newbies

A word to the confused ones
by Fravia
~
(July 1998)
~

While attending the Olympic games, Leon, prince of Phlius, asked Pythagoras how he would describe himself. Pythagoras replied, 'I am a philosopher', but Leon had never heard that word before and asked him to explain.

"Life, prince Leon, may well be compared with these public games for in the vast 
crowd assembled here  some are attracted by the acquisition of gain,  others are 
led on by the hopes and ambitions of fame and glory.  But among them there are a 
few who have come to observe and to understand all that passes here."

Welcome, dear readers and visitors of this site, I'm sure that some of you will be a little amazed, and confused, for the quantity (and if I dare say it, the quality and peculiarity) of the information you'll find on my "pages of reverse engineering".

The structure of this site recalls the "climbing-descending" picture of Escher you'll be able to see here: you should wander inside my site and peruse my pages at a leisurely pace, you'll eventually understand its Moebius-like topology.

This site is mainly dedicated to a very noble (and fairly difficult) art: reverse engineering, i.e. individuating and gathering "hidden" or "lost" data in a "backwards" approach: from finished phenomena back to its hidden "code".

There are many forms of reverse engineering the world around you: semanthic studies, for instance can be very useful (like rethoric) in order to "reverse engineer" a speech or a message from somebody.
Although may be not as important as "industrial" reverse engineering, software reverse engineering is a science in its own rights and my extraprofessional activity has always been centered on the understanding of the "inner working" of the application I have used, in order to modify and ameliorate them if necessary (sadly, it is indeed necessary most of the time)
One of the main "sections" of my site is consecrated to this endeavour.
Most people are interested in the specific reverse engineering of protection schemes, i.e. the part of the software code that "protects" an application from being used fully, or for ever. Indipendently from its "gray" legal meaning, this is a good choice indeed (even if my own contributions are more oriented towards "general" software reverse engineering: my recent essays about "filemon.exe" should allow you to reverse engineer almost every windows95 application) because it gives us the opportunity to take many talented people on the bandwagon. Studying a subject in continue and relentless evolution (like protection schemes are, for obvious commercial reasons) implies moreover a continued evolution of our own techniques. You'll notice that we are already developing our own tools. The numerous contributions you'll find in the "Academy" section have already improved our techniques and approaches (I myself gathered an incredible amount of knowledge). Such activities, as curious as it may seem, are more useful than harmful for the shareware programmers, who have - until now - protected their software in a miserable manner.
You may also notice, perusing the Academy, that we do not care much for the "kind" of software used as target, which most of the time we don't need and don't use anyway, yet we care very much for the "weirdness" and "subtilety" of the protection scheme itself.
There are some exceptions, though: the TOOLS we must use. The principal ones are Winice (a powerful debugger), IDA 37 and Wdasm (two powerful disassemblers) and BRW (Borland resources workshop, a collection of windows decompiling tools so powerful that its development has been purposely "discontinued" a couple of years ago... and that's quite interesting per se... speaking about our society "progress" and "development" :-(

Protection schemes reverse engineering was moreover a field dominated by +ORC, an half - mythical being (there are on the Web sites that deal exclusively with the mystery that this person represented). +ORC ("the old red cracker") was a Master Cracker and great Philosoph, whose eclectic and now a little obsolete Tutorial you should by all means read (and head). +ORC is a "general" reverse engineer, not only a cracker, and his "social" reverse engineering studies are particularly beautiful. His reverse engineering of the barcodes (those little "stripes" codes you can see on any object around you) is by many considered one of the masterpieces in the whole history of "applied" reverse engineering.
+ORC was a mentor for many of us.

Anonymity on the web is another field where you can apply reverse engineering techniques of various type. In this section fall also "stalking" (i.e. finding real information on people that are on the web, behind all the "noise" they may have made); "luring" (i.e. trapping somebody on a page that will reveal you some information on your target); "counter intelligence" (i.e. intercepting messages on Usenet that are useful for you and that are being exchanged by people you don't even know the name of) and many other interesting and very recent techniques that you'll be able to learn on my site.

The search for information on the net is a science in its own rights, and there are many sites on the web that deal with this subject. I try on my site to help you understand how to use effectively the main search engines, and especially which ones to use for different endeavours (there are interesting differences between them). You'll find also some elementary information about "combing", i.e. gathering results that others have collected, via "top counter lists", vigilant filter and usenet depots like Dejanews and e-mail query. A new searching technique: klebing, i.e. 'reversing' a search, using the locations where the information seekers themselves come from as possible source of valuable related information is also explained in deep. During 1998 I will begin a section on bots building since it is more and more evident that if you nead real information you cannot rely on the commercial oriented search engines alone.

A section of my site has been consecrated to the struggle against commercial "smut sites": those sites that are increasingly swamping the Web offering extremely low level pornography for money (I'm not a censor and I have nothing against nude pictures - if given away for free). Indipendently from this specific struggle against smut, you'll be able to learn there some rudiments of CGI-script reverse engineering, i.e. how to nuke a whole site on the web (given some conditions) against the will of its owner.

On a similar "web-reversing" line you'll find on my site a section dedicated to Steganography, the art of hiding a message inside a picture or a sound file, and a section dedicated to Javascript tricks, i.e. tricks you can for instance use to block access to a part of your site. Both these sections have been divided in a public accessible "elementary part" and in an "advanced part" that will require a little work from your side, which is good, since my intent is to let you learn, not to let you leech.

Microsoft is bashed quite oft on this site because we believe it is imposing a very poor operating system to the whole world through money and bad concurrence practices, not through intrinsic, "real", value. In fact all Microsoft programs are so bugged and unstable, as you'll learn here on my pages, that one wonders about the mental sanity of people still happily buying and using them.
Regarding Internet browsing, you'll find on this site some "snippets" and tricks that will allow you to "shut out" from your pages (or completely nuke :-) anybody that uses Microsoft's Internet Explorer instead of Netscape Navigator... of course this does not mean that we believe Netscape to be a "good" society, not indeed... as soon as a "less commercial oriented" alternative in the browser scene arised (Opera, a beautiful configurable, fast and relatively small browser), we all jumped on it, forgetting Netscape and his awful bugs.

A small section of this site deals with an interesting problem: is software reverse engineering actually legal? I had so many problems (on the net, at work, everywhere) that I wanted to clarify this. The law differs between the USA, the European Union and Japan (obviously, since the three have different economic interests in this field), and there are quite a lot of obscure and pretty vague law formulations which need and deserve to be studied and translated into normal language. Anyway -despite all crimoinalisation attempts, the days of the 'commercial' copyright are already numbered.
See: reverse engineering (and mass team work for free) has ALREADY taken an enormous importance for the developing of new products. No I'm not speaking only of the (very important if slow) triumphing of free mighty Linux versus stupid buggy Windows. If you watch the landscape now (Mid-1998), with Netscape decision to give the source code of its main product Navigator, for free, to anybody who cares (copyleft instead of copyright), hoping to push a 'mass team work' on the web to sink Micro$oft, it is absolutely obvious that copyrights are nowadays HINDERING development instead of protecting it... laws and policy makers have of course not noticed it yet... quite the contrary:
The last concerted moves all over the world towards an a priori criminalisation of any sort of reverse engineering studies confirm also the danger that such knowledge represents for the political corrupt 'establishment'. Governments are among the most obvious puppets of the huge corporations that now rule, and as an elementary exercise in 'reversing reality' you may also easily note a not so curious corresponding development: while reverse engineering studies are being criminalized, all forms of human exploitation (child labour, forced labour, even buying and selling human beings) are being de-penalised and more and more allowed (and media-hailed) in the name of the 'globalisation' of the 'free' markets... an hideous, commercial oriented development, which all over the world has brought more mass impoverishment than anything else before -bar wars- ever did.

Yes, understanding the world is far from easy... and the web does not help much: an ocean of knowledge... about two centimeters deep! You'll find tons of useless information and frills everywhere, but this will not help you to understand what is really happening. For that you will have to learn how to "reverse" the messages you get... and I believe that the approach we are using here (taking concrete small examples and applying 'scientific reversing' to them) may deliver a very effective form of teaching for these purposes: you'll find it in the section that is slowly "taking off", and that I personally love: the Reality cracking section of my site.
Ultimately I intend to leave the field of software reversing (busting protection schemes is IMHO far too easy to represent a real challenge for advanced reversers, I personally will not crack protection schemes any more) and concentrate on the three (related) fields of internet searching, anonymity concerns and reality cracking. As far as I have any 'plans' for this endeavour of mine, I intend to transform my site during 1998 more and more into an 'anti-advertisement' fortress: studying, understanding, reversing and ultimately countering all the pavlovian tricks that advertisers are using all over the world to lobotomize human beings into 'consumers'.
I will not be able to do all this without the help of the crackers, of the seekers and of all other friends out there whose brain has not yet being reduced to mud by tv-commercials.

There are many pages on my site... you may peruse everything at will, you are welcome. You'll also notice that my pages (with some exceptions) load very quickly because there are almost NO pictures on them (nor frames of course): the contents, not the frills, make this site the knowledge treasure it is intended to be.

Do not be scared, nor paralysed if you don't understand everything immediately, knowledge is like one of the chill white wines bottled in the old lagoons I come from: you should sip it slowly and knowingly, else it won't do you no good.