The Barrier Between Source Code and Compiled Code Has Dissolved(calebfenton.substack.com)

1 pointby calebfenton4 hours ago1 comment

calebfenton4 hours ago
The thing protecting your software's secrets wasn't encryption. Tt was that almost nobody could read compiled code. Now AI can. For dollars. In minutes.
The few thousand people worldwide who could reverse engineer binaries were the entire moat protecting IP, firmware security, and software as a discipline. That scarcity is gone.
- saidnooneever4 hours ago
  few thousand? this binaries being a protection has been changing for a long time already by drm, sgx and other means. there has been a steady increase in complexity and effectiveness in hiding stuff through drm/encryption and other schemes.
  just that some LLM calls it a moat or rare skill is nonsense. there are whole industries in which its normal dayjob for people to reverse engineer binaries let alone for the thousands upon thousands that graduate technical programs each year and can do proper RE. then ofc many thousands of hobby people who are likely some of the most sharp RE people out there.. huge communities reversing games, consoles, firmwares....
  AI promoting AI
  - calebfenton2 hours ago
    I would say I'm not AI but that's what AI would say, right? There are 3 R's in strawberry!
    There are several products on the market that are automating reverse engineering. Think of what people do: they orchestrate tools, build tools, read code, run things in emulators / sandboxes. All of that can be done with an agent in the middle. Building the tools is hard, knowing how to use them is kind of hard.
    If the code isn't obfuscated / packed / etc, claude code and a ghidra mcp server is better than most of the reverse engineers out there and way, way faster. You can work to get other tools in the mix for claude code.
    Are models getting dumber or smarter? Is code getting easier or harder to write? The writing is on the wall.