Can Reverse Engineering Help In Stopping Worms?
krozinov writes "The goal of this paper is to try to answer the following three questions:
How do you reverse engineer a virus? Can reverse engineering a virus lead to better ways of detecting, preventing, and recovering from a virus and its future variants? Can reverse engineering be done more efficiently?
The paper is organized into five sections and two appendixes. Section 1 is the introduction. Section 2 reviews basic x86 concepts, including registers, assembly, runtime data structures, and the stack. Section 3 gives a brief introduction to viruses, their history, and their types. Section 4 delves into the Beagle virus disassembly, including describing the techniques and resources used in this process as well as presenting a high level functional flow of the virus. Section 5 presents the conclusions of this research. Appendix A provides a detailed disassembly of the Beagle worm, while Appendix B presents the derived source code of the Beagle virus, as a result of this research."
I think so Brain...is the virus protected by the DMCA and the other various software laws that prevent reverse engineering? If so, who is really in the wrong here?
"Look Lois, the two symbols of the Republican Party: an elephant, and a fat white guy who is threatened by change."
Coming in a packet near you, from the EULA of the future:
......
By connecting a computer to the internet, you hereby agree to the terms of this agreement (hereafter referred to as "deal with the devil") for this software (hereafter referred to as "CPU sucking nightmare")
Won't surprise me if virus/trojan/worm/spyware writers use IP law against those that would hope to rid the world of their menace.
Two wrongs don't make a right, but three lefts do.