|
|
|
|
|
|
by TimJYoung
2766 days ago
|
|
|
That's not quite true. You can easily decompile any binary and glean all sorts of valuable information from it. On Windows you can find out which API calls it makes and can even use detours/trampolines to redirect such calls: https://github.com/Microsoft/Detours/wiki/Using-Detours At one point I wrote a little piece of software as a proof of concept that used detours to redirect any file I/O in IE that was deemed "unsafe" to a special in-memory file system. The bottom line is that you don't need the source code in order tell if an application is "phoning home" or if it makes suspicious API calls. In fact, it is often easier to just simply monitor how the software interacts with the host system to determine if it is performing (possibly) malicious actions. IOW, if you're concerned about a certain piece of software, then auditing the source code isn't going to be as good of a solution as just sandboxing the application so that it's impossible for the application to do something bad. |
|
|