

Analysis of the Comodo hacker's manifesto - trotsky
http://erratasec.blogspot.com/2011/03/comodo-hacker-releases-his-manifesto.html

======
moxie
My analysis: This Comodo RA got hacked by a script kiddie, and it probably
happens all the time.

~~~
ianhawes
Agreed. He got lucky.

~~~
hckrnewsx
Have you ever thought why no one else wasn't such lucky? It's not luck, stop
taking it so easy.

~~~
ianhawes
Did it ever occur to you that perhaps there were other people exploiting the
same weakness, and this arrogant prick was the only one caught?

------
mukyu
> People believe that once you compile human readable "source" code,

> that humans can no longer read the resulting binary "object"

> code. That is in incorrect. Code can easily be decompiled

> back to (nearly) the original source. In our (Errata

> Security) pentests, we regularly find embedded usernames and

> passwords that nobody believe hackers can read. It usually

> takes us less than 5 minutes.

Really now? When you are talking about .NET assemblies this is close to true
(in some cases). Not so much for C. So much for a "high-end cyber security
consulting company".

~~~
daeken
Decompilation of native code for x86 and ARM has gotten pretty damn good these
days. I still prefer to read straight disassembly, but Hex-Rays has raised the
bar in recent years. For all intents and purposes, you can decompile non-
obfuscated functions back to effectively original source, barring type
propagation issues (which still plague Hex-Rays, sadly).

~~~
alexgartrell
I'll add for the un-initiated that the ability to read and reverse engineer
assembly dumps doesn't require witch craft or use of the force; it's pretty
easy. At CMU, it's taught to sophomore Computer Science and Electrical and
Computer Engineering Majors [1]

[1] <http://csapp.cs.cmu.edu/public/bomblab.pdf>

~~~
daeken
Agreed. My standard recommendation to those interested is to read the book
Reversing by Eldad Eilam (Amazon referral link warning:
[http://www.amazon.com/gp/product/0764574817/ref=as_li_ss_tl?...](http://www.amazon.com/gp/product/0764574817/ref=as_li_ss_tl?ie=UTF8&tag=iha0a-20&linkCode=as2&camp=1789&creative=390957&creativeASIN=0764574817)
)

I'm also always willing to help people out here -- if anyone is interested in
reversing, feel free to email me.

------
burrows
I don't understand why anyone should care what 'errata' thinks.

This is some of their past research. <http://www.erratasec.com/research.html>

Really.

------
hckrnewsx
errata's analysis is good, no reason to not accept it. About hacker, we should
accept he did something which seemed impossible to most of us, so stop taking
is job easy, instead of it suggest solutions for prevention of such attacks in
future

