Sunday, June 5, 2011

Social Reverse Engineering

Hi Folks,
after some days off (holidays!) I am back with an amazing news (at least to me) which proves on one hand how powerful is reverse engineer and on the other hand how spread is this techniques. That reverse engineering was a super powerful tool on the hands of security folks is pretty obvious, BUT that an entire widely protected protocol could be reversed and then made it public shows the real spirit of reverse; making it much more powerful than what I though. In fact often companies and agencies ask for reverse, but they will never release the results (IDA dbs..for example). The reverse engineering's results are such as only one (or few) reverser could analyze them. Once the reverse becomes public it acquires much more power than ever. This is a totally new approach which fortunately starts to become popular... I would like to call it "social reverse engineering" (SRE).

The reverse engineering is becoming popular and popular, thanks to the always improved tools (like IDA Graphic View), and thanks to people who spend hours in writing blogs and/or in teaching students on how to perform it.

Combining these two factors: (a) the need to share reverse results and (b) the ability of more people to understand and to follow on the reverse engineering that has been done, becomes easy the way for the SRE.

So, we said that reverse is becoming a spread and powerful technique: the so called "Social Reverse Engineering" ... but is that good or bad ? It really depends ... as always is. But generally speaking (at least to me) it could be a great way to control closed source code, denying backdoors and/or spywares, "sometimes" hidden into executables.

Skype-Open-Source, as far as I know, is the greatest example of this starting event of sharing reverse eng. Right now, something like 8,000 downloads have been done, many of them are now working on the Skype-Open-Source results. I don't know any dedicated social media (as facebook or tweeter), any SRE web site, but I am pretty sure they will land pretty soon. And when they will, please let me know I'd like to be one of the first users ;)

No comments: