From: QuantumG <qg@biodome.org>
To: linux-kernel@vger.kernel.org
Subject: reverse engineering pwcx
Date: Sat, 28 Aug 2004 10:52:33 +1000 [thread overview]
Message-ID: <412FD751.9070604@biodome.org> (raw)
Having watched the discussion around pwcx since the first posting, I
thought I would take a look at libpwcx.a. It consists of 3 .o files
each containing full symbol information and in total a *very* small
amount of code. There is no secret algorithm or complex image
processing in this code. Having worked on reverse engineering a complex
audio processing application (see our paper Using a Decompiler for
Real-World Source Recovery, to appear WCRE 2004), I expected to see some
serious floating point calculations or at least something recognisable
as a FFT or some other known algorithm. There is none of this in the
pwcx driver. I could provide complete decompiled source code for this
binary, however due to the legal questions I'd rather just say that
there is really not a lot of effort required here to black box this
driver and replicate what it is doing. The biggest job will be
deciphering the two or three large tables used in the decompression
operations.
The specific issue of pwcx dealt with I'd really like to ask why
companies perfer to release binary drivers over open source drivers. A
Linux kernel driver is really easy to decompile. There's a number of
factors that make this so, especially the large amount of symbols
generally left in binary drivers, but mainly the fact that kernel
drivers are by design small contained pieces of code. Also, they are
generally written in straight C with the only function pointers being
well documented interfaces (and the function pointers are not changed
dynamically). Compared to say, a win32 application written in C++ with
all that stdcall/fastcall stuff, a linux kernel module is a joy to
decompile. So why bother releasing a binary only driver? The company
is not protecting its intellectual property. If an amature like me, who
knows nothing about web cams, can understand this driver than surely
someone at one of Philips' competitors reverse engineered and understood
this algorithm within weeks of the drivers for this camera hitting the
market. I'm sure Philips' knows this so why force Nemosoft to sign an
NDA? And more importantly, why not let the community maintain this driver?
Trent Waddington
Decompiler maintainer, http://boomerang.sourceforge.net/
next reply other threads:[~2004-08-28 0:51 UTC|newest]
Thread overview: 22+ messages / expand[flat|nested] mbox.gz Atom feed top
2004-08-28 0:52 QuantumG [this message]
[not found] ` <20040828012055.GL24018@isi.edu>
[not found] ` <20040828014931.GM24018@isi.edu>
2004-08-28 3:14 ` reverse engineering pwcx QuantumG
2004-08-28 3:35 ` Craig Milo Rogers
2004-08-28 3:49 ` Lee Revell
2004-08-28 12:23 ` Vojtech Pavlik
2004-08-28 19:20 ` Chris Meadors
2004-08-28 3:57 ` QuantumG
2004-08-28 12:07 ` Vojtech Pavlik
2004-08-28 6:47 ` Clem Taylor
2004-08-28 12:23 ` Wouter Van Hemel
-- strict thread matches above, loose matches on Subject: below --
2004-08-28 16:17 Albert Cahalan
2004-08-28 16:25 ` Lee Revell
2004-08-28 16:56 ` Albert Cahalan
2004-08-28 17:11 ` Lee Revell
2004-08-28 18:05 ` Vojtech Pavlik
2004-08-28 17:53 ` Joel Jaeggli
2004-08-28 18:04 ` Lee Revell
2004-08-28 18:08 ` Lee Revell
2004-08-29 21:04 ` Helge Hafting
2004-08-30 7:42 ` Paul Jakma
2004-08-30 12:52 ` Albert Cahalan
2004-08-30 20:23 ` dulle
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=412FD751.9070604@biodome.org \
--to=qg@biodome.org \
--cc=linux-kernel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox