Can Reverse Engineering Help In Stopping Worms?
krozinov writes "The goal of this paper is to try to answer the following three questions:
How do you reverse engineer a virus? Can reverse engineering a virus lead to better ways of detecting, preventing, and recovering from a virus and its future variants? Can reverse engineering be done more efficiently?
The paper is organized into five sections and two appendixes. Section 1 is the introduction. Section 2 reviews basic x86 concepts, including registers, assembly, runtime data structures, and the stack. Section 3 gives a brief introduction to viruses, their history, and their types. Section 4 delves into the Beagle virus disassembly, including describing the techniques and resources used in this process as well as presenting a high level functional flow of the virus. Section 5 presents the conclusions of this research. Appendix A provides a detailed disassembly of the Beagle worm, while Appendix B presents the derived source code of the Beagle virus, as a result of this research."
Why didn't I think of that:? :P
I think so Brain...is the virus protected by the DMCA and the other various software laws that prevent reverse engineering? If so, who is really in the wrong here?
"Look Lois, the two symbols of the Republican Party: an elephant, and a fat white guy who is threatened by change."
Yup. Suck it.
create fixes proactively and don't allow the exploits to be found in the first place. But there's probably a law or two out there that prohibits this kind of stuff, eh?
;-)
Laws against writing secure software? Well yeah, that'd explain quite a lot.
Sig Nature
On second thought you really could be on to something here. The reason people expend so much time and energy writing viruses is because they have time and energy to expend. So if we forced everyone to work in the mines for 15 hours a day, they would have no energy, and no time. Problem solved.
On a side note, I doubt anyone from EA writes viruses.
Coming in a packet near you, from the EULA of the future:
......
By connecting a computer to the internet, you hereby agree to the terms of this agreement (hereafter referred to as "deal with the devil") for this software (hereafter referred to as "CPU sucking nightmare")
Won't surprise me if virus/trojan/worm/spyware writers use IP law against those that would hope to rid the world of their menace.
Two wrongs don't make a right, but three lefts do.
Sounds like we need some sort of "anti-virus software" to fight viruses. If only some sort of "anti-virus company" would come forward to produce this "anti-virus software", we'd all be saved.
Speaking for the murders... no forensic science is not needed.
I would like to thank the author of that paper for making it abundantly clear to me that I am not smart enough to operate independently in today's technological environment. I would like to take this opportunity to bow down before my compsci-savvy overlords swear to just mindlessly accept whatever code they produce.
-Pinkoir