Category Archives: Reverse Engineering

Brainstorming and case studies relating to craft of software reverse engineering.

VP7: On2 Just Won’t Quit

I was just thinking the other day about whether On2 would release VP7. This is the organization that brought us TrueMotion 1, TrueMotion 2, VP 3.0, VP 3.1, VP 4.0, VP 5.0, VP 6.0, and VP 6.1, not to mention VP 6.2. VP70 just seems like a natural progression.

What does ‘VP’ stand for anyway? I have never read any definitive answer. However, if On2’s technology focus is any clue, it stands for “Video Predictor”, owing to On2’s almost religious devotion to prediction-based compression algorithms.

Michael Roitzsch tipped me off that On2 has, indeed, unleashed their VP7 codec upon the world. True to form, their literature asserts that VP7 “rUleZ!!1!” and that “MicRo$$oFt is teh suck!1!!!” (slightly paraphrased, they state their points using graphs).

Continue reading

Brute-Force Reverse Engineering

Many have postulated on a program that can take the machine code of a binary program and automatically translate it to C. I am not talking about elegant C, with proper indentation and control loop structures. I mean C that looks like it was directly translated from ASM, GOTO statements and all. When you start reverse engineering i386 code and extracting algorithms from it, you very quickly notice the tight ASM-C relationship. It’s no wonder that C is sometimes referred to as “portable assembly language”. ASM constructs map quite cleanly into the C language (or is it the other way around?).

Based on that, why can’t we write a program that automatically converts those low-level ASM instructions into a series of C statements? Then it could be compiled for any CPU architecture. Personally, I have traditionally been opposed to this idea, simply on the grounds that one of my overriding goals is actually understanding the underlying technology that I am reverse engineering.

However, I also realize that intelligence-gathering is an essential component of reverse engineering activity. To that end, this type of program could be another tool in the RE toolbox, another way to look at the problem. I would call this approach brute-force reverse engineering since it might– just might– be workable, but not elegant by any stretch of the imagination. Let’s call this hypothetical program “BFRE”.

Continue reading

Apple Lossless Audio Codec RE’d (now in FFmpeg)

David Hammerton reports that he has successfully reverse engineered Apple’s custom proprietary lossless audio codec which goes by the fourcc ‘alac’. Source code is here. Hopefully, it will be integrated into FFmpeg in short order and be accessible to all libavcodec-using programs.

And– would you believe it?– it looks an awful lot like other lossless audio codecs in terms of underlying algorithms.

Update, early, early on March 6: It took me the better part of March 5, but ALAC is in FFmpeg’s libavcodec and ready for all the programs that depend on libavcodec.

Reverse Engineering Cookies

No, not web cookies– the title refers to reverse engineering cookies and other recipes. I was browsing the catalog of the high-end Harry & David gourmet food shop– you know, the kind of stuff that looks so delectable but is so exorbitantly expensive that you would never consider buying it for yourself. I found these cookies called fruit galettes that looked absolutely delightful but were outrageously priced at $26/lb. They seem to have come down in price to $20/lb since then, which still seems a bit steep for what is apparently 2 round butter cookies glued together with some kind of fruit jelly.

Based on that RE analysis (butter cookies and jelly), I set out to recreate the cookie recipe myself. The reason I bring this up is because Valentine’s Day just came and went and that meant it was time for a big batch of heart-shaped fruit galettes!

See all the juicy details over at another of my blogs, Infinite Flour.

heart-shaped fruit galettes