Kilby
April 15th, 2003, 08:16
After responding to a post in the newbies section, I have decided to pose these questions in the off topic section.
1: Is the current knowledge base becoming to constricted in the RE community ?
2: Are we ourselves making things too complecated for our own good ?
-----
1:
Cue Grandad Kilby,
When I started off I wanted to convert tape based games to microdrive or disk, there where very few apps to get interested in, and even less reason to actually own them.
Later game training turned up.
It was simple at first, load the file and save to disc.
Then came custom loaders, then SMC, encryption, passwords and even API redirection
All the same things that you are seeing these days.
The difference was that there was no processing power and almost no memory, you where happy if you had a few hundred bytes free to work on a target. You developed a lot of lateral thinking, such as hiding code in display ram, writing custom tape & disk routines, writing your own disc copiers. What I am trying to say is you had to have a very wide range of knowledge and abilitys.
Now it sems that many people get upset if there isn't a handy API to break on with a jnz right after it.
All the lateral thinking seems to have vanished.
Apart from Damn and tE! nobody really seems to look for holes in the publishers crypto implementation for example. It all seems to be a couple of nops or a game of hunt the API call.
I honestly think there needs to be a little more thinking as I have watched the departure of some of the "more interesting and able" scene members.
Yes there are interesting folk on the way, but there are less of them every year, for the first time I really think I see what Fravia truely intended.
It's all so bland & generic that I am in a quite withdrawn phase currently. It's simply not very interesting.
First there was visual programming, now it feels like visual reversing has arrived
For the most part the folk in the ripping scene are probably doing the most interesting stuff at the moment (when they start playing with bigfiles anyway).
-----
2:
This may not be fair as the original discussion was in the newbies section, but as we know much of the interesting 'work' happens there anyway.
What prompted this was regarding an app that terminated after 4 minutes of use.
There where replys there from folks who know more about packers, API redirection, code injection and stuff, than I know (and I suppose that wouldn't be hard either).
However what struck me was that although inteligent suggestions where being made but it was all so complicated, and it didn't have to be that way.
It's like the music scene in the 70s where any real innovation had turned into bands like Supertramp & Yes. Basically lots of clever people doing clever things, but losing sight of the fact that a 3 chord song with a decent 3 piece bvand, can be much more effective than a classicly trained 12 piece band with all the latest kit.
Only one other person really looked at the fact that ther ewas a counter, and that the value the counter started at (or indeed ended at) was unimportant and that was disavowed, but even he made issue more complex than it should have been.
The important fact is that there is a counter !
The API used to determine when to decrement that counter dosn't matter.
Step away from APIs, crypto functions, API redirection, IDT & SICE detection and think about what uses counters. Games use them, for lives, ammo and all that shit. So get a copy of gamehack and off you go. It's a small (and imperfect) example of the RE community ignoring simplicity, and making their own lives harder in the process.
This is not intended to criticize anybody, but are we actually patting ourselves on the back too much about how clever we are ?
I personally am always in danger of dissapearing up my own arse with some of the overly complex ideas I come up with.
After all Alexys cleverness in asprotect (for example) is undone by his own customers not using what he provides.
If Alexy dropped all the double dip, hiding of the OEP and API redirection, and his customers used his license manager and asprotect API properly, would asprotected apps be any harder to deal with ? TOO DAMN SURE IT WOULD.
Things would be much worse even if his customers used a new private key for each major update so there whern't loads of blacklisted serials carried around to make it easy to dump anyway. It costs nothing at all to email out updated serials to all your registered customers.
In reality it no great hassle to the customer (if done properly), als they also like to know that when they pay for an app, that everybody who uses the same app has had to pay the same price. Otherwise they think "well why should I be the only paying customer."
Yes we do have over complex systems before anybody thinks I am suggesting otherwise, but always keep the goal in mind. A few minutes thinking can save hours of work, especially if you work outside the accepted norm.
Sorry if this is overly long I may be a grumpy old bastard today, but I don't want to see talent wasted.
Kilby...
1: Is the current knowledge base becoming to constricted in the RE community ?
2: Are we ourselves making things too complecated for our own good ?
-----
1:
Cue Grandad Kilby,
When I started off I wanted to convert tape based games to microdrive or disk, there where very few apps to get interested in, and even less reason to actually own them.
Later game training turned up.
It was simple at first, load the file and save to disc.
Then came custom loaders, then SMC, encryption, passwords and even API redirection
All the same things that you are seeing these days.
The difference was that there was no processing power and almost no memory, you where happy if you had a few hundred bytes free to work on a target. You developed a lot of lateral thinking, such as hiding code in display ram, writing custom tape & disk routines, writing your own disc copiers. What I am trying to say is you had to have a very wide range of knowledge and abilitys.
Now it sems that many people get upset if there isn't a handy API to break on with a jnz right after it.
All the lateral thinking seems to have vanished.
Apart from Damn and tE! nobody really seems to look for holes in the publishers crypto implementation for example. It all seems to be a couple of nops or a game of hunt the API call.
I honestly think there needs to be a little more thinking as I have watched the departure of some of the "more interesting and able" scene members.
Yes there are interesting folk on the way, but there are less of them every year, for the first time I really think I see what Fravia truely intended.
It's all so bland & generic that I am in a quite withdrawn phase currently. It's simply not very interesting.
First there was visual programming, now it feels like visual reversing has arrived
For the most part the folk in the ripping scene are probably doing the most interesting stuff at the moment (when they start playing with bigfiles anyway).
-----
2:
This may not be fair as the original discussion was in the newbies section, but as we know much of the interesting 'work' happens there anyway.
What prompted this was regarding an app that terminated after 4 minutes of use.
There where replys there from folks who know more about packers, API redirection, code injection and stuff, than I know (and I suppose that wouldn't be hard either).
However what struck me was that although inteligent suggestions where being made but it was all so complicated, and it didn't have to be that way.
It's like the music scene in the 70s where any real innovation had turned into bands like Supertramp & Yes. Basically lots of clever people doing clever things, but losing sight of the fact that a 3 chord song with a decent 3 piece bvand, can be much more effective than a classicly trained 12 piece band with all the latest kit.
Only one other person really looked at the fact that ther ewas a counter, and that the value the counter started at (or indeed ended at) was unimportant and that was disavowed, but even he made issue more complex than it should have been.
The important fact is that there is a counter !
The API used to determine when to decrement that counter dosn't matter.
Step away from APIs, crypto functions, API redirection, IDT & SICE detection and think about what uses counters. Games use them, for lives, ammo and all that shit. So get a copy of gamehack and off you go. It's a small (and imperfect) example of the RE community ignoring simplicity, and making their own lives harder in the process.
This is not intended to criticize anybody, but are we actually patting ourselves on the back too much about how clever we are ?
I personally am always in danger of dissapearing up my own arse with some of the overly complex ideas I come up with.
After all Alexys cleverness in asprotect (for example) is undone by his own customers not using what he provides.
If Alexy dropped all the double dip, hiding of the OEP and API redirection, and his customers used his license manager and asprotect API properly, would asprotected apps be any harder to deal with ? TOO DAMN SURE IT WOULD.
Things would be much worse even if his customers used a new private key for each major update so there whern't loads of blacklisted serials carried around to make it easy to dump anyway. It costs nothing at all to email out updated serials to all your registered customers.
In reality it no great hassle to the customer (if done properly), als they also like to know that when they pay for an app, that everybody who uses the same app has had to pay the same price. Otherwise they think "well why should I be the only paying customer."
Yes we do have over complex systems before anybody thinks I am suggesting otherwise, but always keep the goal in mind. A few minutes thinking can save hours of work, especially if you work outside the accepted norm.
Sorry if this is overly long I may be a grumpy old bastard today, but I don't want to see talent wasted.
Kilby...
