autarky
May 29th, 2013, 09:58
It's been a long time since I've been on here, but it's good to see the site is still going. Anyway, partly based on a desire to document a structured approach to software reverse engineering, partly because I've found the books already out there to be pretty awful, and partly to document some aspects of the culture that have thus far remained unnoted I am aiming to write an SRE book over the next year or so.
Background: I work in IT security (started with malware analysis at an AV company, now do black/grey/white box testing/research), and having had enough of an industry that is normally on the verge of selling snake-oil (if not doing so outright) I am taking an indefinite break from work to do whatever I feel like. I've spent a lot of time over the past 8 years reversing a variety of different things on different platforms (some pretty exotic), and it would be nice to structure and document what I have learned over that period of time.
The book: I already have an outline - rather than being tool or platform focussed, the book will provide a structured, ground-up approach to SRE. My own personal view is that as an engineering discipline SRE significantly benefits from a thorough grounding in the underlying design and implementation principles of computer hardware, operating systems, and software. [I was taught 16bit Intel assembly in the knowledge that once I understood how it worked conceptually, I would be able to apply that conceptual knowledge to other architectures - whether IA32, ARM, or something more exotic]. At any rate, I would start at the basics of computer hardware, and build up from that to the concepts necessary to create an operating system (irrespective of the kernel architecture), to the software platforms built on top of that.
Aside from that, I would like to cover some of the history of the SRE scene, if possible. I know there are people on this forum who have been involved in the scene for a long time now, and I would like to capture some of the history while it is still possible. Culturally and historically this is as important to me as documenting the closely related demo scene [though I've never been involved, I've been aware of the demo scene for a long time, and now films like Moleman 2 are coming out which is no bad thing]. Beyond that, I would also like to cover off 'reality cracking' as well. Whenever I have given internal presentations on reverse engineering I have included reversing adverts due to it being more fun, approachable, and practical for a lot of people who are otherwise being bored by me droning on [I can't remember where the source is, but there was one ad reversing challenge of a woman sat on a wharf/promenade by the sea - I presented this in one talk, and had the joy of someone actually solving it, which was great since I didn't even know what it was an ad for when I picked it]. Anyway, I've followed the information collected at Fravia's old site, and would like to aggregate and build on it if at all possible.
What I need from the willing: I can't write all of it myself, so any help on specific technical areas I'd like to cover that I'm not that au fait with would be greatly appreciated. Beyond that, I have virtually no information on the history of SRE aside from these forums, and a few scant other materials collected from elsewhere. Anyone wanting to give me their own view on that subject would be more than welcome. Any and all contributions/ideas for the reality cracking section would be happily received. Any general requests for content/structure will be considered.
Finally: I intend to release anything under the Creative Commons license - I have no particular interest in either restricting or monetizing this information, and would rather it was for and representative of the SRE community. Anyway, if anyone is interested in helping then please PM or otherwise notify me of your interest. I have a moderately high-level breakdown of the entire structure book that I can share if anyone is interested. Authorship will be noted however you desire - real name, handle, or anonymous. I'm going to be jobless starting from July, so will be starting work in earnest then. I have no idea how to organize multi-user contributions for a project like this, but a wiki may suffice (a la wikibooks).
Gracias a todo,
autarky
Background: I work in IT security (started with malware analysis at an AV company, now do black/grey/white box testing/research), and having had enough of an industry that is normally on the verge of selling snake-oil (if not doing so outright) I am taking an indefinite break from work to do whatever I feel like. I've spent a lot of time over the past 8 years reversing a variety of different things on different platforms (some pretty exotic), and it would be nice to structure and document what I have learned over that period of time.
The book: I already have an outline - rather than being tool or platform focussed, the book will provide a structured, ground-up approach to SRE. My own personal view is that as an engineering discipline SRE significantly benefits from a thorough grounding in the underlying design and implementation principles of computer hardware, operating systems, and software. [I was taught 16bit Intel assembly in the knowledge that once I understood how it worked conceptually, I would be able to apply that conceptual knowledge to other architectures - whether IA32, ARM, or something more exotic]. At any rate, I would start at the basics of computer hardware, and build up from that to the concepts necessary to create an operating system (irrespective of the kernel architecture), to the software platforms built on top of that.
Aside from that, I would like to cover some of the history of the SRE scene, if possible. I know there are people on this forum who have been involved in the scene for a long time now, and I would like to capture some of the history while it is still possible. Culturally and historically this is as important to me as documenting the closely related demo scene [though I've never been involved, I've been aware of the demo scene for a long time, and now films like Moleman 2 are coming out which is no bad thing]. Beyond that, I would also like to cover off 'reality cracking' as well. Whenever I have given internal presentations on reverse engineering I have included reversing adverts due to it being more fun, approachable, and practical for a lot of people who are otherwise being bored by me droning on [I can't remember where the source is, but there was one ad reversing challenge of a woman sat on a wharf/promenade by the sea - I presented this in one talk, and had the joy of someone actually solving it, which was great since I didn't even know what it was an ad for when I picked it]. Anyway, I've followed the information collected at Fravia's old site, and would like to aggregate and build on it if at all possible.
What I need from the willing: I can't write all of it myself, so any help on specific technical areas I'd like to cover that I'm not that au fait with would be greatly appreciated. Beyond that, I have virtually no information on the history of SRE aside from these forums, and a few scant other materials collected from elsewhere. Anyone wanting to give me their own view on that subject would be more than welcome. Any and all contributions/ideas for the reality cracking section would be happily received. Any general requests for content/structure will be considered.
Finally: I intend to release anything under the Creative Commons license - I have no particular interest in either restricting or monetizing this information, and would rather it was for and representative of the SRE community. Anyway, if anyone is interested in helping then please PM or otherwise notify me of your interest. I have a moderately high-level breakdown of the entire structure book that I can share if anyone is interested. Authorship will be noted however you desire - real name, handle, or anonymous. I'm going to be jobless starting from July, so will be starting work in earnest then. I have no idea how to organize multi-user contributions for a project like this, but a wiki may suffice (a la wikibooks).
Gracias a todo,
autarky