PDA

View Full Version : CSI x Reverse Engineering


funtikar
September 4th, 2009, 00:30
what do you get when you cross CSI and reverse engineering...

Woodmann
September 4th, 2009, 16:48
Spontaneous combustion of the cranium ?

Woodmann

JMI
September 4th, 2009, 18:11
The logical conclusion would be "a dead reverser" since there is no need for CSI unless there has been a crime. ALthough, there certainly are crimes lessor than those which result in a dead body.

Another possible logical conclusion would be a "reverser" going to the slammer, since their "crime" might be discovered. And the paradox of the CSI investigator having to arrest themself for "reversing."

Regards,

D-Jester
September 4th, 2009, 20:39
Well if you reverse engineer CSI, wouldn't they be investigating a birth?

BanMe
September 4th, 2009, 21:32
this question comes down to to what makes up each to find out the real answer.

I think they are different aspects of the same basic studying abilities..one that pursues the understanding of real life events, and the other pursues the understanding of the events that transpire in the virtual. so basiclly they are almost congruent in terms of goals and throughness of analysis. but what makes them different is the techniques involved in attaining 'proof of concept', and most certainly 'Validation of concept' is required alot more with CSI.as alot more 'evidence' has to be gathered and motives have to be determined 'reasonable' in 'our' justice system for the CSI investigator, that is somewhat similar but is far less 'regulated' then the Reverse Engineering community, even though almost the same quantity of evidence is gathered in process of RE, the evidence usually only holds meaning and provides understanding to those following in the footsteps of the 'suspect'...lol

so CSI * Reverse Engineer in my opinion you would get a crazed individual with a exceeding insane attention to detail and capable of analyzing the real world as well as the virtual with a knack for finding the weaknesses in both.

BanMe

JMI
September 4th, 2009, 21:49
Not to rain on your parade, but you appear to be basing alot of your supposition on CSI TV shows.

My son works in the field and spends a great deal of his time analyzing blood samples collected from recently deceased individuals. That's the easy ones. Then there's those not "recently" dead. He uses a number of hi-tech machines which assist in that process and which require him to be good at noticing color changes as the sample is burned. That tells him whether certain products are in the blood sample. He is also asked to determine how much alcohol someone may have consumed and when.

Yes there is attention to detail, but, generally, the work involves many individuals who have specialized responsibilities and it is not filled with a few photogenic people who go out and do "everything" themselves with a few samples, and then arrest the perps. That's just TV. They don't carry guns and they don't arrest people, but they do, occasionally testify at trial.

Regards,

BanMe
September 4th, 2009, 22:16
damnit from now on imm write my answers in notepad..and reread them 5 times before posting..i was gonna make that point..to..I was in process of editing..and filling out my broken sentences and mangled thoughts.

Woodmann
September 5th, 2009, 19:33
I think your replies are proof of what happens when you cross CSI with Reverse engineering .

You develop a form of OCD that cannot be satisfied because you are stuck in a logic loop.

Suck that for a while .

Woodmann

BanMe
September 5th, 2009, 21:50
I've been contemplating that for most of my life, but I refuse to take ritalen or adderall..so I cope in my own ways,and yes,doing 'life' this way is OCD forming,but I am not on some psychostimulant other then some greenery ..But maybe you have a better way or more logical way for me to deal with this problem, or maybe its not a problem,but some fucked up gift...either way,your words on it are intended to incite me..hmm why is that?

BanMe

p.s. It is better to be logicly looping and refining thoughts and sententecs into something 'presentable' or more functional, then it is to tread in the darkwaters we now test..

Woodmann
September 6th, 2009, 18:10
I taunt you not...........

My comment was intended for JMI also because he will CONTINUE any discussion until someone relents. Now, given your nature for perfection I can foresee the two of you having many more discussions regarding this topic until the answer is revealed.

What if there is no answer?

You know, like what is the last number?

Woodmann

BanMe
September 6th, 2009, 20:20
but the 'letting' of thoughts is good, I thought.

the variant 'points' and debatable arguments are all what it comes down to and 'that' is why I posted..to discuss and comtemplate the outcome..
I agree with jmi that my 'supposition' looked to be based on the '1' man/women(face) doing all of it..but that is not how I intended it. I was getting to the part where i was gonna add on that each individual contributes to the great 'whole' of the evidence 'gathered'..be it from w/e field of study.. this is different from RE in that one individual studies the works 'of many' and in 'many' other areas we have no 'uniform' method of evidence sanitization as is 'required and regulated' by a CSI worker..

@woodmann:
If he continues so will I..and maybe we will come to agreable conclusion.. or some 'form' of 'a' overall generally appliable 'solution' to the answer..to not strive to reach that point is failing ourselves, and I can't do that anymore...i've failed to much already..

BanMe

200th post woot aim for 500 now

JMI
September 7th, 2009, 00:53
In light of Woody's comments, I refuse to "continue this conversation."

Guess I'll have to OCD another one. Oh, and that's how I got to 4,791 posts.



Regards,

BanMe
September 7th, 2009, 08:19
bah failing yourself is one thing,giving in due to the 'goadings' of another based on their opinions is a systemic disease.my own words have finally brought me into the midsts of someone else like me,who has opinions and thoughts and is willing to logicly debate them(I mean you JMI..) in a OCD like manner with understanding forethought and afterthought,but then shit starts to slide and 'someone' is warned and it fails to pieces..that is not the desired outcome I wish to be involved in..

2

BanMe

Woodmann
September 7th, 2009, 16:54
OK,

So now I NEED to figure this out.

CSI aka crime scene investigation and reverse engineering.

CSI is to determine who and why ?
Reverse engineering is to determine how and why ?

CSI: Who (me) Why (I needed to know)
RCE: How (how does it work) Why (to either make it better or steal it)

What do you get when the two cross?

Ugggghhhhhhhh.......... I........just.............dont............know

Woodmann

BanMe
September 7th, 2009, 17:52
the 'whos' and 'whys' run 'deeper'. ex:who did what when,and how..And why, being the 'motive' behind the 'crime'..for CSI..and for RE it's 'how does it work,How can it be 'broken',why can it be 'broken',Can it be fixed or 'exploited',Is there anything I can 'learn' from this'(in everyones case hopefully).

A piece of this 'opinion' by me comes from JMI's explanation of his son's 'field of' staring at blood for miscolorations.. during heating, what I gained from that small bit was a satisfactory description of the nature of 'some of' the 'normal' jobs in csi.so upon further thought,ive come to this assumption..

you would get a person capable of the 'repetitive' life(the S.O.S.D.D ppl) and capable of infectious learning equiped with a mind always looking for weakness in the 'inheritant' nature of life as we know it',hopefully this isn't that far off..

as you said earliar "I think your replies are proof of what happens when you cross CSI with Reverse engineering ." or maybe that was to JMI or maybe both or 'all' or w/e..

I think you get someone 'not so disimilar' from me or you..or anyone, with the drive to get something done..and the ability to not procrastinate about 'starting' to do something,or the 'framed' mind to fail before starting..all these variances..damn them..

BanMe

JMI
September 7th, 2009, 18:11
Perhaps one way to look at the "similarities" is that both require a passion for understanding certain events which have occurred. Both seem to involve determining causation, although one is in the physical world and the other is in the programming world.

Both require a determination to "sift" through a certain amount of minutia to attempt to analyze what the heck is going on. One, of course, is physical/chemical analysis and the other is programmatic, but the essential thought processes and the determination needed to work through the possibilities to find an answer seem to sufficiently similar for a valid comparison.

Although I rarely have time these days for actual reversing, I remember hours and hours of staring at print-outs of assembly language from a target, trying to figure out what was going on, starting from absolute zero knowledge about the subject. One of the essential requirements was a "refusal" to allow the code to beat me, at least from lack of trying or lack of effort. Books were purchased and consumed, and eventually, without ever having had a programming class, I slowly began to obtain some small grasp of what I was seeing happen in the code, and could then postulate, from what I had read, why it was doing those things and how I might "subvert" the program to do what I wanted it to do, rather than what it's original programmer wanted it to do.

It is the solving of such a puzzle, much like the forensic investigator, that is the challenge and the stimulation. It is the getting to the "AH HA... I've got you now" moment that makes the trip/experience worth the effort. It is the challenge to succeed and, hopefully succeeding, which is the lure and the reward.

Regards,

Woodmann
September 7th, 2009, 18:36
So is it possible to over analyze the question:

What do you get when you cross CSI and reverse engineering.

I mean, are we trying to hard to find an answer when it could be as simple as the "hand in front of your face".

Perhaps you get the sdrawkcab rewsna ?

Woodmann

BanMe
September 7th, 2009, 18:38
Excellent conclusion to this small puzzle, nice one JMI. very precise and well thought out :}

damn wood beat me to it..


BanMe

JMI
September 7th, 2009, 19:53
Woody:

noitseuq a ton sti esac taht ni
hguoht rewsna na sa tnuoc dluoc siht sseug i



Regards,

BanMe
September 7th, 2009, 20:15
01100100 00110100 00110011 01110010
00110010 01101011 01101110 00110001
01101000 01110100 00110010 01100100
00110100 01101000 00110001 00110100
01100010 01101000 01110011 00110001
01101100 01100111 01101110 00110011
01100111 01101110 00110001 01101011
00110100 00110011 01110000 01110011
00110011 01110010 00110011 01110111
00110011 01110111 ..

Kayaker
September 7th, 2009, 20:40
00100001 00110011 01001101 01101110 00110100 01000010 00100000 00110011 01101101 00110011 01110010 01110100 01111000 00110011 00100000 01110011 00100111 01110100 00110100 01101000 01010100 00100000 00101110 01111001 01110010 00110100 01101110 00110001 01100010 00100000 01110100 00110011 00110011 01101100 00100000 00101100 01110111 00110000 01010111

BanMe
September 7th, 2009, 21:17
lol sb,
I tnac do taht can I..
this ekil more klat should ew

funtikar
September 8th, 2009, 00:35
hurmmm..

evlncrn8
September 8th, 2009, 08:43
i just reversed CSI, was simple.. ISC.. there u go.. solved ;p

BanMe
September 8th, 2009, 22:59
Windows did it before us all..again..
CPU Disasm
Address Hex dump Command Comments
7E42927B 8BC8 MOV ECX,EAX
7E42927D A1 8010477E MOV EAX,DWORD PTR DS:[7E471080] ; UNICODE "1H"
7E429282 F640 02 04 TEST BYTE PTR DS:[EAX+2],04
7E429286 0F85 6C700000 JNE 7E4302F8