I wouldn't venture to say this doesn't belong on HN since it really is
interesting (if it was actually done correctly), but the files available
for download are most likely illegal, were most likely created with
pirated tools (IDA Pro/Hex-Rays, and yes, as a customer of theirs for over a
dozen years I've reported it), and of course, the usual vilification of
If you're reading this on a desktop or laptop system (rather than a
phone), then you are most likely using an "IBM PC Compatible" even if
you're using an Intel based Apple, and hence, you're using the fruits of
completely legal reverse engineering.
The way to do reverse engineering legally is to have one team reverse
engineer the target and completely document how it works. Once it's
documented, another disconnected team writes a new implementation from
the documentation. This process is how you're using an IBM PC
Compatible today, so yes, reverse engineering for compatibility is
If there is a patented algorithm required, it's not a sure thing. There
are most likely compatible ways around the patent, but there's also the
fact that the patent is only valid in the US. With open source hosted in
some other country, who are you going to sue? The users in the US?
--Nope, users are the ones paying for skype.
You might say, "But we forbid reverse engineering in our license!!!"
Contract clauses forbidding reverse engineering are invalid in many
countries and jurisdictions, and of course, you also have to prove the
other party agreed to the contract/license. With this said, it's very
easy to create a international jurisdictional nightmare to render any
such contract clause tactically impossible to enforce.
The easiest way to think about this is security research. The folks
finding and reporting exploitable flaws in software are obviously
reverse engineering it. Occasionally companies have tried to legally go
after people who have published security research on their products, but
usually this ends very badly for the company. Additionally, doing
security research is protected use in some countries and jurisdictions.
In short, competition is good for markets, and competing by studying and
mimicking the competition is both normal and legal.
For the "rights" advocates out there, there are legal problems with the
three file downloads available:
1.) According to the first file name, the original binaries are being
redistributed which may be (and usually is) against the license terms
and default rights granted by copyrights.
2.) The IDA Pro database (most likely) contains the entire target
binary, so you do have (illegal) redistribution of a copyrighted work.
You can load only parts of a target binary into IDA, but that doesn't
matter since it is still a portion of the original work. As for whether
or not said portion could fall under fair use is debatable (i.e.
lawsuit). In general usage, the entire binary is loaded, since without
it, you're limited to static analysis (i.e. no debugging).
3.) Decompilation, and to a lesser degree disassembly, are equivalent to
"machine translation" in the sense of copyright. Creating a translation
is considered creating a "derivative work" and unless you have been
given rights to create derivative works, then you're in trouble. One of
the comments here on HN claims the "source code" file is the output of
the Hex-Rays Decompiler.
I've never used skype and I've never read their license so I don't know
if they specifically allow redistribution.
I have no love for skype or microsoft, but if this had been done
CORRECTLY by releasing written documentation so an entirely new
implementation could be written, then I'd have no problem with it.
There are right ways and wrong ways to legally create compatible (open
source) software through reverse engineering, and this is a perfect
example of the wrong way.
HN is an internationally read site. Things that are illegal in some countries are not illegal in others. As responsible citizens, it is up to the individual to not engage in illegal activities in the region said individual is in.
"The way to do reverse engineering legally is to have one team reverse engineer the target and completely document how it works. Once it's documented, another disconnected team writes a new implementation from the documentation."
Yes, it is a common silly practice that stems from the real madness that are copyright laws. Considering that the documentation passed between the two teams contain all the informations to make the software work correctly, I wonder what makes it different from a source code. I could easily write a code generator that would be fed a "documentation" file and generate the C code that creates the final program. Hell, a C program is a specification on how to generate a given binary code. I wonder how often this really happens behind the doors at these "clean room implementation" teams.
Yes, but the Hex-Rays decompiler is not. I can't touch the files, so I can't tell you what version was used, but in the comments here, there is a claim that the supposed source code is Hex-Rays output.
I think you actually want two answers, the question you asked and "why
The IDA Pro disassembler and the Hex-Rays decompiler are not only very
expensive tools, but they are very difficult to purchase. Due to
constant problems with piracy, these days they will only sell their
products to three areas; (1) governments/law enforcement, (2) very well
established corporations (typically well known security research
people), (3) very well established university researchers.
Typically, they refuse to sell to individuals, but there is a fourth
class of customers who are individuals; very old customers like me who
have a perfect track record of maintaining possession of their copy of
Every copy of the software is custom compiled and watermarked so it
is traceable to a particular person. Every database created by the
software is also watermarked, so when someone who is not a licensed
customer publishes a database (.idb), the software can be traced and
the account will be terminated (i.e. no further purchases allowed).
When someone does something blatantly stupid like disassembling and
decompiling skype then publicly making all of the files available, it is
fairly certain that they are using a illegal copy of the software. They
do not understand what they're doing. They do not understand the tool
they are using. And they don't have any respect for either the tool or
the work of others. --All of this loudly screams PIRATE!
The pirates either don't know about or don't care about the watermarks
in the databases they create. They don't realize that publishing a
database is discouraged. I've never heard of a case where a database
watermark was successfully forged (i.e. pin the blame on someone else),
but a cracker named "Quine" once successfully removed the watermarking
in IDA back in the late 90's.
The "correct" method to publicly share the research work done in IDA is
to dump the database to an IDC script (an internal language), then
provide the IDC script and the target binary. Customers know this, or at
least they should. With that said, friends do toss databases back and
forth on occasion, but that's a matter of trust between friends where
both of them are customers. Some people in the InfoSec and AntiVirus
crowds exchange databases, even across competing corporate lines since
they're all working together towards the same goal and they've known
each other for years.
This copy of IDA was probably pirated for the same reason Photoshop is usually pirated: because it's expensive. But you don't know it was pirated.
Also: by editing your comments to account for the responses, you make the thread incoherent. I'd appreciate it if you wouldn't do that, or, at least, if you must do it, to do so in corrections at the end of your comment. It's fine to be wrong. I'm wrong all the time.
That is simply incorrect. I do not "know" Ilfak. I just emailed him, discussed the cost of a student license, provided proof of being a student, and filed an order form for IDA Pro Standard 6.0. The only thing that at all fits with your story is that a bank transfer was required, instead of paying by credit card, but I believe that is only for students.
Even so, Hex-Rays does sell to individuals. It's not even necessary to ask Ilfak: if copies are being sold to individuals, then they sell to individuals. And those copies are being sold. Here's a picture of my CD, purchased this year, as an individual: http://dl.dropbox.com/u/3177211/idaomg.png
That is incorrect. I purchased IDA Pro as an individual this year, and I am a simply a student interested in reverse engineering. (I believe what you are saying may be true for the "advanced" version, but from what I can tell anyone can purchase IDA Pro Standard.)
Assuming that the deleted parent is about the difficulty of purchasing IDA, as you know, it's only somewhat incorrect. I have wanted to buy IDA for almost a year now, but Hex-Rays is very picky about how they receive their money; I could probably arrange for it somehow but it is an completely inordinate amount of hassle. (And no, bank transfers are not only required with a student discount; I was willing to pay twice as much to avoid the requirement but it wasn't possible.)
Improving our tools is part of our birthright and responsibility; being able to modify and learn from software is a natural outgrowth of that. We of all people should not respect work intended to discourage collaboration by anyone who isn't "established" (granted the privilege of relating to software as a human being, not just a consumer).
Thank you for the insight into your field. Now I'm sorely tempted to try my hand at decompilation.
I've purchased IDA Pro for years for legitimate reversing work, but on the rare occasion that I need to do some more dodgy work for clients, where I don't want to reveal any identity (previously name, now license number) via the watermarks in the database, I will use a pirated version of the software.
My point is that it is not possible to know for sure if the user of a pirated software is indeed a pirate, as there are reasons of privacy to use these editions of the IDA (as well as the most common one of just not paying for it in the first place.)
As to the question of whether Bushmanov has used a pirated edition of IDA for his work, it's interesting to note that the distributed .idb files are in two different formats - as far as I can tell versions 5.2 and 5.5, but the license key is the same for both: A2-86E4-B9BB-D3. It's not one I recognise from any of the common pirated versions but I suppose only Ilfak could tell for sure.
yeah, the author of the blog post said the stuff he has came from VEST. so it's basically a POC based on the code released 2 years ago. if you google it there's a blog post by some other random guy who made a python plugin and some POC code from that stuff too
You are mentioning Compaq BIOS. Think Samba though.
Even OOo/LO .doc support is based on 1-2 FTE revEngs (which btw is dumped mfc/w32 memory on a FAT, but read Sun/IBM anyway).
The team will write a public spec, print it out on paper, and another team Down and Under will scan it and create new code (think RSA patent export). The skype protocol has long been reverse engineered and is available to several parties.
I'm not a US citizen or a lawyer but is the separation of implementation and exploration really required by the copyright laws (ignoring patent issues)?
I can understand that exploration/implementation division as a preemptive "don't sue us" move, but do US copyright really provide that such strong protection that someone who has looked at a decompilation can't be writing an independent implementation? It seems to me the writing an implementation with a different structure or in another language ought to be different enough for copyright reasons.
>If you're reading this on a desktop or laptop system (rather than a phone), then you are most likely using an "IBM PC Compatible" even if you're using an Intel based Apple, and hence, you're using the fruits of completely legal reverse engineering.
Not if you are booting via EFI, for example if you are booting Mac OS X on an Apple.
The way to do reverse engineering legally is to have one team reverse engineer the target and completely document how it works. Once it's documented, another disconnected team writes a new implementation from the documentation.
So you'd Skype's co-operation to do this? They are able to prevent reverse engineering by not writing the documents?
Suppose you and I work for the same company. I bust open Skype through decompilation, reading memory, the network, whatever trick I want. With that, I write documentation for how Skype's protocols work.
You read my documentation, and implement it in a new program. Since we haven't talked, and you've never seen a line of Skype's code, you haven't infringed on any copyrights.
It is important to note, though, that this does not necessarily protect us against a patent suit.
If it is done correctly, co-operation from skype is not required. The team that does the reverse engineering will write the specs and documentation from what they learn by examining and analyzing the executable binaries.
While you are correct about this particular instance of RE, I want to just take this opportunity to remind you that hands-on black-box RE is the technique used to create many of the drivers you see in Linux and BSD. Prior to AMD and Intel releasing video card documentation, every video card supported through community drivers was usually best-understood through RE experiments.