Last decade recollection- Next decade predictions

[chants]

I agree with everything said here. There will always be stuff to reverse. If hardware gets more and more restricted, well there are laboratories where they can use microscopic photography (though we need nanoscopic nowadays) to get chip schematics if able to shave off the 3-dimensional layers one at a time. And probably some people out there will leak schematics and there is software which can take the circuit graphs and decode units from it (such as an 8-bit adder circuit, etc). At least there should be software to aid in reversed circuit diagrams . I expect reversing in this area to explode at some point of course with assistance of those with the expensive equipment to give the raw schematic data. With state-of-the-art chips it might be impractical but it wont be impractical forever. The same photography techniques that cast the silicon dyes are probably even easier to be applied to taking pictures of chips. How to slice off the layers might be a more complex problem though. And software identification of common circuit patterns will only go so far. Certain aspects like details of caches, pipelines, core threading, etc will be quite tough to identify in an automatic manner. But this area to me is very interesting if we ever get such a dump.

I also think microcode reversing will be more common since chipmakers cannot afford to have bugs in hardware due to the expense of fixing a security vulnerability that manifests there. And the microcode can be dumped or even downloaded from updates released via the web. There can be ways to dump and reverse this microcode. Perhaps Intel ME and AMD PSP and the like can be defeated, disabled or modified for certain benefits.

Additionally the more OS kernel restrictions continue, the more there will be motivation to try to reverse them even if they are increasing tied to the hardware. I expect kernel level reversing to advance at some point.

Then with the endless server-siding of software logic and software as a service model which is becoming a matter of fact standard for money making from Windows 10 and Office 365 to games on mobile telephones, we will see more and more protocol reversing. Obviously there are lots of protocol issues and exploits where code is still run local-side due to code being excessively slow if too much communication is present or too expensive to all run on server. There is still a balance here. However, there are far more legality issues to mess with protocols. Though generally speaking abuse of protocol will just result in a permanent ban. 5G may still not be enough to totally server side everything. It gets closer, but it also makes each service more expensive. Trade-offs abound.

Finally, there is just raw mathematical advances. This is largely a driver behind protection methods. Security by obscurity is not really security or so the saying goes. So ultimately if more advanced or better cryptography methods are developed, we should expect to see them implemented in software. It can always happen, we never know when.

So summary: chip schematic reversing, microcode reversing, kernel reversing, protocol reversing are the future yet still traditional methods of reversing are going to be around for a while. There is also mathematical advances in cryptography which can throw a number of changes into the way we reverse.

A little more detailed this time around .

[Abaddon]

Quote:

2. What would you characterize as "tool of the decade"?

I may (or may not) be biased, but, I would characterize x64dbg as "tool of the decade"; it is the go-to choice for debugging 64 bit applications, which is the mainstream now. One would argue that IDA is just (if not more) effective towards this regards, but for me, due to the fact that x64dbg was developed during this decade, it deserves the honor.

Quote:

If you were to name 5 tools that influenced the scene more, which would those be?

Of the ones that are public (not in any particular order)

1. IDA & Hexrays
2. x64dbg
3. Ghidra
4. Scylla
5. de4dot

Quote:

Where do you think the future lies as far as tools go?

I expect to see tools featuring advancements in decompilation technology, code optimization, and code translation between different forms.

I expect to see tools featuring advancements in cryptographic attacks, that, in combination with advancements in processor speed/networking will render some of the protocols used nowadays obsolete.

I do agree with chants that hardware reverse engineering is one of the next big things, however i'm skeptical if this will be done at a hobbyist level, due to the mere investment costs this requires.

In regards to protocols reversing, I can see the increasing importance of it, but due to the volatility of protocol faults, i can't really wrap my head on how this will affect tool making; perhaps by an increase of tools to automate protocol fault detection (isn't this what the fuzzer technology is all about?)