Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: Easter Eggs FUN to find in your yard, BAD to find in your software. - Internet Security | DShield SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Easter Eggs FUN to find in your yard, BAD to find in your software.
Over the years lots of software have had hidden easter eggs in them.

An easter egg is an undocumented feature or object.
Definition:
http://en.wikipedia.org/wiki/Easter_egg_(virtual)

Article on finding Easter Eggs in software.
http://www.pcworld.com/howto/article/0,aid,109378,00.asp

Potential issues with any hidden code or resources include:
lack of functional testing
waste of space
wasted software design and coding effort,
too much freedom for the code authors,
inadequate control of quality,
Easter eggs have included backdoors.
implication that no systematic code review was preformed,
Binary patching issues.


Many software manufacturers have had Easter eggs discovered in their production products. Microsoft has had some pretty interesting Easter eggs in the past. My personal favorite was the flight simulator hidden in excel 97.
From: http://www.eggheaven2000.com/detailed/17.html
"How it Works:
1: Open a new Worksheet and Press F5.
2: Type "X97:L97" and press Enter.
3: Press the Tab key, Hold down Ctrl & Shift and left click the Chart Wizard toolbar icon.
4: Use the mouse to move around - Left button reverse thrust, Right button forward thrust.
5: Look around carefully to find the Shrine with the programmers messages and the Blue Lagoon ! "

Microsoft came out with a stronger policy on eastereggs sometime around 2k stating "No hidden features" or "you're fired". http://www.themicrosoftblog.com/16-easter-eggs-in-microsoft-products-youre-fired/

A really good discusion about the microsoft anti-easter egg policy can be found here.
http://blogs.msdn.com/larryosterman/archive/2005/10/21/483608.aspx

A driving game was in first release of Excel 2000 but pulled in SP1 and 2.
Based on the types of Easter eggs being reported in recent Microsoft products, I believe Microsoft still allows the software engineers to put in credits but that portion can no longer include active code such as games. I hope that the credit code is now part of the standard code review process.

Several handlers contributed to this including Swa and Daniel, Thanks!

donald

206 Posts
ISC Handler

Sign Up for Free or Log In to start participating in the conversation!