Jump to content
Tuts 4 You

The future of RE scene.


Recommended Posts

Hello ppl.

The title says it all. What are your beliefs about scene? Many says that is dying. Please share your opinions.

Link to comment

i think it's not as shiny as it used to be. :sad2:


there are few professionals and they will be retired while the it doesn't match the number of those who are pushing to become one .


i think it's the matter of passionate and hardworking that is dying.


the RCE is a way of thinking.it never dies.


  • Like 2
Link to comment

I don't think it is dead, more or less just that people are less inclined to share things publicly now since so many skids are looking for a way to make a quick buck by ripping others work and selling it. There are plenty of teams still around making releases, for free, as well as sharing tutorials and such when they can. Some sites like Tuts4You are still around but the content is becoming less and less stellar as time progresses on free public forums like this. 


 


Sadly, some of the things posted on this forum land up on one-shot blogs and sites just recompiled with someone elses name being sold. A lot of the recent ConfuserEx tools that had their source code posted on this site are now being sold by some random people on other sites. I think that is one of the biggest reasons a lot of people avoid sharing much of anything as publicly as it used to be. Can't say I blame people either since having your work stolen and sold for profit is fairly shitty.


 


Same goes for the game hacking scene. It used to be a fun and very active community with a handful of sites, and now its down to maybe 1-2 sites left. And even then the most active sites are all paid sites that sell things that are typically free. 


 


Another scene that has gone to shit is the TV/DVD scene releases. What was once free and easy to find is now full of shitty ad sites, survery links to get a password to extract the show you download etc. Half the time its not because the team releases it that way, it is some re-upper that puts their stuff on things like Usenet without their permission and slaps a password on the archive and forces people to deal with ad links so they can generate money on others releases. 


Edited by atom0s
  • Like 5
Link to comment
Shub-Nigurrath

Let me explain the situation mates, I have enough experience with ARTeam and the scenes to get a clear picture..


The trend is quite simple mates: scientific community is capturing the most talented reversers who now have the possibility to do what they like under the sunlight. This started in the year 2000 when the computer security testing became one of the situations where reversing wouldn't break any © rule. Since then Universities and market pushed hard to capture the most talented underground minds and drive them to the white side of the force. The "under the sunlight" trend implies the possibility to cultivate each one's individual reputation/ambition with real names and not through nicknames. Thus blogs, sites, participation to conferences ecc. and not anymore forums..


 


I would say that there are now left almost 3 main categories of people in the web scene. They were already here, but hidden or overwhelmed by talented reversers..


- kidz who are asking for immediate knowledge (but they were here also before) or immediate payback. These people are just here like rats in a shrinking ship :-)


- reversers for money, professionals whose main business is doing money and thus are not interested in sharing anything here


- hacktivists, whose interest is to continue to do reversing for some type of moral mission, most of which belongs to the so called old skool. Woodmann is full of them for example.

  • Like 6
Link to comment

 Thus blogs, sites, participation to conferences ecc. and not anymore forums..

In my minimal experience in this field - RE is low paying. Sysadmins/techs work less & make the same as RE people. Even exploits, unless it's something like heartbleed - its worthless. Tons of awesome, public 0days right now...

 

Whats the best that can happen to a reverser, some slave ship, suit/tie 9-5 position in a malware/av company?

 

From what I've seen on freelance sites where I work - top RE talents (the lcfs, lenas, etc) make as much as an average C#/php/etc coder. I think this is why not many are interested in RE, because there's not much $$$ in it.

  • Like 1
Link to comment

the RCE is a way of thinking.it never dies.

What abbas said.

And i think that if we are here today it's due to a common passion that connects us all, sharing maybe, the fact that we can acquire certain releases, or pleasure to learn RE via the scene.

People come and retire, but in the end it doesn’t even matter, the scene can't die, there will be always someone who will release.

  • Like 4
Link to comment
  • 3 months later...

I would agree with almost everything said above. For me (and others, I believe, that were? part of ARTeam) it is one word (acronym really).... RL


RE, for me, was a learning experience and a hobby. It wasn't a big leap for me to learn RE in the technical sense, but so what. I had


some fun, met some really interesting ppl along the way and pretty much did my own thing. A few of us on the Team collaborated a bit on a few


different things which was fun. Now I'm enjoying other projects, but I wouldn't necessarily say that RE is dead, nor does one particularly retire from


a non paying hobby such as RE. We have some very talented ppl out there doing some great things. Maybe less than in the past or maybe just


keeping things more to themselves. Not sure. JM2C...


Edited by CondZero
  • Like 1
Link to comment

My humble opinion:


 


The RE is not dead, just is a low rate because:


1. The newcomers expect "tools" or "scripts" to reverse... Most don't know almost nothing regarding even a simple PE structure.


2. The "reversed" software is in the next second put  on sale on various sites.


3. The reversers have to do some things to earn a living (you know... life problems, kids, family etc). From reversing you earn nothing but experience.


4. The actual platform on X86 is full covered for reversing native apps. The X64 is almost the same as X86.


5. The actual protectors use a old scheme with few improvements (now they add virtual machines).


6. For some (including me) is more facile to buy a license than crack and use a pirated program.

  • Like 6
Link to comment
  • 4 weeks later...
  • 5 months later...
chickenbutt

You can legally retire off RE now. Memory-corruption requires RE. Stuff like IOS, Android, and modern browsers don't get code execution vulnerability disclosures from anything but..

If you can manually defeat WinLicense and especially if you can manually defeat Denuva or a dongle then fuzzing and analyzing IOS dumps is like building a dog house as an industrial contractor who builds sky-skrapers.. Do $10,000, $50,000, $100,000, $250,000, $1,000,000 bounties inside four to eight months and be on vacation the rest of your life somewhere nice or do next level stuff like math proofs or defense and financial sector contacting.

Also, DRM tech plateaued a while ago. The last advanced tech for PE/COFF protection was that Ubisoft stuff. Denuva and current gen protectors are still VMs that use volume data for handler signing and decryption etc.. Gaming consoles and IOS take less work but have exotic tech like hardware isolation interfaces and the perk of top-tier white and black hat competition.

People who struggled with arma secure sections or themida byte code aren't going to touch embedded hacking, but a lot of people do touch it and the world makes it easy for them by throwing first-world retirement level capital at them and giving them over-night fame and credibility in industries relevant to their skill.

To people who say money isn't an issue: How is that food, internet, home, and electricity? How is being being managed and talked down to by a college football player or spoiled rich kid at an IT or manufacturing firm? Apply what you say to _your_ life(quit your job and don't use currency) and see what happens..

Edited by chickenbutt
Link to comment
  • 5 months later...

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...