
OffensiveCon19 – Alex Ionescu – Keynote – Reversing Without Reversing - peter_d_sherman
https://www.youtube.com/watch?v=2D9ExVc0G10
======
peter_d_sherman
In this 2019 Register article:

[https://www.theregister.co.uk/2019/07/03/reactos_windows_res...](https://www.theregister.co.uk/2019/07/03/reactos_windows_research_kernel_claim/)

"ReactOS 'a ripoff of the Windows Research Kernel', claims Microsoft kernel
engineer"

We read that:

"Axel Rietschin, kernel engineer at Microsoft, has claimed that ReactOS, an
open source operating system intended to be binary-compatible with Windows, is
"a ripoff of the Windows Research Kernel that Microsoft licensed to
universities."

Rietschin, who is currently "Senior Software Engineer (Windows Base Kernel,
Container Technologies)" according to his LinkedIn profile, made the claim in
late 2017, where it was apparently little noticed at the time, and has backed
it up today with a post on Hacker News.

"I think it's a ripoff of the Windows Research Kernel that Microsoft licensed
to universities under an agreement that was obviously violated by some, as the
code has been uploaded to numerous places, some of it on GitHub.

"I glanced at the ReactOS code tree, and in my opinion, there is absolutely no
way on Earth this was written from a clean sheet only from the available
public documentation," Rietschin wrote.

He says that "internal data structures and internal functions, not exported
anywhere and not part of the public symbols, have the exact same names as they
appear in the Research Kernel."

In his recent post, he presents further arguments against ReactOS being a
"clean room" implementation done without reference to the source code. "Macros
names, parameters, etc. never appears in the compiled code. It is … almost
surely impossible that a clean-room reimplementation ends up using macros for
the same things, let alone macros with the same or similar names."

Well, this video can be thought of as the rebuttal by Alex Ionescu to Axel
Rietschin.

And quite the rebuttal it is!

See, without the proper deep understanding, one could easily believe that what
Axel Rietschin is alleging is true, as it seems believable enough.

But watch the video by Alex Ionescu, and see if you don't believe otherwise at
the end...

I think the following quote captures one of his key points:

"o For malware, you usually don't have symbols (usually!)

    
    
         -*For Windows, you do*"
    

But apart from Windows, there's also deep lesson in what Alex is saying, and
it is as follows:

 _If there 's a black box; a mystery, somewhere, wherever that is, whatever
form that takes -- if one is willing to do the necessary research on it over
long periods of time, and accumulate piecemeal pieces of information over that
time, and do the necessary homework and legwork (in whatever forms those
take), then eventually that mystery box will be opened._

This would also be equally true for mysteries in Math, Science, Physics,
Engineering, and other areas in life too...

Alex, I applaud you in your work and diligence!

This is my new favorite video on HN!

~~~
JoeAltmaier
I suppose its possible that somebody did the reverse engineering. But Occams
Razor says, it's more probable that it was as Rietschin is right?

~~~
peter_d_sherman
You might want to have a look at this old HN article, and the corresponding
video:

"How Diablo Was Reverse-Engineered Without Source Code"

[https://news.ycombinator.com/item?id=20340406](https://news.ycombinator.com/item?id=20340406)

