Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

I have always been confused as to what level of reverse engineering is legally acceptable in this case. Is having a sneak peak at one of the win32 dlls with IDA or Radare allowed? Or, are you expected to re-invent the wheel based on documentation and observed behaviour? In the case of the former, how can it be conclusively legally proven that it was not reverse engineered (from machine code)?



In the U.S. it is perfectly legal to reverse anything that you obtained legally.


Not if you agree to an EULA that explicitly prohibits it. See https://en.wikipedia.org/wiki/Bnetd#Blizzard_takedown_demand...

And https://en.wikipedia.org/wiki/Bowers_v._Baystate_Technologie....

Note that pretty much any EULA I've seen in the past 10 years has had an anti reverse engineering clause.


In that case, considering that even the undocumented methods are exported from the respective DLLs, these can easily be identified and their workings can be figured out by perusing the machine code. Access to source code, stolen or otherwise, is not really required. Also, as compatibility is ReactOS' goal, even identical bugs can't be credible evidence.


Reversing is one thing, distributing copies of reverse engineered IP is another. I am pretty sure that is not a good idea unless the terms under which you obtained the product explicitly allow it.




Consider applying for YC's Fall 2025 batch! Applications are open till Aug 4

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: