[GTALUG] reverse engineering
D. Hugh Redelmeier
hugh at mimosa.com
Sat Mar 9 18:06:14 EST 2019
Sometimes I get annoyed at binaries for which I don't have any code.
Stepping back a bit, I get annoyed at undocumented hardware for which
the only drivers are closed-source, or even worse, Windows-only or
Android-only.
One way to pry these open is through reverse engineering tools
What prompts this message is that the NSA has just released Ghindra as
open source.
<https://www.nsa.gov/resources/everyone/ghidra/>
(This would be perfect code for the NSA to plant a trojan horse in.)
Previously (and maybe still) the tool that seemed to be most popular was
IDA, a commercial product that runs on Windows.
There are some other choices:
<https://reverseengineering.stackexchange.com/questions/1817/is-there-any-disassembler-to-rival-ida-pro#1821>
==== War story (feel free to ignore): ====
I put some effort into this in the early 1980s. I wrote my own
disassembler that made some inferences from control flow. I disassembled
two non-trivial bits of code:
- the undocumented monitor that resided in my Altair's "Bytesaver" (EPROM
reader and writer). The software was originally written for the
Processsor Tech Sol 20 machine.
- the proprietary but buggy firmware in my Volker-Craig VC2100 terminal
(meant to compete with the VT100)
These were a lot of work and they were only 1k and 16k bytes respectively.
My reversing was complete: I ended up with useful source for both.
With information gained from the PT monitor, I was able to write my own,
much more ambitious monitor.
I found bugs and identified fixes for the VC2100 and reported them to the
author of the code at Volker-Craig. But the product was cancelled before
the fixes were released.
I gave up on one reverse engineering task. I bought a copy of MuMath,
a symbolic algebra package, that was for the Osborne I. I tried to
run it on my Kaypro II. It seemed that there was some tricky
copy-protection code involving bank-switching. I never cracked that
puzzle.
==== End of war story ====
I would love to see better reverse engineering for a few things.
- my Lenovo Yoga notebook gets a machine whenever it goes to sleep and
back. Sleep/awake still works, but the machine checks probably slow
things down and they make me unhappy.
- nvidia video cards are not well-enough supported by nouveau. nvidia has
not disclosed enough about the hardware to fix this.
- Many GPUs used with ARM are not supported with open-source Linux
drivers. There are a number of reverse engineering projects but
progress isn't fast enough for me.
My guess is that these projects are too hard since the size of object
code to be analyzed is several orders of magnitude more than what I've
tried.
More information about the talk
mailing list