If whoever wrote this wants to add an authentic (and somewhat period correct) terminal front-end, I wrote a VT420 hardware emulator that works in the browser and we can wire them together!
More like the VT-05. The VT-52 came a few years later. But yeah, the VT-420 is way later.
Fun fact: The VT-52 didn't have a loudspeaker for the bell sound. Instead, it had a electromechanical relay which was set up to self-oscillate.
"Typing a character produced a noise by activating a relay. The relay was also used as a buzzer to sound the bell character, producing a sound that "has been compared to the sound of a '52 Chevy stripping its gears."
> the knowledge that a buffer overflow could be exploited for arbitrary code execution had not yet come of age.
Meaning, people hadn't figured that out, or it wasn't a commonplace technique? They must have seen buffer overflows crash running software; it doesn't take much imagination to think about the next steps.
This is Unix V4 from 1973. The total number of installations world wide was around 20, all inside Bell Labs. There was no networking support at all, so security was mostly physical, i.e., office building security (though you could dial in with a modem). Multi-user support was a bunch of serial-line terminals. Pretty much everyone knew everyone else who was on the system.
> By supplying addresses outside of the space allocated to the users program, it is often possible to get the monitor to obtain unauthorized data for that user, or at the very least, generate a set of conditions in the monitor that causes a system crash.
> In one contemporary operating system, one of the functions provided is to move limited amounts of information between system and user space. The code performing this function does not check the source and destination addresses properly, permitting portions of the monitor to be overlaid by the user. This can be used to inject code into the monitor that will permit the user to seize control of the machine.
(Volume 1 is at https://apps.dtic.mil/sti/citations/AD0758206 .) However general awareness of the security implications seems to have been very limited before the Morris worm, and then even for several years after that. Even in late 1996 an article which in its own words "attempt[ed] to explain what buffer overflows are, and how their exploits work" could still be published in Phrack magazine, and in fact even be quite a milestone https://en.wikipedia.org/wiki/Buffer_overflow#History . Some people had definitely been thinking about hardware bounds checking for a long time by then https://homes.cs.washington.edu/~levy/capabook/ but I don't know how much they'd specifically considered just this kind of security threat.
Most computers did not exist in an adversarial environment at the time.
Perhaps the most "adversarial" context would be: undergraduate timeshare use. So the mainframes of the day, which would be the typical platform for undergrad programming (if timeshare was even offered to undergrads in 1973) might be expected to be somewhat hardened to attacks of various kinds since undergrads trying to hack their grade higher, get more CPU time, etc, was a known thing.
But Unix machines, and minicomputers in general, were not used for undergrad purposes. They were only available to be used by PhD candidates and other higher order beings. Those dudes had the root password anyway, so no need to harden the machine against their potential attacks. There was no networking to speak of, so no malicious traffic to worry about. The first worm didn't appear until the late 1980s.
So if you had talked to a Unix sysadmin in 1973 (all...1 of them) they probably would understand the general concept of someone running a program that crapped onto kernel memory with the result they could have root privileges, but there would have been no plausible adversary around with any reason to mount that attack. Plus every cycle and every byte counted, so there would have been many more fish to fry before worrying about buffer overflow problems.
> since undergrads trying to hack their grade higher
Would student records even be stored on an unix system at the time? I am under the impression that Unix was very much a research operating system in the 1970's (either the subject of or a tool for). Administrative functions were more likely to be conducted with an IBM mainframe. (At least that is how it was when I arrived at university a couple of decades later, which I always took to be a legacy thing.)
Exploiting this is close to trivial because the adjacent buffer contains the pw entry. So, you can control what the input is compared with.
That way the password check can be bypassed without injecting code.
Good point, thanks! The crypt() of the input, not the input itself, but guessing at the (PDP-11 assembly :/ ) code for crypt() a bit, it looks like it stops after 64 characters if it can’t find a null terminator before that, so
should work as an exploit, and indeed it does. (Arbitrary 64-character password, then 36 bytes to pad to the end of the 100-byte buffer, then the part of root’s /etc/passwd entry for said password until at least the second colon.)
Hey! So I'm actually the builder of UNIXV4.dev (via my company Squiz Software Pty Ltd).
I went to bed last night with a couple of people poking around… woke up to a whole lot more. Appreciate the load test!!
I’ve fixed the rate-limit issues people were hitting. There’s still a global cap of 100 concurrent sessions + per-user limits to keep things stable during spikes.
I’ve also added an “Attributions & Acknowledgements” section.
The backstory is wild: UNIX v4 being recovered from a ~1973 tape at the University of Utah after being effectively “lost” for decades. Reading about the recovery and then poking around in it under SIMH on my PC is what pushed me to wrap it up as a public, browser-based terminal that other people could take a look at - and hopefully get as much out of it as I did.
Have fun exploring it all (especially all the primitive bits — remember: use "chdir" instead of "cd", and "#" is backspace).
I spent about a week insulting Claude to get port it to x86_64. It's running nicely in QEMU. We're also trying to get the C compiler in there working as well.
I'm amused at how circular this is. Unix v4 is first OS written in C, now running on top of an unbelievable amount of C (and C++). Classic circular computer science delight.
> By using this service, you acknowledge that terminal sessions may be logged for educational and debugging purposes. No personal data is collected beyond your IP address.
Is this all open source and is the code available? So that we know where the data is truly going?
It would be an excellent phishing attack if your target is senior IT. You filter out every non-geek, of course, and certainly your responses would lean heavily toward an older crowd. They's all see 'Unix v4', be too excited to consider the risks, and being a 1973 OS assume it is innocent and safe (not thinking about the platform delivering it).
And even more to the point: this is a website. What is he afraid of this website doing that all the other websites don't already do? Why single this one out?
Yeah it’s unlikely that this site will collect any meaningful data and it’s unlikely that you lose any meaningful data by playing with a virtual unix from the 70ies.
Did they get a license from Novell for this or is this as illegal as many of the other emulator sites with copyrighted software on them? Considering the page doesn't mention it, I'm leaning towards it being copyright infringement.
This copy of Unix v4 came from AT&T and not one of the freely licensed ones Caldera released. Caldera may own the rights now for this unearthed copy, but I am not aware that they have provided licenses for this new release.
If your argument is that Caldera might not actually have the rights to UNIX in the first place to grant the license, that's fair.
But the license they provided (http://www.lemis.com/grog/UNIX/ancient-source-all.pdf) explicitly names versions 1, 2, 3, 4, 5, 6, and 7 of UNIX for the 16-bit PDP-11. Yes, these versions originated at AT&T (Bell Labs) but are distinct legally from SysIII and SysV UNIX, also from AT&T, which are explicitly not covered by the Caldera license.
>Redistributions of source code and documentation must retain the above copyright notice
The archived tape doesn't have this, which contradicts the license. This makes me think the license may only be referring to a set of source code that they released with this license text already applied as opposed to what was recently archived.
>Redistributions in binary form must reproduce the above copyright notice
I don't see the copyright notice on that page. So at the very least that may need to be added.
> C++ is one of the properties that SCO owns today and we frequently are approached by customers who wish to license C++ from us and we do charge for that. Those arrangements are done on a case-by-case basis with each customer and are not disclosed publicly. C++ licensing is currently part of SCO's SCOsource licensing program.
Maybe they claimed to own an implementation of C++ but it would be typical of them to claim to own the moon and sun and be sublicensing the stars to God.)
In the sense that the company I work for would be financially harmed if copyright infringement of software was freely allowed. I benefit from the ability of people being able to sell rights to use software.
It's one thing to digitize and archive ancient software, it's another thing to allow people to freely use it without acquiring the proper license for it.
The people who preserve vintage software typically respect boundaries in order to avoid cases where the copyright holder would be financially harmed. It is not a perfect guarantee, but it is a reasonable one.
Hardline stances usually cause more harm than good anyhow. I remember collecting Apple II gear in the late 1990's and early 2000's. The people saying that any form of copyright infringement was bad were either ignored or flamed since a lot of people just looked at their collection of software from the late 1970's and early 1980's and said, "we're at risk of losing this if we don't make it available, and the copyright holders won't lose anything if we do make it available." Which wasn't strictly true since there were some software developers who created software in the early 1990's who were still selling it. Unfortunately their absolutist attitude did not earn them many allies, so it became a lost cause.
I’m normally one defending copyright on this forum. But dude, this software is half a century old. Nobody is buying or selling this software. Nobody’s business or livelihood is threatened by this.
>Nobody is buying or selling this software. Nobody’s business or livelihood is threatened by this.
Because the media was no longer in the rights holder's possession. This is a dangerous line of reasoning where someone can steal a copyrighted work and then be allowed to profit off of it because the artist has no way to do so.
Being able to see a long lost UNIX version is interesting and I could imagine it being worth paying to see it or play with it similar to how people pay money to see things at a museum.
Dangerous line of reasoning??? Allowing time for an author to monetize a work is the legal rationale for copyright protection. There is no commercial value to this software.
Here is a hypothetical. You see someone on their iPad making a nice drawing. You then steal the iPad and then start making prints of that art and start selling them. To me the artist should be able to disallow such prints from being sold.
But your line of reasoning says that since the artist is unable to make money from the print, then there is nothing wrong with someone else doing so as the artist isn't missing out on any profit since they have no way to sell prints.
That scenario is materially different. The details matter a lot in IP law.
Also please note that I have not said that the copyright is not valid. However, a case for fair use is not unfounded here.
> your line of reasoning says
It ain’t my line of reasoning. I’m paraphrasing the actual law:
As 17 USC § 107 says:
> In determining whether the use made of a work in any particular case is a fair use the factors to be considered shall include—
(1) the purpose and character of the use, including whether such use is of a commercial nature or is for nonprofit educational purposes;
(2) the nature of the copyrighted work;
(3) the amount and substantiality of the portion used in relation to the copyrighted work as a whole; and
(4) the effect of the use upon the potential market for or value of the copyrighted work.
This is a false equivalence. The iPad would have to be 45 years old and, after the artist had sold the art many times before to others, had the iPad rediscovered by someone after it had been lost in their mom’s attic.
If whoever wrote this wants to add an authentic (and somewhat period correct) terminal front-end, I wrote a VT420 hardware emulator that works in the browser and we can wire them together!
https://mmastrac.github.io/blaze/
(the API is undocumented but stupidly simple: an async js_read() function and a sync js_write() function)
You'll want VT-52 for this era.
More like the VT-05. The VT-52 came a few years later. But yeah, the VT-420 is way later.
Fun fact: The VT-52 didn't have a loudspeaker for the bell sound. Instead, it had a electromechanical relay which was set up to self-oscillate.
"Typing a character produced a noise by activating a relay. The relay was also used as a buzzer to sound the bell character, producing a sound that "has been compared to the sound of a '52 Chevy stripping its gears."
YouTube has the sound: https://www.youtube.com/watch?v=bAafRXddfxc
Thanks, I remember it being much louder when I used it in the 80's. Made me jump out of the chair the first time I heard it.
Reading the source unearths interesting things: https://sigma-star.at/blog/2025/12/unix-v4-buffer-overflow/
> the knowledge that a buffer overflow could be exploited for arbitrary code execution had not yet come of age.
Meaning, people hadn't figured that out, or it wasn't a commonplace technique? They must have seen buffer overflows crash running software; it doesn't take much imagination to think about the next steps.
This is Unix V4 from 1973. The total number of installations world wide was around 20, all inside Bell Labs. There was no networking support at all, so security was mostly physical, i.e., office building security (though you could dial in with a modem). Multi-user support was a bunch of serial-line terminals. Pretty much everyone knew everyone else who was on the system.
I'm not an expert, but a quick look at https://en.wikipedia.org/wiki/Buffer_overflow#History suggests that some people, at least, had figured it out by 1972 https://apps.dtic.mil/sti/citations/AD0772806 :
> By supplying addresses outside of the space allocated to the users program, it is often possible to get the monitor to obtain unauthorized data for that user, or at the very least, generate a set of conditions in the monitor that causes a system crash.
> In one contemporary operating system, one of the functions provided is to move limited amounts of information between system and user space. The code performing this function does not check the source and destination addresses properly, permitting portions of the monitor to be overlaid by the user. This can be used to inject code into the monitor that will permit the user to seize control of the machine.
(Volume 1 is at https://apps.dtic.mil/sti/citations/AD0758206 .) However general awareness of the security implications seems to have been very limited before the Morris worm, and then even for several years after that. Even in late 1996 an article which in its own words "attempt[ed] to explain what buffer overflows are, and how their exploits work" could still be published in Phrack magazine, and in fact even be quite a milestone https://en.wikipedia.org/wiki/Buffer_overflow#History . Some people had definitely been thinking about hardware bounds checking for a long time by then https://homes.cs.washington.edu/~levy/capabook/ but I don't know how much they'd specifically considered just this kind of security threat.
Most computers did not exist in an adversarial environment at the time.
Perhaps the most "adversarial" context would be: undergraduate timeshare use. So the mainframes of the day, which would be the typical platform for undergrad programming (if timeshare was even offered to undergrads in 1973) might be expected to be somewhat hardened to attacks of various kinds since undergrads trying to hack their grade higher, get more CPU time, etc, was a known thing.
But Unix machines, and minicomputers in general, were not used for undergrad purposes. They were only available to be used by PhD candidates and other higher order beings. Those dudes had the root password anyway, so no need to harden the machine against their potential attacks. There was no networking to speak of, so no malicious traffic to worry about. The first worm didn't appear until the late 1980s.
So if you had talked to a Unix sysadmin in 1973 (all...1 of them) they probably would understand the general concept of someone running a program that crapped onto kernel memory with the result they could have root privileges, but there would have been no plausible adversary around with any reason to mount that attack. Plus every cycle and every byte counted, so there would have been many more fish to fry before worrying about buffer overflow problems.
> since undergrads trying to hack their grade higher
Would student records even be stored on an unix system at the time? I am under the impression that Unix was very much a research operating system in the 1970's (either the subject of or a tool for). Administrative functions were more likely to be conducted with an IBM mainframe. (At least that is how it was when I arrived at university a couple of decades later, which I always took to be a legacy thing.)
My Educated guess, both.
Malicious attempts at exploiting would require physical access.
This was 1970's running on a PDP hardware. These were not normally connected to the internet so the attack vector of attacking would be have literal.
Any bugs would probably been of been fixed prior to and isn't this the first alpha of unix? So probably patched later in versions.
I kept expecting an exploit :) Something to poke at on a slow evening, I guess, though with the buffer in static memory it might be difficult.
Exploiting this is close to trivial because the adjacent buffer contains the pw entry. So, you can control what the input is compared with. That way the password check can be bypassed without injecting code.
Good point, thanks! The crypt() of the input, not the input itself, but guessing at the (PDP-11 assembly :/ ) code for crypt() a bit, it looks like it stops after 64 characters if it can’t find a null terminator before that, so
should work as an exploit, and indeed it does. (Arbitrary 64-character password, then 36 bytes to pad to the end of the 100-byte buffer, then the part of root’s /etc/passwd entry for said password until at least the second colon.)Things that I noticed are not yet there in this version: /proc, uptime, uname
Things that are working: `cal 2026`, coredumps
Things that might be broken or aren't working as expected: ps (only returns "No mem")
And utmp is in /tmp?
And no /usr/sbin or /sbin? And nothing in /usr/local?
The messages from `write root` are only in uppercase.
/proc is a Linux thing.
Hey! So I'm actually the builder of UNIXV4.dev (via my company Squiz Software Pty Ltd).
I went to bed last night with a couple of people poking around… woke up to a whole lot more. Appreciate the load test!!
I’ve fixed the rate-limit issues people were hitting. There’s still a global cap of 100 concurrent sessions + per-user limits to keep things stable during spikes.
I’ve also added an “Attributions & Acknowledgements” section.
The backstory is wild: UNIX v4 being recovered from a ~1973 tape at the University of Utah after being effectively “lost” for decades. Reading about the recovery and then poking around in it under SIMH on my PC is what pushed me to wrap it up as a public, browser-based terminal that other people could take a look at - and hopefully get as much out of it as I did.
Have fun exploring it all (especially all the primitive bits — remember: use "chdir" instead of "cd", and "#" is backspace).
- Daniel
I wonder how hard is it to do the entire thing in browser/js. It seems hugged to death right now due to backend connections.
people ran linux and win 95 in browser, would be fine
I managed to get in after a few tries. But then I got a timeout. I think I'm going to wait until the HN deathhug is over :D
I spent about a week insulting Claude to get port it to x86_64. It's running nicely in QEMU. We're also trying to get the C compiler in there working as well.
Glad to have played with it a bit before it got Slashdotted. ;)
I'm amused at how circular this is. Unix v4 is first OS written in C, now running on top of an unbelievable amount of C (and C++). Classic circular computer science delight.
I am glad it already has `ed`, the standard text editor.
But it's lacking some features available in newer versions of ed, such as using 'n' to print line numbers.
Rate limited! a new record!
I'm going to guess we're on the same VPN.
The fi ligatures in the Help & Info section are killing me.
Almost slashdotted.
Getting a rate limit error, but I haven't used the program.
death by hn..
Just a heads up:
> By using this service, you acknowledge that terminal sessions may be logged for educational and debugging purposes. No personal data is collected beyond your IP address.
Is this all open source and is the code available? So that we know where the data is truly going?
Hard to trust it if it isn't fully OSS.
This is a cool demo though.
> Hard to trust it
Clarification requested: How is ‘trust’ applicable to this site?
I don't want them to see my blunders in the chess game I lost against the 40 year old computer program.
It would be an excellent phishing attack if your target is senior IT. You filter out every non-geek, of course, and certainly your responses would lean heavily toward an older crowd. They's all see 'Unix v4', be too excited to consider the risks, and being a 1973 OS assume it is innocent and safe (not thinking about the platform delivering it).
Maybe you'd get too many retirees ...
Now you just need
Even if it was open source how do you know its not a fork?
And even more to the point: this is a website. What is he afraid of this website doing that all the other websites don't already do? Why single this one out?
WARNING: YOU ARE ABOUT TO OPEN A WEBPAGE.
Exception: -1 Page already opened. Time can only flow forward.
> Hard to trust it if it isn't fully OSS
It's an emulated PDP-11, could you elaborate on the threat model here?
I get that companies are being gross about logging everything online, but come on. It's okay to have fun.
Who in their right mind is using this for anything other than curiosity's sake?
Little bit of banking on an emulator on a random website, why not?
bitcoin will not be mined on its own.
Yeah it’s unlikely that this site will collect any meaningful data and it’s unlikely that you lose any meaningful data by playing with a virtual unix from the 70ies.
You aren’t getting downvoted enough.
Did they get a license from Novell for this or is this as illegal as many of the other emulator sites with copyrighted software on them? Considering the page doesn't mention it, I'm leaning towards it being copyright infringement.
In 2002, Caldera licensed Research Unix <= 7th edition and 32-bit 32V Unix under a BSD-style license.
Gotta stick the "This product includes software developed or owned by Caldera International, Inc." notice on it though.
This copy of Unix v4 came from AT&T and not one of the freely licensed ones Caldera released. Caldera may own the rights now for this unearthed copy, but I am not aware that they have provided licenses for this new release.
If your argument is that Caldera might not actually have the rights to UNIX in the first place to grant the license, that's fair.
But the license they provided (http://www.lemis.com/grog/UNIX/ancient-source-all.pdf) explicitly names versions 1, 2, 3, 4, 5, 6, and 7 of UNIX for the 16-bit PDP-11. Yes, these versions originated at AT&T (Bell Labs) but are distinct legally from SysIII and SysV UNIX, also from AT&T, which are explicitly not covered by the Caldera license.
Thank you for finding this.
>Redistributions of source code and documentation must retain the above copyright notice
The archived tape doesn't have this, which contradicts the license. This makes me think the license may only be referring to a set of source code that they released with this license text already applied as opposed to what was recently archived.
>Redistributions in binary form must reproduce the above copyright notice
I don't see the copyright notice on that page. So at the very least that may need to be added.
Why do you care about this so much?
Because I think the history of rights ownership and licensing is interesting.
You might also enjoy arguing.
> If your argument is that Caldera might not actually have the rights to UNIX in the first place to grant the license, that's fair.
Yeah, everyone knows Unix is owned by SCO, just like C++, Linux, and the look on your face, which is priceless.
(So help me, SCO claimed to own C++ at one point:
https://lwn.net/Articles/39227/
> C++ is one of the properties that SCO owns today and we frequently are approached by customers who wish to license C++ from us and we do charge for that. Those arrangements are done on a case-by-case basis with each customer and are not disclosed publicly. C++ licensing is currently part of SCO's SCOsource licensing program.
Maybe they claimed to own an implementation of C++ but it would be typical of them to claim to own the moon and sun and be sublicensing the stars to God.)
Personal financial stake in this, or do you regularly police the use of ancient software?
>Personal financial stake in this
In the sense that the company I work for would be financially harmed if copyright infringement of software was freely allowed. I benefit from the ability of people being able to sell rights to use software.
It's one thing to digitize and archive ancient software, it's another thing to allow people to freely use it without acquiring the proper license for it.
The people who preserve vintage software typically respect boundaries in order to avoid cases where the copyright holder would be financially harmed. It is not a perfect guarantee, but it is a reasonable one.
Hardline stances usually cause more harm than good anyhow. I remember collecting Apple II gear in the late 1990's and early 2000's. The people saying that any form of copyright infringement was bad were either ignored or flamed since a lot of people just looked at their collection of software from the late 1970's and early 1980's and said, "we're at risk of losing this if we don't make it available, and the copyright holders won't lose anything if we do make it available." Which wasn't strictly true since there were some software developers who created software in the early 1990's who were still selling it. Unfortunately their absolutist attitude did not earn them many allies, so it became a lost cause.
I’m normally one defending copyright on this forum. But dude, this software is half a century old. Nobody is buying or selling this software. Nobody’s business or livelihood is threatened by this.
>Nobody is buying or selling this software. Nobody’s business or livelihood is threatened by this.
Because the media was no longer in the rights holder's possession. This is a dangerous line of reasoning where someone can steal a copyrighted work and then be allowed to profit off of it because the artist has no way to do so.
Being able to see a long lost UNIX version is interesting and I could imagine it being worth paying to see it or play with it similar to how people pay money to see things at a museum.
Dangerous line of reasoning??? Allowing time for an author to monetize a work is the legal rationale for copyright protection. There is no commercial value to this software.
Here is a hypothetical. You see someone on their iPad making a nice drawing. You then steal the iPad and then start making prints of that art and start selling them. To me the artist should be able to disallow such prints from being sold.
But your line of reasoning says that since the artist is unable to make money from the print, then there is nothing wrong with someone else doing so as the artist isn't missing out on any profit since they have no way to sell prints.
That scenario is materially different. The details matter a lot in IP law.
Also please note that I have not said that the copyright is not valid. However, a case for fair use is not unfounded here.
> your line of reasoning says
It ain’t my line of reasoning. I’m paraphrasing the actual law:
As 17 USC § 107 says:
> In determining whether the use made of a work in any particular case is a fair use the factors to be considered shall include— (1) the purpose and character of the use, including whether such use is of a commercial nature or is for nonprofit educational purposes; (2) the nature of the copyrighted work; (3) the amount and substantiality of the portion used in relation to the copyrighted work as a whole; and (4) the effect of the use upon the potential market for or value of the copyrighted work.
This is a false equivalence. The iPad would have to be 45 years old and, after the artist had sold the art many times before to others, had the iPad rediscovered by someone after it had been lost in their mom’s attic.
I mean if you are assigning points I’d actually say the former is worse than the latter.
What do you think about GOG?
It's good to have competition against Steam.
GOG is perfectly legal.