This chapter is concerned with reverse engineering in the
Linux environment, a topic that is still sparsely covered despite years
of attention from security consultants, software crackers, programmers
writing device drivers or Windows interoperability software. The
question naturally arises: why would anyone be interested in reverse
engineering on Linux, an operating system in which the applications that
are not open source are usually available for no charge? The reason is
worth noting: in the case of Linux, reverse engineering is geared toward
“real” reverse engineering—such as understanding hardware
ioctl( ) interfaces, proprietary network
protocols, or potentially hostile foreign binaries—rather than toward
the theft of algorithms or bypassing copy protections.
As mentioned in the previous chapter, the legality of software reverse engineering is an issue. While actually illegal in some countries, reverse engineering is for the most part a violation of a software license or contract; that is, it becomes criminal only when the reverse engineer is violating copyright by copying or redistributing copy-protected software. In the United States, the (hopefully temporary) DMCA makes it illegal to circumvent a copy protection mechanism; this means the actual reverse engineering process is legal, as long as protection mechanisms are not disabled. Of course, as shown in the grossly mishandled Sklyarov incident, the feds will go to absurd lengths to ...