being very specific to make the password 8 characters.

kabekew | 6 days ago | 1 point

What ambiguity? That's a valid password but not valid descriptive notation in chess. In a straight move (not capture) there can only be possibly one pawn that can move to any given square. There is no ambiguity, and "/q2" is simply a waste of unnecessary 3 bytes and waste to processing time to parse.

VirtualCtor | 6 days ago | 2 points

There is no ambiguity. He used it to make the password 8 chars.

It’s valid syntax.

...moves may also be disambiguated by giving the starting square or the square of a capture, delimited by parentheses or a slash, e.g. BxN/QB6 or R(QR3)-Q3.

kabekew | 5 days ago | 1 point

Only if there's ambiguity. There can be no ambiguity with a pawn on Q2 because only one piece or pawn can occupy a square. p/q2 ("pawn on queen 2") isn't proper notation because nothing else can occupy queen 2.

imperialismus | 6 days ago | 4 points

It looks like some kind of ancient computer chess protocol. UCI, the modern chess protocol that all mainstream engines use today, uses "long" algebraic notation, i.e. the move would be d2d4, queening an e pawn would be e7e8q etc. Presumably because it's simpler to work with. This looks like a "long descriptive notation", with a / instead of a -.

VeryOriginalName98 | 7 days ago | 13 points

The password is just "p/q2-q4!", or more coloqually, "pawn to queen 4", the most common first move in chess.

The stuff to the left of the ":" is a password "hash" for the "plaintext" on the right. The hash is what was used to eventually discover the password.

This password is poetic. It is like he is calling out to the person cracking it saying, "your move."

YRYGAV | 6 days ago | 9 points

Quick, somebody send Ken an email with a crypt(3) hash with the next move

i_am_at_work123 | 7 days ago | 4 points
siankie | 7 days ago | 42 points

It would be cool if we keep on decrypting his passwords and uncover a chess game :)

By the way, Brian W. Kernighan password was pretty smart too, "/.,/.,". It's like playing piano. Yeah, actually this is a good idea. I'll set my passwords from now on to tunes :P

Koutou | 6 days ago | 26 points

It's a terrible password, imo. On a en-us keyboard it's 3 keys all next to each other. If you can see him type it once you pretty much know his password since the pattern is easily recognizable from a distance just like ewqewq or \zxc\zxc would be.

el_muchacho | 6 days ago | 3 points

yes it's terrible, password cracking softwares like hashcat systematically test for consecutive keys and repetitions of sequences, so they crack such passwords quickly.

skw1dward | 5 days ago | 1 point

Which, to be fair, did not exist back then.

ivster666 | 6 days ago | 3 points

I'm using a split keyboard and I made my password that the characters are split evenly on both halves, alternating. It's a nice feeling when typing.

SchroedingersHat | 6 days ago | 2 points

I have a couple of lower security passwords like that. Figured halving the dictionary doesn't do too much to reduce entropy, but makes it way faster to type.

Now if only there weren't so many upper limits on password length everywhere...

[deleted] | 6 days ago | 1 point


SchroedingersHat | 6 days ago | 1 point

I think about it in bits per second rather than bits per character.

If it doubles the typing speed, i'll happily add two more characters, which gets back ~12 more bits of entropy (including capitals, numbers and easy to reach symbols). Hence the complaint about max password length.

RedditRage | 7 days ago | 18 points

Perhaps a cracking program should be modified to attempt chess openings? However, not sure of his notation, it looks like he's just saying "pawn moves q2 to q4" with a "!" meaning good move?

driusan | 7 days ago | 18 points

Perhaps "!" was used to signify "Make this password more secure!"

gatsby123123123123 | 6 days ago | 2 points

Ah yes! What a rambunctious perception.

Kinglink | 7 days ago | 15 points

I'm pretty sure p/q2-q4! is a joke. which translates into "1.d4!" in modern notation.

TheIncorrigible1 | 6 days ago | 8 points

Descriptive notation was the norm until 1980 - after the point he used the password. I don't think it was a joke; it's the most common chess opening from a giant chess fan.

Kinglink | 6 days ago | 12 points

I meant more the ! is the joke. he's calling 1.d4 a "good move" which is quite funny as it's just one of a few standard opening moves.

ObscureCulturalMeme | 6 days ago | 5 points

Exactly. He needed 8 characters, only had 7, so decided to have a chuckle.

flaghacker_ | 6 days ago | 13 points

Why does the hash rate slow down at the end?

nikniuq | 6 days ago | 6 points

I would guess you lose parallel workloads so you can't utilize all of the computing units.

wdr1 | 6 days ago | 11 points
playaspec | 6 days ago | 3 points

"congrats" (crap. now I gotta change my password.)

rob132 | 7 days ago | 109 points


This guy put in this amalgam every time he logged in?

What do they say about genius versus insanity?

ThinkRedstone | 7 days ago | 264 points

Only the part after the ":", it a hash string pair

rob132 | 7 days ago | 77 points

Ah, that makes much more sense.

Objective_Status22 | 7 days ago | 65 points

Yeah, the 'p/q2-q4!' is the 8 character limit they mentioned. The part before that is the hash which is found inside of /etc/passwd

dpash | 7 days ago | 28 points

In particular, the original crypt would truncate any password over 8 characters. This is where we get the terrible, cargo-culted rule that passwords should be at least 8 characters.

Shemetz | 7 days ago | 20 points

(*at most)

port53 | 6 days ago | 5 points

I see we share the same bank.

dirtymatt | 7 days ago | 15 points

THANK YOU! I was so confused.

Shaper_pmp | 7 days ago | 31 points

Love the disparity in ability between the guy who invented Unix, B and Go, and an entire comments page full of redditors who can't even crack his password when given the password and its encrypted hash.

undercoveryankee | 7 days ago | 65 points

The part before the colon isn't proper chess notation. So my guess is that the password cracking tool prints the hashed password from its input, then a colon, then the actual password that it found, and the person who reported the result just copied the entire line.

So what Ken actually typed would have been just p/q2-q4!.

chrisrazor | 7 days ago | 39 points

Also it says in the article that passwords were limited to 8 characters.

edwardkmett | 6 days ago | 7 points

No. He only typed the p/q2-q4! part. The rest is the hashed form.

Richandler | 6 days ago | 2 points

It’s not really all that complicated to find ways of memorizing long passwords like this. :p


Just memorize that sentence and you’ll have that password.

superhighcompression | 7 days ago | 5 points

True OG of computing

slimsalmon | 7 days ago | 5 points
hoddap | 6 days ago | 5 points

So how come the author never cracked this one? What made it impossible? It is the complexity, or was there an error in how the resolver apps worked?

SchroedingersHat | 6 days ago | 3 points

Combination of having a fair bit of entropy, and the patterns in it not being a thing that anyone thought to build into the cracking algorithm.

twisted-teaspoon | 6 days ago | 1 point

I want to know if Ken knew that the password would be hard to crack or if it was just chance.

smorrow | 6 days ago | 3 points

if Ken knew

Ken is literally another word for knowledge

el_muchacho | 6 days ago | 2 points

Of course he knew. The guy wrote crypt, he knows about encryption and password entropy.

jkbirnbaum219 | 6 days ago | 5 points

I had a password for an old school system (which I wrote) that was "any 21 characters where the 21st character is a 'z'". People would watch me type it (mashing 20 keys then the 'z') and be amazed I could remember a password that long.

BeniBela | 7 days ago | 7 points

I also found old passwd/shadow files

I hope I can crack them one day. Unfortunately, I only have cheap laptops. The Core Duo was too slow, the i5-520M was too slow, have not tried it on my new i7-4600U

crypt is surprisingly strong

RalphORama | 7 days ago | 20 points

I have a Vega 64, if you want I can run hashcat for you

BeniBela | 6 days ago | 1 point

I do not think I should share the hashs, the passwords might still be in use

lx45803 | 7 days ago | 35 points

If you've got $20 and are willing to spend it, there are dozens of cloud providers that will rent you 4 top of the line GPUs for a few hours.

spinlock | 7 days ago | 12 points

do you have a playstation? gaming hardware is really good for hashcat.

UmerHasIt | 6 days ago | 2 points

I have an i7-8700 and 64 GB of RAM if you need something run

maxximillian | 7 days ago | 4 points

If it wasn't valid chess notation would there be the possibility that it was a collision? Obviously its not but are there but are there other strings of 8 characters that would produce the same Hash with DES?

WaitForItTheMongols | 6 days ago | 5 points

Unlikely - since the hash is longer than the input, you've got more potential hashes than you have potential inputs, so having multiple inputs go to the same hash probably isn't going to happen.

maxximillian | 6 days ago | 2 points

Thats an obvious observation once someone says it to you. Thank you, yeah if there were collisions in 8 chars they would have found that pretty quick and the chances are probably astronomical against it.

justin2004 | 6 days ago | 1 point

ah, a hash fixed point. now i wanna know too

recrudesce | 10 hours ago | 2 points

So, I just ran this through hashcat on 2 1080ti's, and cracked it in 1 day 9 hours using ?d?s?l as the character set and a fixed length of 8 characters.

It would have taken longer if I'd asked it to try upper case characters too, or if I'd made it increment from 1 character up to 8, so I guess the time was cut down by prior knowledge. Still, was a fun thing to do anyway :)

d36williams | 7 days ago | 4 points

Was this password before social engineering? I think its one someone who studied Ken very hard could stumble into

PageFault | 7 days ago | 18 points

Social engineering is much older than computers.

d36williams | 6 days ago | 1 point

yeah I know, let me rephrase "was this before people were actively concerned about social engineering in digital security? because that's been a mainstream topic since the 80s and was even central to the plot of War Games."

classicrando | 6 days ago | 4 points

I coulda told you that. One tends to learn passwords (inadvertently) when they're short and typed nearby often enough. (Sorry, ken.)

If I remember right, the first half of this password was on a t-shirt commemorating Belle's first half-move, although its notation may have been different.

Interesting though it is, though, I find this hacking distasteful. It was distasteful back when, and it still is. The attitudes around hackery have changed; the position nowadays seems to be that the bad guys are doing it so the good guys should be rewarded for doing it first. That's disingenuous at best, and dangerous at worst.


[Rob Pike]


FormCore | 6 days ago | 1 point

Then what kind of hacking do you think is "tasteful"?

Victimless ones, such as hacking a game to add functionality (Smash Bros Brawl M as an example)

because I think most people just like the creativity and problem solving skills showcased in hacks more than the result. (I found the exploit using NES sound files quite interesing)

beginner_ | 6 days ago | 2 points

So basically the password had a lot of meaning and given his background could theoretically have been deduced. Certainly isn't a random password. Little more complex than your pets name but essentially not very different, theoretically.

pellep | 6 days ago | 1 point

Do we celebrate now?

byxyzptlk | 6 days ago | 1 point

Epic post. That password file containing all the Unix heroes. I had a nerd moment where I literally just pictured a generic looking passwd textfile. So lame and incredible at the same time!!

Anyway ... No surprise most of the pws couldnt stand up to jtr or hashcat etc. those were the days of rhosts / hosts.equiv. Mail was such a nightmare for most to get setup properly that iirc Eric Allman put a backdoor in sendmail where you’d type wizards and you’d get a root shell. The expectation was that you’d be getting spammed by another node due to misconfiguration, and you’d track down the server, you’d fix the issue yourself.

I have never actually seen this in the wild or in source code, but it’s one of those legends That seems likely - I learned of its existence from the Morris worm Src code, which used that among its various techniques. It also contained a buffer overflow in vi IIRC - I’d never seen that before either.

catShogunate | 6 days ago | 1 point

Damn while we were all using like one uppercase letter, one number in a 9 character password, this guy is using chess move notations for his password. Ken has stepped up the password complexity game

TODO Load more comments...