The Misperception of Software Reverse Engineering

It is not only that the legality of software reverse engineering is often undeservedly questioned, but it is also the terminology, which correctness is highly questionable. We decided to share a few thoughts on these issues.

Googling for the term “Reverse Engineering” would reveal a batch of fancy terms related to the subject, however, the majority of them (in our opinion) is ambiguously related to reverse engineering. The term “ethical hacker”, for example, defines a so-called “white hat hacker”, which, in turn, is not very meaningful either.

What does the term “hacker” mean at first place? Try asking this question and you will be surprised by the number of incorrect answers even amongst software professionals. The raw definition of the term would be:

A person who enjoys exploring the details of programmable systems and how to stretch their capabilities, as opposed to most users, who prefer to learn only the minimum necessary.

As we may see, there is nothing unethical in being a hacker. The term itself defines a person who strives for progress and innovation.

However, things are less clear when it comes to reverse engineering. Some treat it as an illegal activity (that is the reason such weird terms as “ethical hacker” are in use), although, it is not exactly the truth. It is impossible to clearly state which kind of RE is legal and which is not, simply because different jurisdictions treat this question in a different manner. For the sake of example, let us consider two opposite poles – USA and Russia. The law in the US prohibits any modification to the purchased software product, while the law in Russia allows any modification of the purchased software product, that may be required for the ease of use, as long as such modifications are for personal use only.

In addition to the above paragraph, we have to acknowledge the fact, that sometimes software reverse engineering is an inevitable necessity. Hundreds of malware analysts are performing reverse engineering tasks on a daily basis in order to supply correct information on current threats and so supplying vital information for dozens of Anti-Malware product vendors.

The problem of the legacy code would be yet another good example of a case which hardly may be handled without RE at some point. If the term “legacy code” does not speak to you, then you are a lucky one as many companies have the problem of an old piece of compiled code which does the job but is getting harder to use with modern tools. It is only a matter of human resource if the source code for such problem is there, but if the source code has been lost years ago, then the best solution would be reverse engineering the existing application/module and reimplementing it from scratch.

The above is only a couple of examples of problems we are helping our clients to solve, but in reality, there are many more possible issues that prove the necessity of reverse engineering.

P.S. Visit our software reverse engineering services page if you want to know more about the RE services we provide or contact us if you are in need for assistance with an RE related problem.

Add a comment

HTML code is displayed as text and web addresses are automatically converted.

Page top