Reverse engineering is a powerful tool for any software developer. But as with any tool, it’s only as good as the person using it. Understanding reverse engineering and how it can be used is important for new and veteran developers alike.
What Is Reverse Engineering?
Reverse engineering is the process of taking something apart and putting it back together again in order to see how it works. It’s not a technique specific to computer science; instead, it can be used any time someone wants to understand a process or project. For example, structural engineers used reverse engineering to determine the cause of the 1981 Hyatt Regency walkway collapse in Kansas City. Scientists often use reverse engineering too; the Human Genome Project is perhaps the most famous example of scientific reverse engineering, wherein scientists try to decipher human DNA to learn more about how we work as a species.
When applied to software development, reverse engineering usually means using a tool called a decompiler to translate machine code into a programming language like Java or C#, so that a developer can study the code and learn how it works. As a tool for someone learning to program, this is invaluable; studying code from existing software can help beginners learn how different pieces of code interact with each other, how programming languages are often used and how a developer can use code to create a finished product.
Ways Reverse Engineering Is Used
Product and Process Improvement
Many software developers use reverse engineering to improve their own code or to improve interoperability between programs. Many software suites have application programming interfaces (APIs) that allow for interoperability. “But experts say most APIs are so poorly written that third-party software makers have little choice but to reverse-engineer the programs with which they want their software to work, just to ensure compatibility,” according to Mathew Schwartz of Computerworld.
Schwartz goes on to describe how Cyrix Corp. and Advanced Micro Devices Inc. managed to reverse-engineer Intel’s microprocessors to bring a less expensive, competitive product to market. While operating systems are usually too large and complex to reverse-engineer, “applications are ripe for reverse-engineering.”
Reverse-engineering viruses and other malware is common practice for companies that develop security software. According to a study by Zeltser Security Corp, “repeatable forensics steps should assist members of the defense community in developing a structured approach to understanding inner-workings of malicious software.” By taking a piece of malware apart and studying it, a cybersecurity company can develop tools to combat the techniques used by malware developers, rather than reactively developing defenses for individual malware programs.
Reverse engineering is also used to find security flaws in software, Schwartz says. Though some companies use this to create defenses against such security flaws, hackers who create malicious software can use this process to find gaps in security that they can exploit.
Intelligence and Espionage
Cyber warfare is becoming an increasingly important threat to guard against; in 2014 alone, the U.S. government suffered 61,000 cybersecurity breaches, according to Time. In fact, the Economic Espionage Act of 1996 specifically addresses reverse engineering and its legality and uses. As countries become more reliant on computer systems for warfare, commerce and more, they become increasingly vulnerable to those who reverse-engineer systems to find security holes to exploit.
Is Reverse Engineering Legal?
There is no general-purpose law against reverse engineering. That is, the practice of reverse engineering in and of itself is legal. However, “reverse engineering has been under siege in the past few decades,” according to The Yale Law Journal. Although nothing in the Economic Espionage Act explicitly forbids reverse engineering, there are a number of legal and ethical concerns that arise.
The Electronic Frontier Foundation (EFF) lists the following areas of U.S. law as being applicable to those practicing reverse engineering:
- Copyright and fair use law
- Trade secret law
- Anti-circumvention provisions listed in the Digital Millennium Copyright Act (DMCA)
- Contract law
- The Electronic Communications Privacy Act (ECPA)
Copyright law presents an obstacle because most software is the intellectual property of the company that created it. Using any portion of the reverse-engineered code could constitute a copyright violation. Even if a developer doesn’t actually use the code, using lessons learned from reverse-engineered code could constitute the use of protected trade secrets or might be considered a violation of a contract such as a non-disclosure agreement.
The DMCA confuses matters further, prohibiting the use of reverse engineering to circumvent “technological protection measures.” While this is often taken to mean digital rights management protection, many argue that it could just as easily refer to “techniques such as authentication handshakes, code signing, code obfuscation, and protocol encryption,” the EFF says.
Finally, the ECPA prohibits the “interception of electronic communications flowing over a network.” This can include network packets, so any reverse engineering of such packets could be a violation of the ECPA unless consent is obtained from all relevant parties.
Reverse Engineering Tools
Because reverse engineering can be an invaluable tool for learning how to use a particular programming language or how to work on a particular type of application, beginners can use the technique to improve their skills. That said, it’s necessary to have some knowledge of the language that the program is written in, and other knowledge might be required for different types of applications. For example, a developer reverse-engineering crypto algorithms will need knowledge of crypto science and should also be familiar with the most popular algorithms used in the field, according to Apriorit.
Specialized tools are also necessary. Anyone engaging in reverse engineering will need a decompiler or dissembler, a program “that translates the executable file to the assembly language,” Apriorit says. Other tools might also be useful or necessary, such as an API monitor or debugging tool.
A junior developer intending to use reverse engineering as a learning tool would be well-served by starting with older software. “Software is only getting more complicated, not less. So if you are in the beginning stages it is a lot harder starting with a newer piece of software,” Security-FAQs says. In addition, others have reverse-engineered older software in the past and documented the experience online, meaning that there is an existing knowledge base and community to call on that wouldn’t exist for a newer piece of software.
When reverse-engineering, developers should always keep in mind the legal and ethical risks associated with doing so and strive to avoid doing anything illegal.
Learn to Be a Developer
Solid knowledge of a programming language is necessary to the reverse-engineering process. The Software Guild offers a 12-week full-time program or a nine-month part-time online program, so you can learn a programming language with the help of skilled instructors at a pace that works for your life. Upon completion, you’ll be prepared for junior developer positions in either Java or C#/.NET. Apply to the coding bootcamp today.
While reverse engineering serves as a valuable introduction to software development, coding bootcamps such as The Software Guild offer an outcomes-focused, intensive learning environment for those interested in programming careers.