Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror
×
Open Source

NSA To Release a Free Reverse Engineering Tool (zdnet.com) 61

The US National Security Agency will release a free reverse engineering tool at the upcoming RSA security conference that will be held at the start of March, in San Francisco. From a report: The software's name is GHIDRA and in technical terms, is a disassembler, a piece of software that breaks down executable files into assembly code that can then be analyzed by humans. The NSA developed GHIDRA at the start of the 2000s, and for the past few years, it's been sharing it with other US government agencies that have cyber teams who need to look at the inner workings of malware strains or suspicious software. GHIDRA's existence was never a state secret, but the rest of the world learned about it in March 2017 when WikiLeaks published Vault7, a collection of internal documentation files that were allegedly stolen from the CIA's internal network. Those documents showed that the CIA was one of the agencies that had access to the tool.
This discussion has been archived. No new comments can be posted.

NSA To Release a Free Reverse Engineering Tool

Comments Filter:
  • by Alain Williams ( 2972 ) <addw@phcomp.co.uk> on Sunday January 06, 2019 @04:10PM (#57914632) Homepage

    Eg Ndisasm [www.nasm.us]

  • by Anonymous Coward

    Taking assembly at university in the early '90's I used a decompiler in the process.

    How is this "a disaster"? What is unique about this one other than the maker?

  • by AndyKron ( 937105 ) on Sunday January 06, 2019 @04:30PM (#57914690)
    I thought it was illegal to reverse engineer software?
    • Re:what do I know? (Score:5, Informative)

      by ShanghaiBill ( 739463 ) on Sunday January 06, 2019 @04:39PM (#57914722)

      I thought it was illegal to reverse engineer software?

      No. Disassembling software is not, and has never been, illegal in America.

      It may be illegal to use the result of the disassembly, especially to bypass security, but also by incorporating copyrighted or patented code into your own products, or accessing functionality that you are not licensed to use. But the disassembly itself is not illegal.

      Some products have terms in their license that forbid disassembly, but those are untested by the courts, are only binding if you are a party to the contract, and violation is a civil tort, not a crime.

    • by Gabest ( 852807 )
      It's just a hex viewer, you can already see the instructions if you know their code number.
    • Does that go for JavaScript? What about bytecode? Doesn't a computer reverse enginer every time it executes? Would reading punch cards count as reverse engineering too? Genuinely curious.

      • by Anonymous Coward

        A computer does not reverse engineer the code when it executes. A computer executes compiled binary code. Compiled Binaries are at one end, Javascript is at the other end.

        This is a decompiler, it takes a binary executable and turns it into something more readable. Not quite as readable as non-obfuscated Javascript though, but something like an old version of Javascript.

  • Holy Shit no (Score:4, Insightful)

    by Anonymous Coward on Sunday January 06, 2019 @04:44PM (#57914738)

    Have you seen what the Obfuscated C project can do? I wouldn't trust NSA source code beyond 'print "Hello World";' and even that is iffy. God help anyone who touches it if this release is binary only.

    • Have you seen what the Obfuscated C project can do?

      Yes, obfuscated programming contests can serve as important learning tools for those who want to liberate themselves from continued ignorance driven by fear of the unknown.

      I wouldn't trust NSA source code beyond 'print "Hello World";' and even that is iffy.

      I think it's safe to say you won't be doing anything with the program (as far as you know) but programmers simply can't afford the luxury of being ignorant and non-programmers are not well served by incul

  • lol (Score:4, Insightful)

    by lsllll ( 830002 ) on Sunday January 06, 2019 @05:07PM (#57914806)
    Does it come with a free thumbdrive? If not, I won't be interested.
  • That's kind of trivial. Tedious and laborious, but trivial - you do not need the NSA to tell you how to do that. If the tool were able to spit out code in some high-level language (even something as low-level as C) that is not unintelligible spaghetti code, that would be something.
  • by hAckz0r ( 989977 ) on Sunday January 06, 2019 @09:11PM (#57915436)

    I have been a long time supporter of IDA Pro, for better than 15 years. Every year I would dig down deep into my pockets and hand over about $600 for my maintenance contract renewal, for my own personal use. My "named" license allowed me to install the product on any machine where I need to analyze something down to the assembly level, and chase the rabbit down the hole. I could code in IDAPython, to script up some magic to analyze things in ways you just could not do with any other tool. Except of course the infamous GHIDRA, which although people I knew at work all used it, I had no direct access to the tool. They said it was better than IDA Pro. Still, there were reasons for them to keep IDA Pro on their tool shelf because no one tool fits every problem.

    Well in 2018 HexRays changed the licensing, and removed the "named" licenses from their offerings. For twice the price I could own a single license for one single machine, that was of course not going to be the one I needed to analyze. My desktop machine is essentially a Xen virtualizing service with lots of smaller task-oriented virtual machines. Which single virtual machine do I now choose to run IDA Pro in? Whichever one I choose there will be some other place I need to debug something. The new IDA Pro licensing sucks, and I can not justify that kind of money for software that I can not even run where I need it.

    Now I can not wait to get my hands on GHIDRA.

    • I'm skeptical that a tool can be as good as ida. I use the free noncommercial version, so it's not even the latest and greatest.

      Ida and SoftIce/WinIce are hard to beat. I hope to contribute some fixes because ida has become less keyboard friendly. That shit needs to stop.

    • IDA's pricing scheme is ridiculous.

      I would like to educate myself with IDA for non-commercial use, but Starter is nearly $1000 and doesn't even handle 64-bit binaries. That is ridiculous.

      Hex-Rays deprived themselves of corporate licensing last year when, having been unable to familiarize myself with anything but the old free 5.0 edition due to the cost, I could not confidently tell the person who approves the PO that yes, I am fairly confident I can use this tool to solve our problem.

      I am very glad to see t

      • by hAckz0r ( 989977 )

        The free version has been updated as of version 7.0, so I would first try that. It's still x86 only while the paid version does something like 96 different CPU architectures, and even java/android support. I believe the new freebe should do 64 bit, which the older 5.0 version definitely can not.

        I have not used the free version since I still have my old license for 7.1 that will never expire. I'll stick with that until I find something better.

Every nonzero finite dimensional inner product space has an orthonormal basis. It makes sense, when you don't think about it.

Working...