[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: .Comparing ViaCrypt and freeware.

To: [email protected]
Subject: Re: .Comparing ViaCrypt and freeware.
From: [email protected] (T. William Wells)
Date: Fri, 27 Aug 1993 22:20:18 GMT
References: <[email protected]>

: > If you're worried about backdoors, reverse engineer it and verify
: > that it works as advertised. Given that the program has to largely
: > duplicate an existing set of source, this should be trivial.
:
: do you mean decompile it, or reverse engineer it based on the

Decompile.

: neither is "trivial" in my mind.

I have a program that (mostly) automatically turns 386 code into
ugly C code. It's not maintainable but, for the purpose of
determining that the commercial product is essentially the same
as the version that you have source to, that's not necessary. You
compile the two versions, decompile them, diff the results,
pattern match to eliminate the artifactual differences, re-diff
and then examine the diff with the proverbial fine-tooth comb.
This would make it quite easy to determine what the commercial
code is actually doing, with a minimum of work. And remember: it
only has to be done once per version.

(No, before anyone asks, the decompiler isn't available. It's not
documented. It's hackery. And the code is gross. You'd be much
better off writing your own; it isn't hard.)

References:
- Re: .Comparing ViaCrypt and freeware.
  - From: peter honeyman <[email protected]>

Prev by Date: Re: Source Code NOT available for ViaCrypt PGP
Next by Date: Re: .Comparing ViaCrypt and freeware.
Prev by thread: Re: .Comparing ViaCrypt and freeware.
Next by thread: Re: .Comparing ViaCrypt and freeware.
Index(es):
- Date
- Thread