The last thing that glued me to my seat like this was maybe 10 years ago.
Good to have had that feeling again. Hope they make a 2019 version! :)
To my novice eyes it seems that reverse engineering is more of an academic exercise and I don't see any direct ways to commercialize that skillset. How do you make a living doing this? Are you essentially paid a stipend to conduct fundamental research (finding zero days) that is inherently risky (no exploits = no return on investment)?
I work as a Python programmer building scientific apps (so not security-related or systems programming at all), but at work every so often we're confronted with legacy code in binary form, or particularly nasty segfaults, etc. The thing with abstractions is that every so often the lower levels bleed through. At times like these, if you know your way around gdb, the ELF format, linking conventions, and can reason in assembly, you'll find yourself highly sought-after.
It gets even more fun when things work nicely on Linux and go haywire on Windows. Often there are no docs on Windows, so you need something who is ready to crack their knuckles, fire up IDA pro, and descend into the 7 circles of hell.
There are also things like anti-cheat which requires reversing the cheats that are used and reversing the os to figure out methods you can use for detection.
Somewhat related to that, there's antimalware which is based upon the same principles.
Competitive analysis, reversing someone else's product so you can determine how they do stuff compares to how you do stuff. Some companies will even analyze a competitors product and then reimplement parts of it, you just have to be careful with copyrights and patents.
Fixing compatibility issues is also a thing. For example, GOG hires reverse engineers to get old games running on modern versions of windows.
Reverse engineers are also sometimes hired to make two pieces of software interoperate. Take for example, an oscilloscope that saves traces in a proprietary format, and a data visualization tool that uses a different proprietary format. A reverse engineer could reverse the details of the two formats and make a tool that converts in-between.
There are also antivirus developers who reverse engineer malware that doesn't necessarily target a particular class or group of users.
I've also met a reverse engineer who works with cases where proprietary software publishers have lost their old source code (this is really a thing!).
One way to see this without running the program is look for where $ebp-0x24 is set:
1210: c7 45 dc 07 00 00 00 mov DWORD PTR [ebp-0x24],0x7
It's a free and open source set of tools specifically for reverse engineering.
There are some commercial options as well such as HexRays IDA Pro (probably the defacto standard tool) and binary ninja.
I don't see that defined anywhere in the article.
From some googling, I guess it's a "Capture the Flag" challenge?
It's worth stepping back and explaining that general concept.
It's a constructed exercise, as opposed to a "live" situation.
Yes, the goal of these is to obtain a flag.
Even if some people post comments like that as a trope, some - if not many - post them sincerely. I think the original criticism makes perfect sense: an article for beginners might better benefit its readers if it offers just a simple sentence or even link that briefly explains what the topic is before delving into its details. I personally have read a number of articles where I've encountered this problem, despite my familiarity with the given topic.
Also, I think it benefits the HN community at large if we try our best to read people's comments in a positive light, within reasonable, and encourage giving and receiving constructive criticism from one another.
Speaking of bad faith, how about some benefit of the doubt?
My comment was not meant to be critical, but helpful for others who might have that same nagging question in the back of their mind while they read the article: "But what are CTFs"?
It might be obvious to you, but I couldn't tell if CTFs were some RE tool, a part or category of ELFs, or some other binary format (and I do indeed know a thing or two about Linux/Engineering/Electricity)
Probably a better comment could have been "Great overview, very helpful, but I had to google CTFs: Capture the Flag".
Let me know if that would have set off any other "hn trope" triggers for you....Sheesh