- B R A I N S P I N -

Reverse Engineering

Is it Cracking?

People think that "Reverse Engineering"(i'll call it RE from now on) is an illegal act because of it's relationship with the Cracking scene. But cracking isn't even illegal if it's correctly done with healthy thoughts. RE and Cracking does share technologies but they are not the same matter. As the word "Engineering" implies, productivity is the prime concern for RE. But when it comes to Cracking, the knowledge itself is the main point. You don't get rich by Cracking. Nor do you get the fame from the real society(Although you get some fame from the virtual society or perhaps get infamous?).

Where Cracking started

No doubt, Cracking started with the invention(?) of protections. The first cracks to come was for games. At that time(80s), people didn't use computers for connecting to the internet with PPP. They didn't use it for watching movies. They didn't use it for writing reports for their math class. If they did, they were the priviledged people who were getting support from some big places or people that had the wealth. So there were no emerge for making protections. But for games it was different. Kids playing them copied them to friends, traded games and even make groups for those purposes (which was the origin of the so called Warez scene). Software companies trying to stop the act(which the profit they earned fell) created locks and protections. People didn't like the fact since, for example, if his local copy was damaged in any ways, they could do nothing. What if the price was too high? Anyway, These thoughts made people "break(=crack)" the protections. The guys who needed the games were interested on the fact that they could COPY them, but the guys who did the hardcore work.... they were eager for the knowledge. They wanted to know how the protection worked. They wanted to make new ways of cracking them. They didn't matter how the jobs they have done gave an impact. Whenever hearing of a new protection, they needed to get their hands on them. So the Cracking scene needed to grow with the Warez scene which is illegal for real, making people think that cracking is illegal(which isn't).

Then

What is the difference on the technologic side? Simply, RE looks at the tree when Cracking looks at the branches. Cracking doesn't need to look at the whole trunk, but it only needs to figure out the stream related to the wanted knowledge. For AVers, They have almost no information about the virus they are targeting to dissect. They need to "Reverse Engineer" the virus to the bare bones. They need to know which part is exactly the virus. They need to know what damage it does, how it infects others, and blah blah blah(because of the mass creations of viruses, AVers sometimes just infer from their experience). Crackers needs to know only how a program protects itself(from debuggers, unregistered users). Sometimes, the protection scheme relates to the whole program. But that's a rare thing. Mostly they need to know just THE specific part. It's not stealing. It's a method.

But since....

Anyway, the difference is just an attitude side thought. The whole planet thinks RE = Cracking, so, let's think this way. RE > Cracking. RE is a more elegant vocabulary. It's a more good-to-hear word (at least for me:). RE != Cracking will be only a history. Only the "Deep Impact" can stop the world :P

Give me the Technology

Only a small portion of programmers leads the world of programming, and most of those few doesn't or can't release their efforts to the public. (for various reasons like NDA's and their characteristics, money, etc. I'm not saying this is a bad attitude or some kind of thing to blame. There could be thousands of situations. Also, most people has to program for a living :) Many portions of bleeding technologies and concepts are in their hands but the same or similar codes are being reinvented and recoded from other parts of the world. I think it's some sort of wasting that nobody can stop. But RE can loosen this. RE is a matter of developing more knowledge and evolving it in a effective way. It will make our life better :)

Examples of application

VX/AV scene

The fight(or cooperation?) between the VX and the AV has been there for quite a long time(well, relative to the computer history that is :). The virii guys even competed with themselves with new techniques. Mostly the sources weren't released so to hook up with the breed, one had to "RE" the virus target. And since the virus had to be relatively small to make them transparent from the AVs they were a good target to make challenge. That way people even made virus clones even only by modifying a signature or some memory address or active date(YOU Lamerz!). For the AV side, RE is a essential technology. Everyone should have thought so :) They needed to know how the virus gets infected, how the virus hides himself, how it optains control, blah blah blah. The only ways to figure it out was to face it and RE it! An irony is that the VXers REs the AV proggies. Well thats mainly to get out from the sight of the AV proggies.

Packing/Unpacking scene

Since the success(?) of PKLite execution packing proggy(there were similar proggies before but wasn't famous), people got to know that this has a great potential on many things. By packing the target one can save file size, sometimes even speed up execution speed. But the most advantage was that the targets code gets hidden and packed into some unrecognizable form. This made programs hard to RE. So for the REers unpacking was a demand. Another VX/AV like war begun :) Packers developed ways to encrypt the packing target, detect debuggers, use holes, relocate, twist and twirl. Unpackers again needed to know the techniques and RE followed for the sake of RE :P

Yeah Yeah, Cracking scene

You know this.

Even Hacking

An example is SMB. The Microsoft guys didn't well-document the content exchanged, so RE had to be involved. So there came Samba for the Unix platform to mimic the operations. Hacking technique is a hacking technique. But to develop one, sometimes RE is involved like this.

All together now!

The world is breaking its walls. The wall at berlin did, Europe is trying to break walls, and even the scenes here are breaking their walls. Because of another paradigm(or shall i call it crisis?), the technical side are lacking technologies and those technologies are losing their classifications(some say that it's not that the classification is vanishing but it's getting more detailed and vast). The only category to be is RE. Packing uses VX techniques, Hacking uses VX techniques, Foo is using Bar's techniques. The potential is moving into a unified way. Into RE or non-RE.

References:
Codebreakers Magazine #4 "Reverse Engineering: The Viral Approach"
Fravia's "Is Reverse Engineering Legal"
Mammon's Reverse Engineering
(to be continued)

Note : Contents above are my thoughts. They are not definitive.
Here's some related links.