freenode/lisp - IRC Chatlog
Search
13:03:49
_death
the only difference between having source code and not having source code is the amount of effort it takes to analyse the software
13:21:40
ogamita
_death: assuming the binary code is not obfuscated, which is becoming the rule for software you don't have the sources anyways.
13:23:29
ogamita
_death: cf. https://www.intertrust.com/products/application-security/code-protection/
13:23:49
ogamita
yes, just widens it to cryptographic problems, for which you need more than the lifetime of the universe. Good luck.
13:24:22
_death
ogamita: come now.. this or that product doesn't mean anything.. if it runs on your machine, it can be reversed
13:24:56
_death
ogamita: nowadays they try to use hypervisors and such.. still, the cat wins every time
13:25:38
ogamita
_death: whitecryption implements whitebox cryptography: you can watch the RAM, you can trace the execution, and you still can't get the secret keys.
13:26:34
ogamita
cf. https://scholar.google.fr/scholar?q=whitebox+cryptography+thesis&hl=en&as_sdt=0&as_vis=1&oi=scholart&sa=X&ved=0ahUKEwirreOlm-rSAhWLfhoKHQ1fB20QgQMIGjAA
13:26:50
_death
at least their marketing is somewhat honest.. "To succeed, they must crack the entire protection regime at once, which is an extremely difficult and time consuming task."
13:27:32
White__Flame
plus, if it's a decryption step, you can just let it run and later look at the output
13:28:15
iago
_death: I guess it works when the effort to reverse it, is higher than the effort to implement it from scratch
13:29:04
White__Flame
if you're a black hat, you're not interested in reimplementing, but compromising and/or spying
13:32:03
jackdaniel
i thought we were talking about practial difference? in theory program is just data
13:33:22
jackdaniel
yes, but it's hard and resource-consuming task, so saying about "the only difference" is a bit inaccurate
13:35:01
_death
I think it became much more accessible and commercialized in the last decade.. I suppose that's why I lost interest :D
13:37:51
_death
White__Flame: reverse engineering.. although my old RE skills help me greatly when I need to understand other people's code of course :)
13:38:38
jackdaniel
also regarding RE – having disassembled code isn't the same as having source code. compiler may use tricks to simplify code, but source may contain ideas lost in translation (but working accurately)
13:39:06
ogamita
Indeed. One may prefer to have a good specification document rather than source code.
13:39:08
White__Flame
I'm still building RE tech, but I'm severly disinterested in the whole cybersecurity industry, after working on some major projects and taking some contracts. Of course, I'll take a paying gig in the industry, but not pursuing it
13:39:35
ogamita
With good specs, you can usually re-implement easily on new systems or hardware. With just the code, it's often more work or economically impossible.
13:40:01
White__Flame
almost nobody understands cybersecurity, and want non-invasive turnkey products (which beltway bandits are happy to provide). it makes no sense and is too self-defeating to have any interest there
13:40:43
_death
jackdaniel: it's the reverser's job to recover that information.. and yes, some things (rationale etc.) are lost, but even with source code they're sometimes lost in the translation from thought to code
13:42:21
_death
White__Flame: to me it looks like the "cyber" buzzword was invented by governments.. and I prefer to not deal with such entities :)
13:43:56
ogamita
_death: http://paste.lisp.org/display/342086 Here you have even the "source" (obfuscated). Let's see if you can restore the original source.
13:46:19
_death
ogamita: it's just a state machine.. simple VMs like this are very old tricks and well understood
13:47:53
White__Flame
I've broken a lot of that style from .swf files; noramlly it's just a single static propagation that brings you to the "real" code, after making a bunch of pointless obfuscated jumps
13:48:30
White__Flame
obviously that pasted code involves decryption keys and traps and such, but it's generally a simple linear path
13:49:02
_death
ogamita: also in this case, much of this "obfuscation" disappears, or is lessed by just compiling it
13:49:43
_death
White__Flame: I think that code just returns which mode to use based on info.algorithm
14:00:48
_death
I remember when the army interviewed me... they asked me what I liked better, reverse engineering or programming.. I answered the latter, they were surprised (dismayed, maybe).. and programming it has been for the last decade
14:20:49
_death
ogamita: I think the first instance of source-based obfuscation I encountered was with PCBoard Programming Language (PPL) sources.. there was a simple decompiler called PPLD, but because some tool was written to obfuscate the source someone wrote another decompiler, PPLX, that also performs analysis to remove the obfuscation.. I also wrote an obfuscator then called PPLE :)
14:21:39
ogamita
Well, it's related: you would definitely use lisp to write reverse engineering tools.
14:23:58
_death
ogamita: at my previous job, some people wrote games in lua and they dumped high scores and such as lua objects (actually lua code) instead of using json or whatever.. when they moved to using unity and C# they didn't know how to read those objects... so I some minimal interpreters in lisp for the two lua implementations they used
14:24:37
_death
ogamita: later I had to write it in C# but for experimentation Lisp was great of course :).. the whole thing took a day
17:30:29
beach
You should start respecting the accepted Common Lisp style if you want to submit code for others to read.
17:35:56
nyef
Also looks like it might still behave as a program if it were compiled as C++ rather than as C?
17:48:50
nyef
Yeah, I don't know why "holy" has a long o and "holly" a short o, but that seems to be the primary difference in pronunciation.
18:05:03
nyef
Yeah, the code in the paste that you gave above, even (or especially) uncommenting the LOOP form, isn't exactly optimal in terms of declared types, and plausibly doesn't even do what you think it does.
18:36:22
didi
I don't understand the results of https://paste.debian.net/hidden/1f7b83dd . When I run the program with `'negate' I get an undefined function error, but when I run it with `#'negate', I get the result I expected, i.e. (-1 -2 -3).
18:37:29
Bike
(mapcar 'negate ...) is short for (mapcar (symbol-function 'negate) ...), and symbol-function looks up global functions only
19:20:32
borei
http://pastebin.com/uktkvHvz - can somebody take a look, am i getting maximum that i can i get, of there is more room to optimize ?
19:22:59
jackdaniel
sufficiently smart compiler™ doesn't need declaration inside lep about step and I
19:23:35
jackdaniel
if you are sure about data correctness etc, you may skip safety checks with (safety 0) – for benchmark purposes, not for production code
19:25:12
borei
without declaration for I and step i have not so good result - 12 seconds agains 4 seconds
19:58:38
circ-user-cEMst
I'm curious: Has there been any prior work for making a Lisp (say SBCL) run as a unikernel on the Xen hypervisor? (like MirageOS) Would it be a difficult task?
20:01:52
rpg_
fourier: I forget -- do you need to use "of-type" (or am I confusing that with iterate?)
21:07:32
auser1234
is mezzano a new common lisp from the ground up? does it have some kind of lineage?
21:55:44
_death
I thought it's funny that it tries to resolve google.com to check for connectivity.. I have it as 127.0.0.1 in my hosts file
22:17:17
angular_mike_
on demand increment the integer attribute for entry with specific string attribute value