USA SUPER SNOOPERS the National Security Agency (NSA) is planning to release a tool that allows for security boffins to reverse engineer malware.
Dubbed GHIDRA, the tool will allow folks au fait with cyber security to pick apart binaries for Windows, macOS, Android and iOS, and turn them into code that can then be perused to figure out what malware has been up to, or take a deep dive into seemingly legit software carrying out eyebrow-raising activity.
The tool will be showcased at the 2019 RSA Conference in March, a San Francisco haven for cyber security smart Alecs. And while it's targeted at security pros, the tool will be open to anyone to have a meddle with.
"An interactive GUI (graphical user interface" capability enables reverse engineers to leverage an integrated set of features that run on a variety of platforms including Windows, macOS and Linux and supports a variety of processor instruction sets. The GHIDRA platform includes all the features expected in high-end commercial tools, with new and expanded functionality NSA uniquely developed, and will be released for free public use at RSA," said the RSA Conference's site.
According to ZDNet, in technical terms, GHIDRA is a 'disassembler' that breaks down executable files into assembly code and therefore makes them easier for those with the digital skills to analyse.
While GHIDRA is being touted as a new tool accessible by all, ZDNet noted it's not exactly fresh tech, having been around since the early 2000s. But the tool was only really circulated within US government agencies running cyber security teams.
And while the existence of GHIDRA was hardly a major secret, it was revealed prematurely when Wikileaks published the Vault4 collection of internal documents allegedly swiped from the CIA's internal network.
There are other tools that allow the disassembly of dodgy files and malware, but one needs to fork out for those. And apparently GHIDRA is a well-liked tool; it's reportedly a tad slow and a big buggy when compared to other tools, but it seems to get the job done.
The NSA will release GHIDRA to the open source community via GitHub, where it'll likely benefit from the pseudo hive mind of open source fondling folks, who can build upon it and improve the tool. µ
Fetch the popcorn
Setting a new design stand-ard for AIOs
We're just as confused as you are