2004-02-09 Reverse Engineering: Basic Hardware and Software Techniques http://conferences.oreillynet.com/cs/et2004/view/e_sess/4823 On reverse engineering trade secrets: "People have been trying to figure out the recipe for Coca-Cola for years. Once they get it, it's out there, it's over with." I like the idea of hardware debuggers where you can stop the chip and single step it: see the stacks etc, see what's being called. The von Neumann chip as Newtonian universe -- get the velocity and momentum of every particle and predict the future (which is odd, given he based it on the idea of the brain). coding exploits: - buffer overruns, integer overflows, heap overruns get code into a machine: - use regular IO to insert code (init, save files, network traffic, buggy IO (buffer overrun)) get machine to run the code: - changing a linkage pointer somehow - debug back door bit of info about how assembly code gets made: how does bar = foo(char a, char b) most things use a stack, apparently. pus caller pushes arguments in reverse order on stack caller pushes "return pointed" onto stack (return pointer is key to exploit) there's more info about how loops work [this is work checking into, i think: how to flatten executables/real-world-simulations into a linear thing, the turing machine. computers are a flattened version of reality (along one axis). the production line idea that numbers can represent properties and we can drop the physical nature entirely, process, then add onto the physical thing again (okay, so that's it: the object/method metaphor is that object+method is *linear*. it aint.). there's a further flattening that happens which is that meshwork executations [uh, systems] can be flattening into a turing ribbon. there's probably a linear<->nonlinear spectrum going on here too, and we're just focused on the linear end, forgetting that there's anything else out there. there'll be a big jump once we figure out how to analyse those systems, cf the "discovery" of chaos theory, complexity, fractals. i wonder how long it'll take? <100 years i reckon.]