Forensic decompilation.

/Forensic decompilation.

So it’s pretty well-known that, if you can get access to a program’s source code, you can probably identify the programmer (or, at least, identify other things coded by the same person). But compiled applications, i.e. pretty much everything that’s not a web page, are something different. During the compilation process, in theory, the identifying “quirks” of individual programmers get mashed out.

Except, that “theory”? Turns out not so much.

This sort of thing, in case you’re wondering, is used in cyberweapons attribution. Of the “which nation-state blew up our power station with a computer virus?” variety.

2016-11-17T21:03:49+00:001st April, 2016|Tags: infosec|Comments Off on Forensic decompilation.