Coders’ Rights Project Reverse Engineering FAQPeople have always explored and modified the technologies in their lives, whether crystal radios, automobiles, or computer software. Reverse engineering is one expression of this tinkering impulse. Unfortunately, legal regulation of reverse engineering can impact the Freedom to Tinker in a variety of ways. This FAQ gives some information that may help coders reduce their legal risk. What is this FAQ and who is it for? This FAQ is intended for non- lawyers who want some general information about how U. S. This information is provided as a general guide to the issues, and is not legal or technical advice. The legal questions raised by reverse engineering are complex and legal risks may depend on particular facts and legal doctrines that are beyond the scope of this general guide. This FAQ is meant to familiarize you with some of the principles involved, so that you can have a more effective discussion if and when you engage an attorney to help you with your specific situation. Feel free to contact EFF if you need help finding a lawyer qualified to advise on reverse engineering. First the Scary Stuff: What Kinds of Reverse Engineering Are Most Legally Risky? InfoSec Institute will train you on the standard Android reverse engineering programs IDA Pro, Ollydbg. Learn the methodologies. In any hands on reverse engineer training course. Network Engineer Academy. Reverse Engineer your I.T Career & have a Plan of Action to execute. Network Engineer Academy. About Us Learn more about Stack Overflow the company. How can I reverse-engineer a Perl program that has been compiled with perlcc? Getting Started Reverse Engineering. The mistake is that people think they can reverse engineer their way to an algorithmic design. In order to learn assembly language you should look at using. Reverse Engineering Tutorial For Newbies. I want to learn how to reverse engineer Linux elf binaries. The Visio Reverse Engineer UML Modeling tool installs as an add-in for VB 6. We're saying that these are areas where the law may apply so any researcher considering these steps should take the time to think it through and probably get some legal help. If your access to the code or computer system you are studying is conditioned upon agreeing to any contractual terms (e. End User License Agreements (EULA), terms of service notices (TOS), terms of use notices (TOU), a non- disclosure agreement (NDA), developers agreement or API agreement), you are at greater legal risk if your research activities do not comply with their stated terms and conditions. You should talk to a lawyer before agreeing to any terms and before studying any software distributed with such terms and conditions, even if you have come into possession of that code without agreeing to anything. It is extremely risky to disclose or use any information you obtained subject to an NDA or other negotiated contractual obligation of confidentiality. It is legally risky to study software you do not possess legally. It is legally risky to make any copies of software that have not been authorized by the copyright owner (such as by a license agreement). It is legally risky to bypass any “technical protection measures” (e. It is highly risky to copy any code into a program you create as a result of reverse engineering, because that copy could infringe copyright unless it is a fair use under copyright law. Note that copying can include both imitation of non- functional elements as well as verbatim duplication. It is legally risky to perform any network packet inspection unless (1) the network is configured to be accessible to the general public; (2) you have consent of all users whose packets are intercepted; or (3) you have consent of the network provider where the inspection is necessary for provision of the service or to protect the network provider’s rights and property. Home Unlabelled eLearnSecurity Advanced Reverse Engineering Of Software.Don't feel hopeless, however. Visit our section on How to Limit Legal Risk. What Legal Doctrines Are Most Likely To Affect Reverse Engineering? Trade secret law; The anti- circumvention provisions of the Digital Millennium Copyright Act (DMCA), codified at 1. U. S. C. Copyright law generally grants a certain set of exclusive rights to copyright owners, including the right to make copies of copyrighted works. Software is one category of works that are protected by copyright. As a result, if you make copies of software, you generally need either permission from the copyright owner, or your copying must fall within an exception granted by the copyright laws. Permission can be inferred from the outright sale of a copy of software or from a license agreement. The copyright exception most relevant to reverse engineering is the fair use doctrine. Executing code also raises the possibility of copyright issues. Some courts have stated that causing code to be copied from disk into RAM may be a copy for purposes of copyright law, and if that RAM copy is unlicensed, then it is infringing. In other words, executing unlicensed code could be infringing. Further, some copyright owners argue that cached copies held in more permanent storage may be infringing. What U. S. Copyright Law Doctrines Allow Reverse Engineering? For example, if a license agreement authorizes you to “use” the software, and it does not expressly prohibit reverse engineering, that may be all the permission you need. Fair Use: The fair use doctrine allows users to make unauthorized copies in certain circumstances. Courts have found that reverse engineering for interoperability, for example, can be a fair use. Are There Court Decisions That Illustrate Reverse Engineering As Either An Infringing Or A Non- Infringing Fair Use? Accolade,1 the maker of a leading video game console (Sega Genesis) sued a video game publisher (Accolade) after the publisher reverse engineered the console in order to make compatible games. Accolade wired a decompiler to the console’s circuitry while loading three different, licensed games. It then compared the disassembled code in order to ascertain the interface specifications for the console. This information was then compiled in a written manual, which coders relied upon in developing Accolade’s own Genesis- compatible games. No Sega code was copied in Accolade’s games—the Accolade code was entirely original. Although Accolade initially lost in the district court, the Ninth Circuit ultimately found that Accolade’s “intermediate” copying (i. Sega’s copyrighted computer program and that Accolade had a legitimate reason for seeking such access. Connectix. 2 involved a software publisher (Connectix) that developed software known as the Virtual Game Station that emulated the Sony Play. Station game console on Macintosh and Windows computers. Development of the Virtual Game Station required reverse engineering efforts that included extracting the BIOS of a Play. Station console and observing it in a debugger, as well as disassembling the BIOS object code. Sony sued and Connectix lost an initial skirmish and was temporarily enjoined from distributing the Virtual Game Station. Ultimately, however, the Ninth Circuit reversed that ruling, finding that Connectix’s intermediate copying was a fair use. The court emphasized that the intermediate nature of the copying (i. Sony BIOS code as included in the Virtual Game Station code), the necessity of reverse engineering, and the value of permitting consumers to play Play. Station games on new platforms. Nintendo of America, Inc. Nintendo created a lock code – 1. NES – to prevent unauthorized game cartridges from playing on the Nintendo Entertainment System (NES) console. Atari tried but failed to break 1. NES by monitoring the communications between the authorized game chips and console chip, and then by physically examining the chips. The company then became a Nintendo licensee, which limited its right to access the. NES program. Under the license, Atari could develop five games per year for the NES and Nintendo would insert the 1. NES code so that the games would play on the console. Atari then lied to the Copyright Office in order to get a copy of 1. NES. It used that copy to debug its microscopic examination of the code from the chip. Atari then developed an original program that used none of the 1. NES code, but which performed the same function. The court found that Atari infringed by reproducing a copy of 1. NES that it was not authorized to possess. Any reverse engineering efforts untainted by the infringing copy, including chemically removing layers, microscopically examining the chip, transcribing the object code into a handwritten list of ones and zeros keying the information into a computer then disassembling the object code, were non- infringing fair uses. But any reverse engineering that made use of the copy purloined from the Copyright Office was improper. Finally, the Atari unlocking program was substantially similar to 1. NES in ways not required to replicate the function of unlocking the NES console. Even though the program was written for a different chip and in a different programming language, these similarities suggested that the Atari program was not an independent creation, but an unauthorized copy. Compaq Computer Corp. Procom Technology, Inc. The court held that Compaq’s compilation of threshold values for parameters used to determine when failure of hard drive was imminent was sufficiently creative to be copyrightable. The company had exercised discretion in choosing number of parameters and which particular parameters to monitor, and thus these threshold values were not facts. Procom sold hard drives that were compatible with the servers marketed by Compaq and made their drives competitive with Compaq drives by copying the threshold values and thereby enabling the same failure warnings. Because Procom made a verbatim copy of these copyrighted threshold values and used them without alteration, the verbatim copies were infringing. Blizzard v. Bnet. D5: Bnet. D was an open source program that let gamers play popular Blizzard titles like World of Warcraft on servers other than Blizzard's Battle. Bnet. D programmers agreed to Blizzard’s EULA and Battle. TOU before reverse engineering the game to create Bnet. D. The EULA and TOU expressly prohibited reverse engineering and hosting of Blizzard games on other servers. The Eighth Circuit held that these mass- market click- through licenses were enforceable contracts and that the programmers violated several parts of Blizzard's EULA, including the section on reverse engineering. Even though reverse engineering is a fair use under federal copyright law, the programmers waived their fair use rights through the EULA. The court also held that the programmers violated the anti- circumvention provisions of the DMCA when they programmed Bnet.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. Archives
December 2016
Categories |