If you're reading this on a desktop or laptop system (rather than a
phone), then you are most likely using an "IBM PC Compatible" even if
you're using an Intel based Apple, and hence, you're using the fruits of
completely legal reverse engineering.
The way to do reverse engineering legally is to have one team reverse
engineer the target and completely document how it works. Once it's
documented, another disconnected team writes a new implementation from
the documentation. This process is how you're using an IBM PC
Compatible today, so yes, reverse engineering for compatibility is
If there is a patented algorithm required, it's not a sure thing. There
are most likely compatible ways around the patent, but there's also the
fact that the patent is only valid in the US. With open source hosted in
some other country, who are you going to sue? The users in the US?
--Nope, users are the ones paying for skype.
You might say, "But we forbid reverse engineering in our license!!!"
Contract clauses forbidding reverse engineering are invalid in many
countries and jurisdictions, and of course, you also have to prove the
other party agreed to the contract/license. With this said, it's very
easy to create a international jurisdictional nightmare to render any
such contract clause tactically impossible to enforce.
The easiest way to think about this is security research. The folks
finding and reporting exploitable flaws in software are obviously
reverse engineering it. Occasionally companies have tried to legally go
after people who have published security research on their products, but
usually this ends very badly for the company. Additionally, doing
security research is protected use in some countries and jurisdictions.
In short, competition is good for markets, and competing by studying and
mimicking the competition is both normal and legal.
For the "rights" advocates out there, there are legal problems with the
three file downloads available:
1.) According to the first file name, the original binaries are being
redistributed which may be (and usually is) against the license terms
and default rights granted by copyrights.
2.) The IDA Pro database (most likely) contains the entire target
binary, so you do have (illegal) redistribution of a copyrighted work.
You can load only parts of a target binary into IDA, but that doesn't
matter since it is still a portion of the original work. As for whether
or not said portion could fall under fair use is debatable (i.e.
lawsuit). In general usage, the entire binary is loaded, since without
it, you're limited to static analysis (i.e. no debugging).
3.) Decompilation, and to a lesser degree disassembly, are equivalent to
"machine translation" in the sense of copyright. Creating a translation
is considered creating a "derivative work" and unless you have been
given rights to create derivative works, then you're in trouble. One of
the comments here on HN claims the "source code" file is the output of
the Hex-Rays Decompiler.
I've never used skype and I've never read their license so I don't know
if they specifically allow redistribution.
I have no love for skype or microsoft, but if this had been done
CORRECTLY by releasing written documentation so an entirely new
implementation could be written, then I'd have no problem with it.
There are right ways and wrong ways to legally create compatible (open
source) software through reverse engineering, and this is a perfect
example of the wrong way.
Just a bit.
Yes, it is a common silly practice that stems from the real madness that are copyright laws. Considering that the documentation passed between the two teams contain all the informations to make the software work correctly, I wonder what makes it different from a source code. I could easily write a code generator that would be fed a "documentation" file and generate the C code that creates the final program. Hell, a C program is a specification on how to generate a given binary code. I wonder how often this really happens behind the doors at these "clean room implementation" teams.
The IDA Pro disassembler and the Hex-Rays decompiler are not only very
expensive tools, but they are very difficult to purchase. Due to
constant problems with piracy, these days they will only sell their
products to three areas; (1) governments/law enforcement, (2) very well
established corporations (typically well known security research
people), (3) very well established university researchers.
Typically, they refuse to sell to individuals, but there is a fourth
class of customers who are individuals; very old customers like me who
have a perfect track record of maintaining possession of their copy of
Every copy of the software is custom compiled and watermarked so it
is traceable to a particular person. Every database created by the
software is also watermarked, so when someone who is not a licensed
customer publishes a database (.idb), the software can be traced and
the account will be terminated (i.e. no further purchases allowed).
When someone does something blatantly stupid like disassembling and
decompiling skype then publicly making all of the files available, it is
fairly certain that they are using a illegal copy of the software. They
do not understand what they're doing. They do not understand the tool
they are using. And they don't have any respect for either the tool or
the work of others. --All of this loudly screams PIRATE!
The pirates either don't know about or don't care about the watermarks
in the databases they create. They don't realize that publishing a
database is discouraged. I've never heard of a case where a database
watermark was successfully forged (i.e. pin the blame on someone else),
but a cracker named "Quine" once successfully removed the watermarking
in IDA back in the late 90's.
The "correct" method to publicly share the research work done in IDA is
to dump the database to an IDC script (an internal language), then
provide the IDC script and the target binary. Customers know this, or at
least they should. With that said, friends do toss databases back and
forth on occasion, but that's a matter of trust between friends where
both of them are customers. Some people in the InfoSec and AntiVirus
crowds exchange databases, even across competing corporate lines since
they're all working together towards the same goal and they've known
each other for years.
This copy of IDA was probably pirated for the same reason Photoshop is usually pirated: because it's expensive. But you don't know it was pirated.
Also: by editing your comments to account for the responses, you make the thread incoherent. I'd appreciate it if you wouldn't do that, or, at least, if you must do it, to do so in corrections at the end of your comment. It's fine to be wrong. I'm wrong all the time.
Even so, Hex-Rays does sell to individuals. It's not even necessary to ask Ilfak: if copies are being sold to individuals, then they sell to individuals. And those copies are being sold. Here's a picture of my CD, purchased this year, as an individual: http://dl.dropbox.com/u/3177211/idaomg.png
You really think this is because they want to safeguard the public or something?
Thank you for the insight into your field. Now I'm sorely tempted to try my hand at decompilation.
My point is that it is not possible to know for sure if the user of a pirated software is indeed a pirate, as there are reasons of privacy to use these editions of the IDA (as well as the most common one of just not paying for it in the first place.)
As to the question of whether Bushmanov has used a pirated edition of IDA for his work, it's interesting to note that the distributed .idb files are in two different formats - as far as I can tell versions 5.2 and 5.5, but the license key is the same for both: A2-86E4-B9BB-D3. It's not one I recognise from any of the common pirated versions but I suppose only Ilfak could tell for sure.
|*| Skype 4142 Decompression v1.002 by Sean O'Neil.
|*| Copyright (c) 2004-2009 by VEST Corporation.
|*| All rights reserved. Strictly Confidential!
|*| Date: 29.10.2009
some info about this corporation and Sean O'Neil: http://en.wikipedia.org/wiki/VEST
the official web page points to beach resort?!?
edit2: same guy: http://cryptolib.com/ciphers/skype/
Has someone more information about that?
Even OOo/LO .doc support is based on 1-2 FTE revEngs (which btw is dumped mfc/w32 memory on a FAT, but read Sun/IBM anyway).
The team will write a public spec, print it out on paper, and another team Down and Under will scan it and create new code (think RSA patent export). The skype protocol has long been reverse engineered and is available to several parties.
I can understand that exploration/implementation division as a preemptive "don't sue us" move, but do US copyright really provide that such strong protection that someone who has looked at a decompilation can't be writing an independent implementation? It seems to me the writing an implementation with a different structure or in another language ought to be different enough for copyright reasons.
Not if you are booting via EFI, for example if you are booting Mac OS X on an Apple.
So you'd Skype's co-operation to do this? They are able to prevent reverse engineering by not writing the documents?
Suppose you and I work for the same company. I bust open Skype through decompilation, reading memory, the network, whatever trick I want. With that, I write documentation for how Skype's protocols work.
You read my documentation, and implement it in a new program. Since we haven't talked, and you've never seen a line of Skype's code, you haven't infringed on any copyrights.
It is important to note, though, that this does not necessarily protect us against a patent suit.
it would be nice to see linphone be able to talk to skype people...