I was reading up on this year’s Pwnie Awards — hoping that no nominations dealt with any software that I’m directly involved with — when I noticed someone named Fravia was up for a Lifetime Achievement Pwnie.
I remember Fravia, or really, his site. Back in 2000 when I became interested in reverse engineering due to its necessary if tangential relationship to understanding multimedia technology, I took to the web to search for tips. Fravia’s site was one of the first I found. It was apparently a goldmine of RE knowledge. But I could never know for sure– I always found the place packed with impenetrable jargon without a glossary in sight.
Further, the site seemed to focus primarily on how to reverse engineer relatively simple stuff– copy protection schemes and key generators. The targets I was — and remain — interested in tend to involve reasonably complicated mathematical algorithms compiled into machine code. Different domain, different challenges.
I think Fravia’s site was where I read an interesting document for programmers who wished to thwart reverse engineers. One tip was to load your program with blocks of NOP instructions. Apparently, these are harbingers of self-modifying code and in the context of counter-intelligence, a reverse engineer will go nuts anticipating and seeking out such aberrant code.
Fravia is no longer with us, having passed away in May of this year. His site lives on, as engimatic, baffling, and aesthetically unsophisticated as I remember it being 9 years ago. It seems to have shifted focus somewhere along the line to studying how search engines operate. I wonder if all that RE knowledge is lost forever (or perhaps buried deep in the internet archive which doesn’t make it much more useful).
In a way, Fravia was an inspiration for me– In addition to multimedia tech information, I wanted to publish data on practical reverse engineering matters so that other people could get up and running as quickly as possible without having to wade through weird jargon.
He will be sorely missed, rest in peace +fravia.
He will be missed for sure.
RIP Fravia
Oh and Woodmann has some sort of archive/mirror of the old RE pages.
http://71.6.196.237/fravia/what_new.htm
Hmm, isn’t it easy to find out if a block of code is ever overwritten?
On the other hand, if you don’t write self-overwriting code, a block of nop is just a handy place to put some stuff there while dissecting it.
I don’t really see any practical use of simple nops.
Adding redundant code that does nothing, just moves stuff around, now THAT is annoying.