Skip to main content

View Diary: Warnings From The Trenches (188 comments)

Comment Preferences

  •  Actually, that's not true as to a sophisticated (0+ / 0-)

    enough programmer binary is just as good as source code.  Perhaps you haven't seen how it was discovered that Sony used the same "random" number for all their PS3 encryption keys making it possible to use simple algebra to get them?

    As for systems not having tools like a compiler and assembler, thank goodness for the GNU project and gcc (and mingw32, etc).  In fact, that kind of thing is exactly why Richard Stallman started the Free Software Foundation and GNU project in the first place.

    You have watched Faux News, now lose 2d10 SAN.

    by Throw The Bums Out on Tue Feb 05, 2013 at 06:39:05 PM PST

    [ Parent ]

    •  don't be so sure (1+ / 0-)
      Recommended by:
      Throw The Bums Out

      going back to my day dealing with 2nd generation hardware and software a number of us knew how to create self-modifying software that was not easily traceable in the source code, and thus for practical purposes untraceable in the binary -  when did you take the dump, before or after it modified itself?

      "We didn't set out to save the world; we set out to wonder how other people are doing and to reflect on how our actions affect other people's hearts." - Pema Chodron

      by teacherken on Tue Feb 05, 2013 at 06:43:52 PM PST

      [ Parent ]

      •  I wouldn't be so sure, how about cracking software (0+ / 0-)

        that is not only heavily obfuscated and self modifying but actually uses it's own custom bytecode and virtual machine system which is also heavily obfuscated and self modifying with dozens of layers of encryption and obfuscation?  Ever hear of StarForce?  That is the equivalent of trying to debug a nes game running on pocketnes running on a gba emulator running inside dosbox only every single layer is heavily obfuscated and almost completely written in self modifying code.  Of course, it helps that now you can waste 512MB-1GB of RAM on the obfuscation/encryption/self modification part alone.

        You have watched Faux News, now lose 2d10 SAN.

        by Throw The Bums Out on Tue Feb 05, 2013 at 07:00:43 PM PST

        [ Parent ]

      •  Most modern systems explicitly forbid (0+ / 0-)

        self modifying code.  As in they break assumptions the OS makes about how to handle multitasking scheduling so if the hardware has such instructions they are deliberately disabled by adding them to the list of things that will cause a fault and get trapped by the OS.

        •  Actually, no they don't as that would make most (0+ / 0-)

          modern web browsers unusable as they use dynamic recompilation to convert javascript code into native code.  The same is done with Java and Flash both of which would be impossible without self modifying code.

          You have watched Faux News, now lose 2d10 SAN.

          by Throw The Bums Out on Wed Feb 06, 2013 at 10:55:38 AM PST

          [ Parent ]

    •  You are really stretching the truth there (0+ / 0-)

      when you used the phrase "just as good as".  That phrase implies it doesn't take any longer to understand binary code as to understand source code, and it implies that only seeing the binary code doesn't make things any harder to follow.  That's absolutely incorrect.  Even if you are dealing with a programmer who can understand the binary you lose all the naming of things.  Variables in disassembled binary code no longer contain English names (unless you were really lucky and got your hands on a debugger-usable version of the binary that therefore has the symbol table in it but that's typically not what gets distributed as the final product now is it?)

      If you claimed that there exist some people who can make use of the binary code I'd agree.  But when you claim that those people will find the binary code "just as good as" the source code, that's total bollocks.

Subscribe or Donate to support Daily Kos.

Click here for the mobile view of the site