CINXE.COM

Taking things apart - Trammell Hudson's Projects

<!doctype html> <html lang="en" class="no-js"> <head> <meta charset="utf-8"> <meta name="viewport" content="width=device-width,initial-scale=1"> <meta name="description" content="Collection of my projects and hacks."> <link rel="canonical" href="https://trmm.net/Taking_things_apart/"> <link rel="icon" href="../assets/images/favicon.png"> <meta name="generator" content="mkdocs-1.4.2, mkdocs-material-9.0.6"> <meta property="og:title" content="Taking things apart"> <meta property="og:site_name" content="Trammell Hudson's Projects"> <meta property="og:url" content="https://trmm.net/Taking_things_apart/"> <meta property="og:description" content="Collection of my projects and hacks."> <meta property="og:image" content="https://trmm.net/images/logo.png"> <title>Taking things apart - Trammell Hudson's Projects</title> <link rel="stylesheet" href="../assets/stylesheets/main.558e4712.min.css"> <link rel="stylesheet" href="../assets/stylesheets/palette.2505c338.min.css"> <!-- Load fonts from Google --> <link href="https://fonts.gstatic.com" rel="preconnect" crossorigin /> <link rel="stylesheet" type="text/css" href="https://fonts.googleapis.com/css?family=IBM+Plex+Serif:300,400,400i,700%7CIBM+Plex+Sans:500,600,700%7CIBM+Plex+Mono&display=fallback" /> <style> body, input { font-family: "IBM Plex Serif", "Helvetica Neue", Helvetica, Arial, sans-serif; } pre, code, kbd { font-family: "IBM Plex Mono", "Courier New", Courier, monospace; } h1, h2, h3, h4, h5, h6 { font-family: "IBM Plex Sans", sans-serif; font-weight: 700 !important; } </style> <link rel="stylesheet" href="../extra.css"> <script>__md_scope=new URL("..",location),__md_hash=e=>[...e].reduce((e,_)=>(e<<5)-e+_.charCodeAt(0),0),__md_get=(e,_=localStorage,t=__md_scope)=>JSON.parse(_.getItem(t.pathname+"."+e)),__md_set=(e,_,t=localStorage,a=__md_scope)=>{try{t.setItem(a.pathname+"."+e,JSON.stringify(_))}catch(e){}}</script> </head> <body dir="ltr" data-md-color-scheme="default" data-md-color-primary="black" data-md-color-accent="purple"> <input class="md-toggle" data-md-toggle="drawer" type="checkbox" id="__drawer" autocomplete="off"> <input class="md-toggle" data-md-toggle="search" type="checkbox" id="__search" autocomplete="off"> <label class="md-overlay" for="__drawer"></label> <div data-md-component="skip"> <a href="#the-joy-of-taking-things-apart" class="md-skip"> Skip to content </a> </div> <div data-md-component="announce"> </div> <header class="md-header" data-md-component="header"> <nav class="md-header__inner md-grid" aria-label="Header"> <a href=".." title="Trammell Hudson&#39;s Projects" class="md-header__button md-logo" aria-label="Trammell Hudson's Projects" data-md-component="logo"> <img src="../images/logo.png" alt="logo"> </a> <label class="md-header__button md-icon" for="__drawer"> <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M3 6h18v2H3V6m0 5h18v2H3v-2m0 5h18v2H3v-2Z"/></svg> </label> <div class="md-header__title" data-md-component="header-title"> <div class="md-header__ellipsis"> <div class="md-header__topic"> <span class="md-ellipsis"> Trammell Hudson's Projects </span> </div> <div class="md-header__topic" data-md-component="header-topic"> <span class="md-ellipsis"> Taking things apart </span> </div> </div> </div> <label class="md-header__button md-icon" for="__search"> <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M9.5 3A6.5 6.5 0 0 1 16 9.5c0 1.61-.59 3.09-1.56 4.23l.27.27h.79l5 5-1.5 1.5-5-5v-.79l-.27-.27A6.516 6.516 0 0 1 9.5 16 6.5 6.5 0 0 1 3 9.5 6.5 6.5 0 0 1 9.5 3m0 2C7 5 5 7 5 9.5S7 14 9.5 14 14 12 14 9.5 12 5 9.5 5Z"/></svg> </label> <div class="md-search" data-md-component="search" role="dialog"> <label class="md-search__overlay" for="__search"></label> <div class="md-search__inner" role="search"> <form class="md-search__form" name="search"> <input type="text" class="md-search__input" name="query" aria-label="Search" placeholder="Search" autocapitalize="off" autocorrect="off" autocomplete="off" spellcheck="false" data-md-component="search-query" required> <label class="md-search__icon md-icon" for="__search"> <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M9.5 3A6.5 6.5 0 0 1 16 9.5c0 1.61-.59 3.09-1.56 4.23l.27.27h.79l5 5-1.5 1.5-5-5v-.79l-.27-.27A6.516 6.516 0 0 1 9.5 16 6.5 6.5 0 0 1 3 9.5 6.5 6.5 0 0 1 9.5 3m0 2C7 5 5 7 5 9.5S7 14 9.5 14 14 12 14 9.5 12 5 9.5 5Z"/></svg> <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M20 11v2H8l5.5 5.5-1.42 1.42L4.16 12l7.92-7.92L13.5 5.5 8 11h12Z"/></svg> </label> <nav class="md-search__options" aria-label="Search"> <button type="reset" class="md-search__icon md-icon" title="Clear" aria-label="Clear" tabindex="-1"> <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M19 6.41 17.59 5 12 10.59 6.41 5 5 6.41 10.59 12 5 17.59 6.41 19 12 13.41 17.59 19 19 17.59 13.41 12 19 6.41Z"/></svg> </button> </nav> </form> <div class="md-search__output"> <div class="md-search__scrollwrap" data-md-scrollfix> <div class="md-search-result" data-md-component="search-result"> <div class="md-search-result__meta"> Initializing search </div> <ol class="md-search-result__list" role="presentation"></ol> </div> </div> </div> </div> </div> <div class="md-header__source"> <a href="https://github.com/osresearch/" title="Go to repository" class="md-source" data-md-component="source"> <div class="md-source__icon md-icon"> <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 448 512"><!--! Font Awesome Free 6.2.1 by @fontawesome - https://fontawesome.com License - https://fontawesome.com/license/free (Icons: CC BY 4.0, Fonts: SIL OFL 1.1, Code: MIT License) Copyright 2022 Fonticons, Inc.--><path d="M439.55 236.05 244 40.45a28.87 28.87 0 0 0-40.81 0l-40.66 40.63 51.52 51.52c27.06-9.14 52.68 16.77 43.39 43.68l49.66 49.66c34.23-11.8 61.18 31 35.47 56.69-26.49 26.49-70.21-2.87-56-37.34L240.22 199v121.85c25.3 12.54 22.26 41.85 9.08 55a34.34 34.34 0 0 1-48.55 0c-17.57-17.6-11.07-46.91 11.25-56v-123c-20.8-8.51-24.6-30.74-18.64-45L142.57 101 8.45 235.14a28.86 28.86 0 0 0 0 40.81l195.61 195.6a28.86 28.86 0 0 0 40.8 0l194.69-194.69a28.86 28.86 0 0 0 0-40.81z"/></svg> </div> <div class="md-source__repository"> GitHub </div> </a> </div> </nav> </header> <div class="md-container" data-md-component="container"> <main class="md-main" data-md-component="main"> <div class="md-main__inner md-grid"> <div class="md-sidebar md-sidebar--primary" data-md-component="sidebar" data-md-type="navigation" > <div class="md-sidebar__scrollwrap"> <div class="md-sidebar__inner"> <nav class="md-nav md-nav--primary" aria-label="Navigation" data-md-level="0"> <label class="md-nav__title" for="__drawer"> <a href=".." title="Trammell Hudson&#39;s Projects" class="md-nav__button md-logo" aria-label="Trammell Hudson's Projects" data-md-component="logo"> <img src="../images/logo.png" alt="logo"> </a> Trammell Hudson's Projects </label> <div class="md-nav__source"> <a href="https://github.com/osresearch/" title="Go to repository" class="md-source" data-md-component="source"> <div class="md-source__icon md-icon"> <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 448 512"><!--! Font Awesome Free 6.2.1 by @fontawesome - https://fontawesome.com License - https://fontawesome.com/license/free (Icons: CC BY 4.0, Fonts: SIL OFL 1.1, Code: MIT License) Copyright 2022 Fonticons, Inc.--><path d="M439.55 236.05 244 40.45a28.87 28.87 0 0 0-40.81 0l-40.66 40.63 51.52 51.52c27.06-9.14 52.68 16.77 43.39 43.68l49.66 49.66c34.23-11.8 61.18 31 35.47 56.69-26.49 26.49-70.21-2.87-56-37.34L240.22 199v121.85c25.3 12.54 22.26 41.85 9.08 55a34.34 34.34 0 0 1-48.55 0c-17.57-17.6-11.07-46.91 11.25-56v-123c-20.8-8.51-24.6-30.74-18.64-45L142.57 101 8.45 235.14a28.86 28.86 0 0 0 0 40.81l195.61 195.6a28.86 28.86 0 0 0 40.8 0l194.69-194.69a28.86 28.86 0 0 0 0-40.81z"/></svg> </div> <div class="md-source__repository"> GitHub </div> </a> </div> <ul class="md-nav__list" data-md-scrollfix> <li class="md-nav__item md-nav__item--nested"> <input class="md-nav__toggle md-toggle " data-md-toggle="__nav_1" type="checkbox" id="__nav_1" > <label class="md-nav__link" for="__nav_1" tabindex="0" aria-expanded="false"> Categories <span class="md-nav__icon md-icon"></span> </label> <nav class="md-nav" aria-label="Categories" data-md-level="1"> <label class="md-nav__title" for="__nav_1"> <span class="md-nav__icon md-icon"></span> Categories </label> <ul class="md-nav__list" data-md-scrollfix> <li class="md-nav__item"> <a href="../Category%3ARetrocomputing/" class="md-nav__link"> Retrocomputing </a> </li> <li class="md-nav__item"> <a href="../Category%3AVector_display/" class="md-nav__link"> Vector display </a> </li> <li class="md-nav__item"> <a href="../Category%3ARobots/" class="md-nav__link"> Robots </a> </li> <li class="md-nav__item"> <a href="../Category%3AClocks/" class="md-nav__link"> Clocks </a> </li> <li class="md-nav__item"> <a href="../Category%3A3D_Printing/" class="md-nav__link"> 3D Printing </a> </li> <li class="md-nav__item"> <a href="../Category%3ALaser_cutter/" class="md-nav__link"> Laser cutter </a> </li> <li class="md-nav__item"> <a href="../Category%3ATeensy/" class="md-nav__link"> Teensy </a> </li> <li class="md-nav__item"> <a href="../Category%3AMac/" class="md-nav__link"> Mac </a> </li> <li class="md-nav__item"> <a href="../Category%3APhotography/" class="md-nav__link"> Photography </a> </li> <li class="md-nav__item"> <a href="../Category%3AHobbies/" class="md-nav__link"> Hobbies </a> </li> <li class="md-nav__item"> <a href="../Category%3ALED/" class="md-nav__link"> LED </a> </li> <li class="md-nav__item"> <a href="../Category%3ALEDscape/" class="md-nav__link"> LEDscape </a> </li> <li class="md-nav__item"> <a href="../Category%3AReverse_engineering/" class="md-nav__link"> Reverse engineering </a> </li> <li class="md-nav__item"> <a href="../Category%3ATalks/" class="md-nav__link"> Talks </a> </li> <li class="md-nav__item"> <a href="../Category%3AHacks/" class="md-nav__link"> Hacks </a> </li> <li class="md-nav__item"> <a href="../Category%3ASecurity/" class="md-nav__link"> Security </a> </li> <li class="md-nav__item"> <a href="../Category%3AAircraft/" class="md-nav__link"> Aircraft </a> </li> <li class="md-nav__item"> <a href="../Category%3AArt/" class="md-nav__link"> Art </a> </li> <li class="md-nav__item"> <a href="../Category%3ABiking/" class="md-nav__link"> Biking </a> </li> <li class="md-nav__item"> <a href="../Category%3ALED/" class="md-nav__link"> Blinky </a> </li> <li class="md-nav__item"> <a href="../Category%3ABurning_Man/" class="md-nav__link"> Burning Man </a> </li> <li class="md-nav__item"> <a href="../Category%3AClasses/" class="md-nav__link"> Classes </a> </li> <li class="md-nav__item"> <a href="../Category%3ACoffee/" class="md-nav__link"> Coffee </a> </li> <li class="md-nav__item"> <a href="../Category%3AESP/" class="md-nav__link"> ESP </a> </li> <li class="md-nav__item"> <a href="../Category%3AFont/" class="md-nav__link"> Font </a> </li> <li class="md-nav__item"> <a href="../Category%3AGames/" class="md-nav__link"> Games </a> </li> <li class="md-nav__item"> <a href="../Category%3AInteractive_Show/" class="md-nav__link"> Interactive Show </a> </li> <li class="md-nav__item"> <a href="../Category%3ABeagleBone/" class="md-nav__link"> BeagleBone </a> </li> <li class="md-nav__item"> <a href="../Category%3APRU/" class="md-nav__link"> PRU </a> </li> <li class="md-nav__item"> <a href="../Category%3AMakerfaire/" class="md-nav__link"> Makerfaire </a> </li> <li class="md-nav__item"> <a href="../Category%3ANYCR/" class="md-nav__link"> NYCR </a> </li> <li class="md-nav__item"> <a href="../Category%3AOctober_First/" class="md-nav__link"> October First </a> </li> <li class="md-nav__item"> <a href="../Category%3AOscilloscope/" class="md-nav__link"> Oscilloscope </a> </li> <li class="md-nav__item"> <a href="../Category%3AROM/" class="md-nav__link"> ROM </a> </li> <li class="md-nav__item"> <a href="../Category%3ARadio/" class="md-nav__link"> Radio </a> </li> <li class="md-nav__item"> <a href="../Category%3ARaspberry_Pi/" class="md-nav__link"> Raspberry Pi </a> </li> <li class="md-nav__item"> <a href="../Category%3AShopbot/" class="md-nav__link"> Shopbot </a> </li> <li class="md-nav__item"> <a href="../Category%3ASoftware/" class="md-nav__link"> Software </a> </li> <li class="md-nav__item"> <a href="../Category%3ASparkCore/" class="md-nav__link"> SparkCore </a> </li> <li class="md-nav__item"> <a href="../Category%3AThingiverse/" class="md-nav__link"> Thingiverse </a> </li> <li class="md-nav__item"> <a href="../Category%3AUSB_Devices/" class="md-nav__link"> USB Devices </a> </li> <li class="md-nav__item"> <a href="../Category%3AVideo/" class="md-nav__link"> Video </a> </li> <li class="md-nav__item"> <a href="../Category%3AWearables/" class="md-nav__link"> Wearables </a> </li> </ul> </nav> </li> <li class="md-nav__item md-nav__item--nested"> <input class="md-nav__toggle md-toggle " data-md-toggle="__nav_2" type="checkbox" id="__nav_2" > <label class="md-nav__link" for="__nav_2" tabindex="0" aria-expanded="false"> Chronological <span class="md-nav__icon md-icon"></span> </label> <nav class="md-nav" aria-label="Chronological" data-md-level="1"> <label class="md-nav__title" for="__nav_2"> <span class="md-nav__icon md-icon"></span> Chronological </label> <ul class="md-nav__list" data-md-scrollfix> <li class="md-nav__item"> <a href="../Category%3A2010/" class="md-nav__link"> 2010 </a> </li> <li class="md-nav__item"> <a href="../Category%3A2011/" class="md-nav__link"> 2011 </a> </li> <li class="md-nav__item"> <a href="../Category%3A2012/" class="md-nav__link"> 2012 </a> </li> <li class="md-nav__item"> <a href="../Category%3A2013/" class="md-nav__link"> 2013 </a> </li> <li class="md-nav__item"> <a href="../Category%3A2014/" class="md-nav__link"> 2014 </a> </li> <li class="md-nav__item"> <a href="../Category%3A2015/" class="md-nav__link"> 2015 </a> </li> <li class="md-nav__item"> <a href="../Category%3A2016/" class="md-nav__link"> 2016 </a> </li> <li class="md-nav__item"> <a href="../Category%3A2017/" class="md-nav__link"> 2017 </a> </li> <li class="md-nav__item"> <a href="../Category%3A2018/" class="md-nav__link"> 2018 </a> </li> <li class="md-nav__item"> <a href="../Category%3A2019/" class="md-nav__link"> 2019 </a> </li> <li class="md-nav__item"> <a href="../Category%3A2020/" class="md-nav__link"> 2020 </a> </li> <li class="md-nav__item"> <a href="../Category%3A2021/" class="md-nav__link"> 2021 </a> </li> </ul> </nav> </li> <li class="md-nav__item md-nav__item--nested"> <input class="md-nav__toggle md-toggle " data-md-toggle="__nav_3" type="checkbox" id="__nav_3" > <label class="md-nav__link" for="__nav_3" tabindex="0" aria-expanded="false"> About <span class="md-nav__icon md-icon"></span> </label> <nav class="md-nav" aria-label="About" data-md-level="1"> <label class="md-nav__title" for="__nav_3"> <span class="md-nav__icon md-icon"></span> About </label> <ul class="md-nav__list" data-md-scrollfix> <li class="md-nav__item"> <a href="../About/" class="md-nav__link"> About Me </a> </li> <li class="md-nav__item"> <a href="../PGP/" class="md-nav__link"> Contact </a> </li> </ul> </nav> </li> </ul> </nav> </div> </div> </div> <div class="md-sidebar md-sidebar--secondary" data-md-component="sidebar" data-md-type="toc" > <div class="md-sidebar__scrollwrap"> <div class="md-sidebar__inner"> <nav class="md-nav md-nav--secondary" aria-label="Table of contents"> <label class="md-nav__title" for="__toc"> <span class="md-nav__icon md-icon"></span> Table of contents </label> <ul class="md-nav__list" data-md-component="toc" data-md-scrollfix> <li class="md-nav__item"> <a href="#the-joy-of-taking-things-apart" class="md-nav__link"> The Joy of Taking Things Apart </a> <nav class="md-nav" aria-label="The Joy of Taking Things Apart"> <ul class="md-nav__list"> <li class="md-nav__item"> <a href="#debugging" class="md-nav__link"> Debugging </a> </li> <li class="md-nav__item"> <a href="#extending" class="md-nav__link"> Extending </a> </li> <li class="md-nav__item"> <a href="#interoperating" class="md-nav__link"> Interoperating </a> </li> <li class="md-nav__item"> <a href="#connecting" class="md-nav__link"> Connecting </a> </li> <li class="md-nav__item"> <a href="#porting" class="md-nav__link"> Porting </a> </li> <li class="md-nav__item"> <a href="#reusing" class="md-nav__link"> Reusing </a> </li> <li class="md-nav__item"> <a href="#securing" class="md-nav__link"> Securing </a> </li> </ul> </nav> </li> <li class="md-nav__item"> <a href="#freedom-to-tinker" class="md-nav__link"> Freedom to Tinker </a> </li> <li class="md-nav__item"> <a href="#reverse-engineering-tools" class="md-nav__link"> Reverse engineering tools </a> <nav class="md-nav" aria-label="Reverse engineering tools"> <ul class="md-nav__list"> <li class="md-nav__item"> <a href="#software-tools" class="md-nav__link"> Software tools </a> </li> <li class="md-nav__item"> <a href="#hardware-tools" class="md-nav__link"> Hardware tools </a> </li> </ul> </nav> </li> <li class="md-nav__item"> <a href="#once-you-figure-something-out" class="md-nav__link"> Once you figure something out... </a> <nav class="md-nav" aria-label="Once you figure something out..."> <ul class="md-nav__list"> <li class="md-nav__item"> <a href="#write-it-down" class="md-nav__link"> Write it down </a> </li> <li class="md-nav__item"> <a href="#teach-someone-else" class="md-nav__link"> Teach someone else </a> </li> </ul> </nav> </li> <li class="md-nav__item"> <a href="#now-make-something-great" class="md-nav__link"> Now Make something great! </a> </li> </ul> </nav> </div> </div> </div> <div class="md-content" data-md-component="content"> <article class="md-content__inner md-typeset"> <h1>Taking things apart</h1> <p><a href="https://www.flickr.com/photos/osr/16410854351/lightbox"><img src="https://live.staticflickr.com/7376/16410854351_3f13c053f5_b.jpg" srcset="https://live.staticflickr.com/7376/16410854351_3f13c053f5_b.jpg 1024w, https://live.staticflickr.com/7376/16410854351_3f13c053f5.jpg 400w" /></a> This is an annotated transcript of a talk I gave at <a href="http://hack.rice.edu/">HackRice</a> about reverse engineering and some of the fun projects/hacks they could do with reverse engineering skills. Some of the results were <a href="http://www.providencejournal.com/news/education/20150208-techies-are-in-nerd-vana-at-brown-university-hackathon-video.ece">reported in the news</a>. </p> <h2 id="the-joy-of-taking-things-apart">The Joy of Taking Things Apart</h2> <p><a href="https://www.flickr.com/photos/osr/16226120558/lightbox"><img src="https://live.staticflickr.com/7340/16226120558_cbeeedab92_b.jpg" srcset="https://live.staticflickr.com/7340/16226120558_cbeeedab92_b.jpg 1024w, https://live.staticflickr.com/7340/16226120558_cbeeedab92.jpg 400w" /></a> As you might guess from the title of this talk, I like to take things apart and I hope by the end of this presentation to convince you to take something apart and figure out how it works, too.</p> <p><a href="https://www.flickr.com/photos/osr/16227856447/lightbox"><img src="https://live.staticflickr.com/8597/16227856447_d06f92b2b9_b.jpg" srcset="https://live.staticflickr.com/8597/16227856447_d06f92b2b9_b.jpg 1024w, https://live.staticflickr.com/8597/16227856447_d06f92b2b9.jpg 400w" /></a> When you hear "Reverse Engineering", you not might think of all of the good things you can use these skills for. You might not think of yourself as a reverse engineer, but if you do any sort of programming, you are probably already one.</p> <h3 id="debugging">Debugging</h3> <p><a href="https://www.flickr.com/photos/osr/16227546139/lightbox"><img src="https://live.staticflickr.com/7447/16227546139_b34ca7be08_b.jpg" srcset="https://live.staticflickr.com/7447/16227546139_b34ca7be08_b.jpg 1024w, https://live.staticflickr.com/7447/16227546139_b34ca7be08.jpg 400w" /></a> We’ve all encountered this sort of "documentation" for APIs where the comments are useless, outdated or contribute to negative understanding of the system. Sometimes the only course of action is to read the source to try to figure out what sort of processing this function is doing on the Foo object.</p> <p><a href="https://www.flickr.com/photos/osr/16226120458/lightbox"><img src="https://live.staticflickr.com/7404/16226120458_ebe6b552ff_b.jpg" srcset="https://live.staticflickr.com/7404/16226120458_ebe6b552ff_b.jpg 1024w, https://live.staticflickr.com/7404/16226120458_ebe6b552ff.jpg 400w" /></a> Frequently you don’t have access to the source, so it becomes necessary to turn to other techniques, like endless searching stackoverflow for answers. Other times more invasive techniques are required, like black box testing with various inputs, or even using an interactive disassembler to make sense of the machine code.</p> <p>Knowing how to do this sort of reverse engineering makes you a better programmer because you must build a mental model of what is going on inside of this system. This helps you learn better debugging skills on your own projects, because you can think through what must be happening inside of code.</p> <h3 id="extending">Extending</h3> <table class="gallery"> <tbody markdown='1'> <tr> <td class="gallery-image col-1" width="50.0%"><a href="https://www.flickr.com/photos/osr/16413772505/lightbox"><img src="https://live.staticflickr.com/8649/16413772505_2071c58ca1.jpg" srcset="https://live.staticflickr.com/8649/16413772505_2071c58ca1_b.jpg 1024w, https://live.staticflickr.com/8649/16413772505_2071c58ca1.jpg 400w" /></a></td> <td class="gallery-image col-2" width="50.0%"><a href="https://www.flickr.com/photos/osr/16412008471/lightbox"><img src="https://live.staticflickr.com/7370/16412008471_c6a93a9064.jpg" srcset="https://live.staticflickr.com/7370/16412008471_c6a93a9064_b.jpg 1024w, https://live.staticflickr.com/7370/16412008471_c6a93a9064.jpg 400w" /></a></td> </tr> <tr markdown='1' class='gallery-caption-row'> <td class="gallery-caption col-1" width="50.0%"></td> <td class="gallery-caption col-2" width="50.0%"></td> <p></tr> </tbody></p> </table> <p>Reverse engineering also allows you to add the features that you feel are important. As an example of this, in 2009 I started making short films with the Canon 5D Mark 2, but was very frustrated with some of the limitations in the camera's firmware. It was missing lots of basic functionality and this frustration led me to attempt to add the features that I wanted.</p> <p>Many of these projects start with a simple goal: find out if your code is running in the system. This is the first screenshot of my success with the Canon 5D: I’ve modified the firmware version number to display three extra vanity letters. Re-writing strings is a good easy technique for figuring out if you have "won" and your code is running on the system.</p> <table class="gallery"> <tbody markdown='1'> <tr> <td class="gallery-image col-1" width="50.0%"><a href="https://www.flickr.com/photos/osr/15791290474/lightbox"><img src="https://live.staticflickr.com/8632/15791290474_4d0973c659.jpg" srcset="https://live.staticflickr.com/8632/15791290474_4d0973c659_b.jpg 1024w, https://live.staticflickr.com/8632/15791290474_4d0973c659.jpg 400w" /></a></td> <td class="gallery-image col-2" width="50.0%"><a href="https://www.flickr.com/photos/osr/16412836872/lightbox"><img src="https://live.staticflickr.com/7381/16412836872_008f23b609.jpg" srcset="https://live.staticflickr.com/7381/16412836872_008f23b609_b.jpg 1024w, https://live.staticflickr.com/7381/16412836872_008f23b609.jpg 400w" /></a></td> </tr> <tr markdown='1' class='gallery-caption-row'> <td class="gallery-caption col-1" width="50.0%"></td> <td class="gallery-caption col-2" width="50.0%"></td> <p></tr> </tbody></p> </table> <p>This little hack turned into <a href="/Magic_Lantern">Magic Lantern</a>, the open source programming environment for Canon DSLR cameras. It's one of my most popular reverse engineering projects; at this point there are tens of thousands of users on all seven continents and maybe even in space.</p> <p>These are all features that the users of the camera wanted, not necessarily what the original manufacturer intended. The big ones are manual control of all camera parameters, as well as raw video recording. One of the best parts of reverse engineering is that it allows you to make a system work the way you want.</p> <h3 id="interoperating">Interoperating</h3> <p>Another useful reverse engineering skills is creating interoperable programs or devices. Games are a popular place to start with this sort of thing.</p> <table class="gallery"> <tbody markdown='1'> <tr> <td class="gallery-image col-1" width="50.0%"><a href="https://www.flickr.com/photos/osr/16413772375/lightbox"><img src="https://live.staticflickr.com/8608/16413772375_4bedcab612.jpg" srcset="https://live.staticflickr.com/8608/16413772375_4bedcab612_b.jpg 1024w, https://live.staticflickr.com/8608/16413772375_4bedcab612.jpg 400w" /></a></td> <td class="gallery-image col-2" width="50.0%"><a href="https://www.flickr.com/photos/osr/16227856137/lightbox"><img src="https://live.staticflickr.com/8646/16227856137_77f5690d3e.jpg" srcset="https://live.staticflickr.com/8646/16227856137_77f5690d3e_b.jpg 1024w, https://live.staticflickr.com/8646/16227856137_77f5690d3e.jpg 400w" /></a></td> </tr> <tr markdown='1' class='gallery-caption-row'> <td class="gallery-caption col-1" width="50.0%"></td> <td class="gallery-caption col-2" width="50.0%"></td> <p></tr> </tbody></p> </table> <p>One of my colleagues at Two Sigma proposed a challenge to automate Dr Mario on the Wii. He had done some impressive work on the computer vision to detect the corners of the board, ortho-rectify it and detect the game components. Next he needed a way to talk to the console from his program.</p> <p>Dr Mario uses the classic controller, which plugs into the Wiimote using a special connector. Thanks to someone else figuring out and writing down how the i2c pins are connected and the protocol that it speaks, we were able to build an Arduino interface.</p> <p><a href="https://www.flickr.com/photos/osr/16227545849/lightbox"><img src="https://live.staticflickr.com/7398/16227545849_eb420af7ac_b.jpg" srcset="https://live.staticflickr.com/7398/16227545849_eb420af7ac_b.jpg 1024w, https://live.staticflickr.com/7398/16227545849_eb420af7ac.jpg 400w" /></a> Using this reverse engineered USB to Wiimote adapter that would interoperate with the stock game and console, we put together a fun programming contest at Two Sigma. The contestants wrote AIs that watched the video, generated strategies and sent the commands to the interface. For a short while one of our AIs was the top rated player on the online game.</p> <table class="gallery"> <tbody markdown='1'> <tr> <td class="gallery-image col-1" width="50.0%"><a href="https://www.flickr.com/photos/osr/16226367710/lightbox"><img src="https://live.staticflickr.com/8621/16226367710_7b37c82533.jpg" srcset="https://live.staticflickr.com/8621/16226367710_7b37c82533_b.jpg 1024w, https://live.staticflickr.com/8621/16226367710_7b37c82533.jpg 400w" /></a></td> <td class="gallery-image col-2" width="50.0%"><a href="https://www.flickr.com/photos/osr/16413772235/lightbox"><img src="https://live.staticflickr.com/8612/16413772235_18cbd0250e.jpg" srcset="https://live.staticflickr.com/8612/16413772235_18cbd0250e_b.jpg 1024w, https://live.staticflickr.com/8612/16413772235_18cbd0250e.jpg 400w" /></a></td> </tr> <tr markdown='1' class='gallery-caption-row'> <td class="gallery-caption col-1" width="50.0%"></td> <td class="gallery-caption col-2" width="50.0%"></td> <p></tr> </tbody></p> </table> <p>You can also use reverse engineering to do things like personalize the games. Mike Mika modified the Donkey Kong ROM for his daughter to have Mairo held captive and rescued by Pauline. This required finding the sprites in the ROM and copying them around to swap the roles of the various characters.</p> <p>Sometimes you just want to make art. Corey Arcangel created a beautiful serene art piece in which he modified Super Mario to have no enemies, no world and no mario: just the clouds endlessly drifting by. This required reverse engineering enough of the game using a 6502 disassembler to figure out what parts were involved in running the game and replace them with NOPs.</p> <h3 id="connecting">Connecting</h3> <p><a href="https://www.flickr.com/photos/osr/15791290324/lightbox"><img src="https://live.staticflickr.com/7405/15791290324_204260742d_b.jpg" srcset="https://live.staticflickr.com/7405/15791290324_204260742d_b.jpg 1024w, https://live.staticflickr.com/7405/15791290324_204260742d.jpg 400w" /></a> Everyone like robots, right?</p> <p>We ended up with some surplus robots with no documentation and no interfaces, so it was necessary to reverse engineering the connectors and cabling. Step one was lots of contiunity testing with the multimeter - put it in beep mode and probe until all of the wires were mapped. And then we used the oscilloscope to figure out the quadrature position encoders while we rotated the joints by hand. We published these findings along with a six DOF inverse kinesmatics controller that we wrote to allow precise movement of the arms.</p> <p><a href="https://www.flickr.com/photos/osr/16413772205/lightbox"><img src="https://live.staticflickr.com/7291/16413772205_6a9187a626_b.jpg" srcset="https://live.staticflickr.com/7291/16413772205_6a9187a626_b.jpg 1024w, https://live.staticflickr.com/7291/16413772205_6a9187a626.jpg 400w" /></a> This reverse engineering project turned into another Two Sigma programming contest -- we provided a REST API to retrieve the images from overhead cameras and to command the arm. The teams wrote AI bots to play shuffle board against each other.</p> <p>And the reverse engineered robot was pretty good!</p> <h3 id="porting">Porting</h3> <p><a href="https://www.flickr.com/photos/osr/16226120168/lightbox"><img src="https://live.staticflickr.com/7427/16226120168_f09c1924ff_b.jpg" srcset="https://live.staticflickr.com/7427/16226120168_f09c1924ff_b.jpg 1024w, https://live.staticflickr.com/7427/16226120168_f09c1924ff.jpg 400w" /></a> What could be cooler than robots? Lasers, of course.</p> <p>At our hackerspace, NYC Resistor, we have a laser cutter that can cut paper, woods, acrylics and also etch some metals. But it has a windows only printer driver that doesn't work for many of our members who want to use OS X or Linux. We knew that we could fix that limitation with reverse engineering of the communication between their driver and the laser cutter.</p> <p><a href="https://www.flickr.com/photos/osr/16412836602/lightbox"><img src="https://live.staticflickr.com/8600/16412836602_cfed24f339_b.jpg" srcset="https://live.staticflickr.com/8600/16412836602_cfed24f339_b.jpg 1024w, https://live.staticflickr.com/8600/16412836602_cfed24f339.jpg 400w" /></a> A packet capture of the communication between the windows driver and the laser showed that it was HPGL formatted data sent over the normal Unix LPD network port. We can find those two specifications and implement them! Armed with this insight, we were able to write a full command-line tool that interoperates with the laser cutter and allows anyone on any platform to send their jobs to the laser, thanks to reverse engineering.</p> <h3 id="reusing">Reusing</h3> <table class="gallery"> <tbody markdown='1'> <tr> <td class="gallery-image col-1" width="50.0%"><a href="https://www.flickr.com/photos/osr/16412836532/lightbox"><img src="https://live.staticflickr.com/7425/16412836532_c614cb2548.jpg" srcset="https://live.staticflickr.com/7425/16412836532_c614cb2548_b.jpg 1024w, https://live.staticflickr.com/7425/16412836532_c614cb2548.jpg 400w" /></a></td> <td class="gallery-image col-2" width="50.0%"><a href="https://www.flickr.com/photos/osr/16387797046/lightbox"><img src="https://live.staticflickr.com/7326/16387797046_4d4d0d892c.jpg" srcset="https://live.staticflickr.com/7326/16387797046_4d4d0d892c_b.jpg 1024w, https://live.staticflickr.com/7326/16387797046_4d4d0d892c.jpg 400w" /></a></td> </tr> <tr markdown='1' class='gallery-caption-row'> <td class="gallery-caption col-1" width="50.0%"></td> <td class="gallery-caption col-2" width="50.0%"></td> <p></tr> </tbody></p> </table> <p><a href="/Category:Retrocomputing">Old computers</a> are easier to reverse engineering to adapt them to the modern era. They tend to come from an era when everyone was expected to know how to read a schematic and be handy with a soldering iron.</p> <p>Luckily these skills have not been totally lost and are easily to pickup again. You can build a quick proof-of-concept with a bit of messy breadboard, a prototype system like the Arduino or Teensy and the schematic,</p> <p><a href="https://www.flickr.com/photos/osr/16227545539/lightbox"><img src="https://live.staticflickr.com/7391/16227545539_baf74fd247_b.jpg" srcset="https://live.staticflickr.com/7391/16227545539_baf74fd247_b.jpg 1024w, https://live.staticflickr.com/7391/16227545539_baf74fd247.jpg 400w" /></a> And once you have something that sort of works, it is fairly easy to transfer it to a PCB or a permaprotoboard and repurpose these devices into new uses. A fun project is to put a Raspberry Pi or BeagleBone Black into the device to replace the old motherboard, like this <a href="/TRS80_Model_100">TRS80 Model 100</a> that I interfaced to with a <a href="/Category:Teensy">Teensy++</a>.</p> <table class="gallery"> <tbody markdown='1'> <tr> <td class="gallery-image col-1" width="50.0%"><a href="https://www.flickr.com/photos/osr/16226367420/lightbox"><img src="https://live.staticflickr.com/8605/16226367420_cb8c6db4ea.jpg" srcset="https://live.staticflickr.com/8605/16226367420_cb8c6db4ea_b.jpg 1024w, https://live.staticflickr.com/8605/16226367420_cb8c6db4ea.jpg 400w" /></a></td> <td class="gallery-image col-2" width="50.0%"><a href="https://www.flickr.com/photos/osr/15793724153/lightbox"><img src="https://live.staticflickr.com/7351/15793724153_865b2de786.jpg" srcset="https://live.staticflickr.com/7351/15793724153_865b2de786_b.jpg 1024w, https://live.staticflickr.com/7351/15793724153_865b2de786.jpg 400w" /></a></td> </tr> <tr markdown='1' class='gallery-caption-row'> <td class="gallery-caption col-1" width="50.0%"></td> <td class="gallery-caption col-2" width="50.0%"></td> <p></tr> </tbody></p> </table> <p>Even high voltage items like the CRT in this antique [[Mac-SE video|Macintosh SE] can be repurposed by using the schematic for the analog video interface.</p> <p>CPU speed have increased enough that we can write a software video card that runs in the BeagleBone Black to replace the custom video chips used along with the 68k. This Mac now runs Linux -- hardware reverse engineering frequently seems to have an end goal of putting Linux in everything.</p> <p><a href="https://www.flickr.com/photos/osr/16412836342/lightbox"><img src="https://live.staticflickr.com/7358/16412836342_ae68fe489f_b.jpg" srcset="https://live.staticflickr.com/7358/16412836342_ae68fe489f_b.jpg 1024w, https://live.staticflickr.com/7358/16412836342_ae68fe489f.jpg 400w" /></a> And sometimes it also uncovers fun <a href="/Mac-SE_Easter_Egg">easter eggs</a>, like these photos of the team at Apple who worked on the Mac SE system. After increasing the ROM from 64 KB to 256 KB, they had a few extra kilobytes and stored these four images for the future to find.</p> <h3 id="securing">Securing</h3> <p><a href="https://www.flickr.com/photos/osr/16226119888/lightbox"><img src="https://live.staticflickr.com/8594/16226119888_f27debab64_b.jpg" srcset="https://live.staticflickr.com/8594/16226119888_f27debab64_b.jpg 1024w, https://live.staticflickr.com/8594/16226119888_f27debab64.jpg 400w" /></a> Speaking of Apple...</p> <p>Reverse engineering on new machines can serve many purposes, most commonly for security reasons. On a recent project I was looking into reports of a security vulnerability in MacBooks that allowed rootkits to be installed via Option ROMs on Thunderbolt devices.</p> <p><a href="https://www.flickr.com/photos/osr/16226119878/lightbox"><img src="https://live.staticflickr.com/7448/16226119878_030f18c096_b.jpg" srcset="https://live.staticflickr.com/7448/16226119878_030f18c096_b.jpg 1024w, https://live.staticflickr.com/7448/16226119878_030f18c096.jpg 400w" /></a> To start the investigation, I used a bus pirate to read out a copy of the boot ROM from the SPI flash chip and started analyzing it with tools like Hopper.</p> <p><a href="https://www.flickr.com/photos/osr/16412836272/lightbox"><img src="https://live.staticflickr.com/7324/16412836272_8f2feab4cb_b.jpg" srcset="https://live.staticflickr.com/7324/16412836272_8f2feab4cb_b.jpg 1024w, https://live.staticflickr.com/7324/16412836272_8f2feab4cb.jpg 400w" /></a> This ROM dump lead to some interesting findings related to the previously undocumented format of Apple’s EFI ROM. I documented these so that other researchers could decode the ROMs to look for security issues.</p> <p><a href="https://www.flickr.com/photos/osr/16412836222/lightbox"><img src="https://live.staticflickr.com/8566/16412836222_562f99fa94_b.jpg" srcset="https://live.staticflickr.com/8566/16412836222_562f99fa94_b.jpg 1024w, https://live.staticflickr.com/8566/16412836222_562f99fa94.jpg 400w" /></a> I replicated snare's 2012 work, in which a malicious Thunderbolt device can install a rootkit that logs the user’s FileVault or firmware password and exfiltrate it. I have since changed the password, so don't try to break into my machine with this one.</p> <p><a href="https://www.flickr.com/photos/osr/15793723963/lightbox"><img src="https://live.staticflickr.com/7371/15793723963_38e8cab859_b.jpg" srcset="https://live.staticflickr.com/7371/15793723963_38e8cab859_b.jpg 1024w, https://live.staticflickr.com/7371/15793723963_38e8cab859.jpg 400w" /></a> I also found a few significant security issues of my own. One of the issues that I identified is that there is no hardware validation of the contents of the boot ROM, which opens up a significant vulnerability.</p> <p><a href="https://www.flickr.com/photos/osr/16412007821/lightbox"><img src="https://live.staticflickr.com/7293/16412007821_46546b1953_b.jpg" srcset="https://live.staticflickr.com/7293/16412007821_46546b1953_b.jpg 1024w, https://live.staticflickr.com/7293/16412007821_46546b1953.jpg 400w" /></a> To demonstrate the risk of this vulnerability, I wrote a proof of concept exploit named <a href="/Thunderstrike">Thunderstrike</a> that used Thunderbolt devices to rewrite the boot ROM. This allows an evil maid to install malware given a few seconds alone with the laptop. This is a very dangerous place to have untrusted code -- the boot ROM controls the system from the very first instruction and gives it the ability to hide from detection, backdoor the OS and prevent any attempts to remove it with software.</p> <p><a href="https://www.flickr.com/photos/osr/15791289624/lightbox"><img src="https://live.staticflickr.com/7425/15791289624_c2158fdd99_b.jpg" srcset="https://live.staticflickr.com/7425/15791289624_c2158fdd99_b.jpg 1024w, https://live.staticflickr.com/7425/15791289624_c2158fdd99.jpg 400w" /></a> The <a href="/Thunderstrike">Thunderstrike</a> vulnerability was significant enough that Apple issued a security update to fix it. This is one way that reverse engineering leads to safer systems.</p> <h2 id="freedom-to-tinker">Freedom to Tinker</h2> <p><a href="https://www.flickr.com/photos/osr/16412007741/lightbox"><img src="https://live.staticflickr.com/7357/16412007741_292fcaf58d_b.jpg" srcset="https://live.staticflickr.com/7357/16412007741_292fcaf58d_b.jpg 1024w, https://live.staticflickr.com/7357/16412007741_292fcaf58d.jpg 400w" /></a> The <a href="http://eff.org">Electronic Frontier Foundation</a> (EFF) has a comprehensive list of the frequently asked questions regarding reverse engineering, especially where it intersects with copyright. I highly recommend that you read through the list and ask them if you have any questions.</p> <p>The "Freedom to Tinker" is an important one: it allows you to create interoperable products, extend features, reuse old systems and use your devices in the way that you want to use them.</p> <h2 id="reverse-engineering-tools">Reverse engineering tools</h2> <h3 id="software-tools">Software tools</h3> <p><a href="https://www.flickr.com/photos/osr/16226367060/lightbox"><img src="https://live.staticflickr.com/7283/16226367060_b9f68be06c_b.jpg" srcset="https://live.staticflickr.com/7283/16226367060_b9f68be06c_b.jpg 1024w, https://live.staticflickr.com/7283/16226367060_b9f68be06c.jpg 400w" /></a> Some of the simplest tools are ones that you probably already have on your Mac or Linux machine. <code>/usr/bin/xxd</code> for hex dumps and <code>/usr/bin/strings</code> to look for human readable strings are part of the normal Unix toolkit. (Windows users might need to install cygwin to get them).</p> <p><a href="https://www.flickr.com/photos/osr/16227855417/lightbox"><img src="https://live.staticflickr.com/7449/16227855417_8df960a6b1_b.jpg" srcset="https://live.staticflickr.com/7449/16227855417_8df960a6b1_b.jpg 1024w, https://live.staticflickr.com/7449/16227855417_8df960a6b1.jpg 400w" /></a> Search engines are one of the best reverse engineering tools out there. When you encounter random hex constants, it’s amazing how quickly they can be matched to other sources. In this case I was able to avoid reverse engineering a huge block of code by recognizing that the lookup table were the crc32 polynomials.</p> <p><a href="https://www.flickr.com/photos/osr/16412007681/lightbox"><img src="https://live.staticflickr.com/8588/16412007681_b8ceac9b1d_b.jpg" srcset="https://live.staticflickr.com/8588/16412007681_b8ceac9b1d_b.jpg 1024w, https://live.staticflickr.com/8588/16412007681_b8ceac9b1d.jpg 400w" /></a> For decoding packet based protocols, Wireshark is free and great. And it’s not just ethernet -- it can also decode USB, Bluetooth and exotic formats like SS7. At 31C3 there was a fascinating demo using wireshark and the HackRF SDR to decrypt SMS communications being sent to cell phones.</p> <p><a href="https://www.flickr.com/photos/osr/16412007521/lightbox"><img src="https://live.staticflickr.com/8670/16412007521_6658930b08_b.jpg" srcset="https://live.staticflickr.com/8670/16412007521_6658930b08_b.jpg 1024w, https://live.staticflickr.com/8670/16412007521_6658930b08.jpg 400w" /></a> The interactive disassembler <a href="http://hopperapp.com">Hopper</a> isn’t free, but it is well worth the modest investment. This sort of tool makes it possible to quickly get a feel for what a program is doing, name functions and variables, jump into called functions, track cross references, etc.</p> <h3 id="hardware-tools">Hardware tools</h3> <p><a href="https://www.flickr.com/photos/osr/16413771255/lightbox"><img src="https://live.staticflickr.com/8676/16413771255_c84b9eca97_b.jpg" srcset="https://live.staticflickr.com/8676/16413771255_c84b9eca97_b.jpg 1024w, https://live.staticflickr.com/8676/16413771255_c84b9eca97.jpg 400w" /></a> If you’re doing any sort of hardware work, a multimeter is an inexpensive purchase that will let you measure voltages and trace wires to figure out what connects to where. In my opinion this "beep mode" for continuity testing is the most important feature: it should respond instantly and audibly so that you don't have to take your eyes off the PCB you're testing.</p> <p><a href="https://www.flickr.com/photos/osr/16413771215/lightbox"><img src="https://live.staticflickr.com/7377/16413771215_b18115b365_b.jpg" srcset="https://live.staticflickr.com/7377/16413771215_b18115b365_b.jpg 1024w, https://live.staticflickr.com/7377/16413771215_b18115b365.jpg 400w" /></a> For more complicated electronics work, an oscilloscope is slightly more expensive but well worth learning how to use. Being able to see the signals, like the ADB output from this Apple keyboard, makes it possible to understand what is going on.</p> <p><a href="https://www.flickr.com/photos/osr/15793723533/lightbox"><img src="https://live.staticflickr.com/8632/15793723533_40d440193d_b.jpg" srcset="https://live.staticflickr.com/8632/15793723533_40d440193d_b.jpg 1024w, https://live.staticflickr.com/8632/15793723533_40d440193d.jpg 400w" /></a> The bus pirate from Dangerous Prototypes is another inexpensive tool that is useful to have in the box. It is a combination logic analyzer / interface swiss-army knife for low-speed protocols. Unlike the multimeter and oscilloscope, it can inject signals into a circuit to pretend to be different types of devices.</p> <h2 id="once-you-figure-something-out">Once you figure something out...</h2> <p><a href="https://www.flickr.com/photos/osr/16226119018/lightbox"><img src="https://live.staticflickr.com/7377/16226119018_62306fe3cd_b.jpg" srcset="https://live.staticflickr.com/7377/16226119018_62306fe3cd_b.jpg 1024w, https://live.staticflickr.com/7377/16226119018_62306fe3cd.jpg 400w" /></a> NYC Resistor, my hacker space in Brooklyn, motto is "Learn, Share, Make". Major League Hacking, who is sponsoring this hackathon, says "Learn, Build, Share”. These are great rules to live by.</p> <h3 id="write-it-down">Write it down</h3> <p><a href="https://www.flickr.com/photos/osr/16226366700/lightbox"><img src="https://live.staticflickr.com/7436/16226366700_8beff5927d_b.jpg" srcset="https://live.staticflickr.com/7436/16226366700_8beff5927d_b.jpg 1024w, https://live.staticflickr.com/7436/16226366700_8beff5927d.jpg 400w" /></a> Once you've figured something out, write it down on your blog or somewhere that it can be found (i.e., not Facebook, G+ or twitter). Writing down what you learn serves many purposes: it ensures that you have a record of what you've done for later reference and it makes it possible for others to reproduce your work.</p> <h3 id="teach-someone-else">Teach someone else</h3> <p><a href="https://www.flickr.com/photos/osr/16226119138/lightbox"><img src="https://live.staticflickr.com/8577/16226119138_11a5008361_b.jpg" srcset="https://live.staticflickr.com/8577/16226119138_11a5008361_b.jpg 1024w, https://live.staticflickr.com/8577/16226119138_11a5008361.jpg 400w" /></a> Teaching what you've learned to others also cements your knowledge. I was priviledged to be invited to present my Thunderstrike reverse engineering work at CCC and hopefully helped lots of people learn how to get started with reverse engineering, learn something about EFI boot ROMs, and learn about boot time security vulnerabilities.</p> <p><a href="https://www.flickr.com/photos/osr/16387796106/lightbox"><img src="https://live.staticflickr.com/8561/16387796106_b9259eeb79_b.jpg" srcset="https://live.staticflickr.com/8561/16387796106_b9259eeb79_b.jpg 1024w, https://live.staticflickr.com/8561/16387796106_b9259eeb79.jpg 400w" /></a> Smaller workshops and classes are great way to share what you’ve learned with your friends and community. Local hackerspaces love to hold classes on how-to topics and are also a great place to meet similar minded people.</p> <p><a href="https://www.flickr.com/photos/osr/16227544649/lightbox"><img src="https://live.staticflickr.com/7369/16227544649_a48d8bc95e_b.jpg" srcset="https://live.staticflickr.com/7369/16227544649_a48d8bc95e_b.jpg 1024w, https://live.staticflickr.com/7369/16227544649_a48d8bc95e.jpg 400w" /></a> We regularly hold workshops at Two Sigma on topics and try to help our colleagues learn how to get started with electronics. It is frequently nice for programmers who deal with large memory machines to step back to think about how something can be implemented in a few bytes of RAM.</p> <h2 id="now-make-something-great">Now Make something great!</h2> <p><a href="https://www.flickr.com/photos/osr/16413770945/lightbox"><img src="https://live.staticflickr.com/7319/16413770945_806e577967_b.jpg" srcset="https://live.staticflickr.com/7319/16413770945_806e577967_b.jpg 1024w, https://live.staticflickr.com/7319/16413770945_806e577967.jpg 400w" /></a> My challenge to you this weekend is to make something great. Even if you think you’re not reverse engineering, you very well might be -- everytime you encounter a poorly documented API and have to look at the source, or send in different inputs to black box it: that’s reverse engineering. The skills you learn from figuring out how other pieces work will help you be a better programmer in almost all ways.</p> <p><a href="/Category:2015"><span style='color:white; background-color:red'>2015</a> <a href="/Category:Reverse_engineering"><span style='color:white; background-color:red'>Reverse engineering</a> <a href="/Category:Talks"><span style='color:white; background-color:red'>Talks</a></p> <hr> <div class="md-source-file"> <small> Last update: <span class="git-revision-date-localized-plugin git-revision-date-localized-plugin-date">November 8, 2020</span> </small> </div> </article> </div> </div> </main> <footer class="md-footer"> <div class="md-footer-meta md-typeset"> <div class="md-footer-meta__inner md-grid"> <div class="md-copyright"> Made with <a href="https://squidfunk.github.io/mkdocs-material/" target="_blank" rel="noopener"> Material for MkDocs </a> </div> <div class="md-social"> <a href="https://twitter.com/qrs" target="_blank" rel="noopener" title="twitter.com" class="md-social__link"> <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 512 512"><!--! Font Awesome Free 6.2.1 by @fontawesome - https://fontawesome.com License - https://fontawesome.com/license/free (Icons: CC BY 4.0, Fonts: SIL OFL 1.1, Code: MIT License) Copyright 2022 Fonticons, Inc.--><path d="M459.37 151.716c.325 4.548.325 9.097.325 13.645 0 138.72-105.583 298.558-298.558 298.558-59.452 0-114.68-17.219-161.137-47.106 8.447.974 16.568 1.299 25.34 1.299 49.055 0 94.213-16.568 130.274-44.832-46.132-.975-84.792-31.188-98.112-72.772 6.498.974 12.995 1.624 19.818 1.624 9.421 0 18.843-1.3 27.614-3.573-48.081-9.747-84.143-51.98-84.143-102.985v-1.299c13.969 7.797 30.214 12.67 47.431 13.319-28.264-18.843-46.781-51.005-46.781-87.391 0-19.492 5.197-37.36 14.294-52.954 51.655 63.675 129.3 105.258 216.365 109.807-1.624-7.797-2.599-15.918-2.599-24.04 0-57.828 46.782-104.934 104.934-104.934 30.213 0 57.502 12.67 76.67 33.137 23.715-4.548 46.456-13.32 66.599-25.34-7.798 24.366-24.366 44.833-46.132 57.827 21.117-2.273 41.584-8.122 60.426-16.243-14.292 20.791-32.161 39.308-52.628 54.253z"/></svg> </a> <a href="https://flickr.com/osr" target="_blank" rel="noopener" title="flickr.com" class="md-social__link"> <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 448 512"><!--! Font Awesome Free 6.2.1 by @fontawesome - https://fontawesome.com License - https://fontawesome.com/license/free (Icons: CC BY 4.0, Fonts: SIL OFL 1.1, Code: MIT License) Copyright 2022 Fonticons, Inc.--><path d="M400 32H48C21.5 32 0 53.5 0 80v352c0 26.5 21.5 48 48 48h352c26.5 0 48-21.5 48-48V80c0-26.5-21.5-48-48-48zM144.5 319c-35.1 0-63.5-28.4-63.5-63.5s28.4-63.5 63.5-63.5 63.5 28.4 63.5 63.5-28.4 63.5-63.5 63.5zm159 0c-35.1 0-63.5-28.4-63.5-63.5s28.4-63.5 63.5-63.5 63.5 28.4 63.5 63.5-28.4 63.5-63.5 63.5z"/></svg> </a> <a href="https://github.com/osresearch" target="_blank" rel="noopener" title="github.com" class="md-social__link"> <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 496 512"><!--! Font Awesome Free 6.2.1 by @fontawesome - https://fontawesome.com License - https://fontawesome.com/license/free (Icons: CC BY 4.0, Fonts: SIL OFL 1.1, Code: MIT License) Copyright 2022 Fonticons, Inc.--><path d="M165.9 397.4c0 2-2.3 3.6-5.2 3.6-3.3.3-5.6-1.3-5.6-3.6 0-2 2.3-3.6 5.2-3.6 3-.3 5.6 1.3 5.6 3.6zm-31.1-4.5c-.7 2 1.3 4.3 4.3 4.9 2.6 1 5.6 0 6.2-2s-1.3-4.3-4.3-5.2c-2.6-.7-5.5.3-6.2 2.3zm44.2-1.7c-2.9.7-4.9 2.6-4.6 4.9.3 2 2.9 3.3 5.9 2.6 2.9-.7 4.9-2.6 4.6-4.6-.3-1.9-3-3.2-5.9-2.9zM244.8 8C106.1 8 0 113.3 0 252c0 110.9 69.8 205.8 169.5 239.2 12.8 2.3 17.3-5.6 17.3-12.1 0-6.2-.3-40.4-.3-61.4 0 0-70 15-84.7-29.8 0 0-11.4-29.1-27.8-36.6 0 0-22.9-15.7 1.6-15.4 0 0 24.9 2 38.6 25.8 21.9 38.6 58.6 27.5 72.9 20.9 2.3-16 8.8-27.1 16-33.7-55.9-6.2-112.3-14.3-112.3-110.5 0-27.5 7.6-41.3 23.6-58.9-2.6-6.5-11.1-33.3 2.6-67.9 20.9-6.5 69 27 69 27 20-5.6 41.5-8.5 62.8-8.5s42.8 2.9 62.8 8.5c0 0 48.1-33.6 69-27 13.7 34.7 5.2 61.4 2.6 67.9 16 17.7 25.8 31.5 25.8 58.9 0 96.5-58.9 104.2-114.8 110.5 9.2 7.9 17 22.9 17 46.4 0 33.7-.3 75.4-.3 83.6 0 6.5 4.6 14.4 17.3 12.1C428.2 457.8 496 362.9 496 252 496 113.3 383.5 8 244.8 8zM97.2 352.9c-1.3 1-1 3.3.7 5.2 1.6 1.6 3.9 2.3 5.2 1 1.3-1 1-3.3-.7-5.2-1.6-1.6-3.9-2.3-5.2-1zm-10.8-8.1c-.7 1.3.3 2.9 2.3 3.9 1.6 1 3.6.7 4.3-.7.7-1.3-.3-2.9-2.3-3.9-2-.6-3.6-.3-4.3.7zm32.4 35.6c-1.6 1.3-1 4.3 1.3 6.2 2.3 2.3 5.2 2.6 6.5 1 1.3-1.3.7-4.3-1.3-6.2-2.2-2.3-5.2-2.6-6.5-1zm-11.4-14.7c-1.6 1-1.6 3.6 0 5.9 1.6 2.3 4.3 3.3 5.6 2.3 1.6-1.3 1.6-3.9 0-6.2-1.4-2.3-4-3.3-5.6-2z"/></svg> </a> <a href="https://social.v.st/@th" target="_blank" rel="noopener" title="social.v.st" class="md-social__link"> <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 448 512"><!--! Font Awesome Free 6.2.1 by @fontawesome - https://fontawesome.com License - https://fontawesome.com/license/free (Icons: CC BY 4.0, Fonts: SIL OFL 1.1, Code: MIT License) Copyright 2022 Fonticons, Inc.--><path d="M433 179.11c0-97.2-63.71-125.7-63.71-125.7-62.52-28.7-228.56-28.4-290.48 0 0 0-63.72 28.5-63.72 125.7 0 115.7-6.6 259.4 105.63 289.1 40.51 10.7 75.32 13 103.33 11.4 50.81-2.8 79.32-18.1 79.32-18.1l-1.7-36.9s-36.31 11.4-77.12 10.1c-40.41-1.4-83-4.4-89.63-54a102.54 102.54 0 0 1-.9-13.9c85.63 20.9 158.65 9.1 178.75 6.7 56.12-6.7 105-41.3 111.23-72.9 9.8-49.8 9-121.5 9-121.5zm-75.12 125.2h-46.63v-114.2c0-49.7-64-51.6-64 6.9v62.5h-46.33V197c0-58.5-64-56.6-64-6.9v114.2H90.19c0-122.1-5.2-147.9 18.41-175 25.9-28.9 79.82-30.8 103.83 6.1l11.6 19.5 11.6-19.5c24.11-37.1 78.12-34.8 103.83-6.1 23.71 27.3 18.4 53 18.4 175z"/></svg> </a> </div> </div> </div> </footer> </div> <div class="md-dialog" data-md-component="dialog"> <div class="md-dialog__inner md-typeset"></div> </div> <script id="__config" type="application/json">{"base": "..", "features": [], "search": "../assets/javascripts/workers/search.e5c33ebb.min.js", "translations": {"clipboard.copied": "Copied to clipboard", "clipboard.copy": "Copy to clipboard", "search.result.more.one": "1 more on this page", "search.result.more.other": "# more on this page", "search.result.none": "No matching documents", "search.result.one": "1 matching document", "search.result.other": "# matching documents", "search.result.placeholder": "Type to start searching", "search.result.term.missing": "Missing", "select.version": "Select version"}}</script> <script src="../assets/javascripts/bundle.51d95adb.min.js"></script> <script src="https://cdnjs.cloudflare.com/ajax/libs/mathjax/2.7.0/MathJax.js?config=TeX-MML-AM_CHTML"></script> </body> </html>

Pages: 1 2 3 4 5 6 7 8 9 10