I have a program I want to rip down to bare bones. It was done it C#. [I][U]I'm not asking how to do it![/U][/I]. There isn't an ELUA or TOS agreement, would this provide immunity? Ive googled searched this and only come up with people saying it is illegal do to the millennium act. Ive read from unreliable sources that it is OK for educational purposes only?
[editline]10th January 2014[/editline]
Ohhh.. I just realized this looks like I want to steal this code. I have no intention of using this persons code or doing anything similar to what they have done.
You most likely won't get reliable advice here either, you really should consult a lawyer if you want to be sure.
That said, here are some resources on the matter:
[URL="https://www.eff.org/issues/coders/reverse-engineering-faq"]https://www.eff.org/issues/coders/reverse-engineering-faq[/URL]
[URL="http://chillingeffects.org/reverse/faq.cgi"]http://chillingeffects.org/reverse/faq.cgi[/URL]
[QUOTE=.:RG:.PhY5c0;43486268]I have no intention of using this persons code or doing anything similar to what they have done.[/QUOTE]
Then just decompile it? It's not like anyone is ever going to know or care. I can assure you there isn't someone watching your computer just waiting for you to decompile a program without permission.
[QUOTE=KmartSqrl;43488536]Then just decompile it? It's not like anyone is ever going to know or care. I can assure you there isn't someone watching your computer just waiting for you to decompile a program without permission.[/QUOTE]
I totally agree with that.
But I have to say that know a few programs that contain code to detect when it's modified / run from a decompiled source code. Those programs also inform the owner (by connecting to a web-server something)
[QUOTE=Felheart;43489577]I totally agree with that.
But I have to say that know a few programs that contain code to detect when it's modified / run from a decompiled source code. Those programs also inform the owner (by connecting to a web-server something)[/QUOTE]
Well its a good thing that when its decompiled you can usually find said parts of the program that do so!
I always say they cant prosecute what they don't know ;D
[QUOTE=Felheart;43489577]I totally agree with that.
But I have to say that know a few programs that contain code to detect when it's modified / run from a decompiled source code. Those programs also inform the owner (by connecting to a web-server something)[/QUOTE]
If you feel paranoid about that decompile it with the ethernet cable unplugged, or in a virtual machine with no internet access. I think a lot of the times, law wise, decompiling is covered by fair use. It often breaks the EULA which is a breach of contract, and it's often that the EULA overrides copyright law. Either way what they don't know can't hurt.
[QUOTE=Felheart;43489577]But I have to say that know a few programs that contain code to detect when it's modified / run from a decompiled source code. Those programs also inform the owner (by connecting to a web-server something)[/QUOTE]
Even if they do that it's not like they're ever going to waste the money to have a lawyer go after a lone developer when they get pings from one machine. I'm sure that sort of thing is more intended to make sure that people aren't decompiling, modifying, and distributing the program.
Ok let me explain a bit more. I had net limiter going and I noticed the program had an outbound connection. It was sending packets. I used PD to see where it was pulling from, It was pulling information from areas it shouldn't have access to. I don't have any intention of modifying or redistributing the software. I guess at this point I don't really need to decompile I just wanted as much proof that the program is malicious and handle it appropriately.
[QUOTE=.:RG:.PhY5c0;43492159]Ok let me explain a bit more. I had net limiter going and I noticed the program had an outbound connection. It was sending packets. I used PD to see where it was pulling from, It was pulling information from areas it shouldn't have access to. I don't have any intention of modifying or redistributing the software. I guess at this point I don't really need to decompile I just wanted as much proof that the program is malicious and handle it appropriately.[/QUOTE]
Cant you just add an exception to your firewall to block all outgoing and incoming connections for that program?
[QUOTE=FrankPetrov;43492269]Cant you just add an exception to your firewall to block all outgoing and incoming connections for that program?[/QUOTE]
Yes I've already done so. But there are many other people who have this program that wouldn't notice something like this. [I]"I wont post the program name yet"[/I] The host that rents them space has a T.O.S that states if you are supplying malicious software you can and will be turned in and you will never be allowed to host with them again. I just wanted to make sure the when I email proof that it wont backfire in my face for tearing their program a part.
[QUOTE=.:RG:.PhY5c0;43492441]Yes I've already done so. But there are many other people who have this program that wouldn't notice something like this. [I]"I wont post the program name yet"[/I] The host that rents them space has a T.O.S that states if you are supplying malicious software you can and will be turned in and you will never be allowed to host with them again. I just wanted to make sure the when I email proof that it wont backfire in my face for tearing their program a part.[/QUOTE]
Anonymous tip off might be a good bet, just to be safe
One would have to be pretty bold to try and sue the person who identified their program as malware.
[QUOTE=DrTaxi;43510124]One would have to be pretty bold to try and sue the person who identified their program as malware.[/QUOTE]
That's the case here in Germany, and most of the rest of the world afaik.
In the US you can completely ruin someone with an unfounded lawsuit if you have enough money.
Even if you win the lawsuit, you're not reimbursed for your expenses there iirc.
My point is more the "malware" part.
If you're caught distributing malware, you'll probably want to stay away from the justice system.
No one will care about it if you just do it for your own interest. As long as you don't redistribute the decompiled code or use it for commercial purposes, you're fine.
Sorry, you need to Log In to post a reply to this thread.
