I am off to LinuxTag in Karlsruhe, Germany. I hope to see you there!
Category Archives: Reverse Engineering
Sprechen Zie Linux?
I really ought to mention that I will be giving two presentations at LinuxTag, the premier Linux event in Europe:
- Breaking Eggs And Making Omelettes: Intelligence Gathering For Open Source Software Development: Friday, June 24 @ 13:30
- Trash Multimedia On Linux: Thursday, June 23 @ 19:00
Yep, I represent the “Loose Confederation Of Multimedia Hackers”. Distinguished. Anyway, the title of my main talk is clearly inspired by this blog. I plan to present an overview of different techniques used to get at proprietary algorithms needed to implement free software, including, but not limited to, binary software reverse engineering.
The second talk, an evening event, is another of my “Trash Multimedia” presentations where the audience gets to see where multimedia went right and wrong. The emphasis here will be on technologies that were reverse engineered.
So come one, come all! Also, I am by no means the only multimedia hacker scheduled for this event. Some other multimedia-related talks:
- Videobearbeitung mit MLT by Torsten Spindler
- Sex, Lie^Hnux and Video by Torsten Spindler
- FFMPEG by Martin Böhme
- MPlayer – Der Movie Player by Diego Biurrun
- xine – Multimedia aus dem Baukasten by Siggi Langauf
- Free Hardware Implementation of Theora Videoencoder by Andrey Filippov
- VLC Media Player by Benjamin Pracht
- Free software for the digital musician by Christoph Eckert
- Videostreaming in der Gebäude- automation by Silke Berit Lang
- VJing und Videobearbeitung mit LiVES by Gabriel Finch
- DVD Authoring by Ian Pointer
- KDE Multimedia Roadmap by Scott Wheeler and Matthias Kretz
Linspire’s Binary Decoding Modules
One of Linspire’s big selling points is that it supports Microsoft Windows Media decoding out of the box. How does it do this? Several colleagues have written and informed me that Linspire has licensed binary decoding modules from Microsoft. Linspire’s packaged distribution comes with such x86/Linux-native shared objects as libwma2.so, libwma3.so, libwmv2.so, libwmv3.so.
So why is this such a big deal? My informants tell me that the binaries are un-strip’d which means that they have a lot of debugging symbols packaged inside. Thanks, Linspire.
Monitoring The Competition
I learned that this blog ranks highly on Google with the search query “deobfuscating java”. I decided to see what other items come up with such a term. In doing so, I found someone who eats, sleeps, and breathes code obfuscation the same way I do de-obfuscation and reverse engineering.
And if “deobfuscating java” brought you here, this page on Retroguard deobfuscation is the reason.
Meet Paul Tyma, Ph.D. I became aware of him through this I, Cringely column entitled “Misinterpretation”. Tyma and his company PreEmptive Solutions have developed code obfuscators for both the Java and .NET languages. The article notes that one technique under development (possibly already deployed?) is called “Program State Code Protection”. From what I can discern, it almost sounds like self-modifying code for Java. I would be interested to see it in action.
Further, the company has 2 patents assigned to it:
- 6,102,966: Method for renaming identifiers of a computer program
- 5,903,761: Method of reducing the number of instructions in a program code sequence
Tyma also has an article in a Java publication entitled “The New Obfuscation”. This piece presents some examples of code mangling that are difficult to decompile and would be almost impossible to recompile.