socrates vs church - turing
this is pretty cool.. unfortunately i can't remember where i saw it. i do know that today i've been reading a lot of halvar's blog and ilfak's blog though.
Teaching Kids Binary Using The Socratic Method
"The experiment was to see whether I could teach these students binary arithmetic (arithmetic using only two numbers, 0 and 1) only by asking them questions"
on another topic, it's interesting to all of a sudden see all these people start talking about basically doing what SRA is trying to do. there's a lot of discussion of similar topics
on ilfak's blog and on the metasploit blog as well with all skape's "tracing data dependency" graphs and such in the metasploit reversing toolkit.
as you would guess, the academic world has been approaching this problem from their own "unique" perspective, and i've got some pdfs open in other tabs to browse over later, it seems like someone named Martin Ward has done some successful (for some definition of successful ) work with this. here's an amusingly titled paper.
i've been thinking about automated binary analysis myself, since this is one of those things i like to think about, since it's basically the Holy Grail.
my internal dialogues usually start like this :
A : sure, we all know that true automated binary analysis is impossible because there's lots of big chunks of it that are basically equivalent to the halting problem
B: ok, i can't argue with that but what about solving a smaller subset of the problem, that could still be interesting/useful right ?
A: oh ok, i see what you're saying, sure, we can solve smaller problems, all we have to do is trace the flow of the program and data through it right.. that can't be too hard can it, we can statically analyze the assembly code and make graphs and such and generally automate what everyone does by hand, or even write some kind of funky debugger thing that can do some runtime magic and blah blah blah.
this goes on for some time and it's kind of boring to me because i've had this conversation 100000000 times and i already know what i'm going to say and basically i always end up at the same place and this is where i have to paraphrase (because i dont remember the exact sentence) something dean said to me recently : "I always ask people talking about this sort of thing how they're going to handle indirection and they always start babbling about some sort of debugger/emulator thing and i'm like yeah talk to me when you have it working".
so maybe i'm a cynic but i truly believe that automated binary analysis is pretty fucking hard. the solvable problems aren't interesting or useful and the interesting/useful problems to solve don't seem to be solvable. however, it IS really interesting to watch various smart people try to attack this problem.
i'm perfectly willing to be proved wrong however. maybe when i read martin ward's paper i'll have to eat my words.
i have to conclude with something someone suggested a while back and say that what we REALLY need isn't automated binary analysis but something to make manual analysis easier, faster, and more productive.
this is one reason i want to play with binnavi some day.
Teaching Kids Binary Using The Socratic Method
"The experiment was to see whether I could teach these students binary arithmetic (arithmetic using only two numbers, 0 and 1) only by asking them questions"
on another topic, it's interesting to all of a sudden see all these people start talking about basically doing what SRA is trying to do. there's a lot of discussion of similar topics
on ilfak's blog and on the metasploit blog as well with all skape's "tracing data dependency" graphs and such in the metasploit reversing toolkit.
as you would guess, the academic world has been approaching this problem from their own "unique" perspective, and i've got some pdfs open in other tabs to browse over later, it seems like someone named Martin Ward has done some successful (for some definition of successful ) work with this. here's an amusingly titled paper.
i've been thinking about automated binary analysis myself, since this is one of those things i like to think about, since it's basically the Holy Grail.
my internal dialogues usually start like this :
A : sure, we all know that true automated binary analysis is impossible because there's lots of big chunks of it that are basically equivalent to the halting problem
B: ok, i can't argue with that but what about solving a smaller subset of the problem, that could still be interesting/useful right ?
A: oh ok, i see what you're saying, sure, we can solve smaller problems, all we have to do is trace the flow of the program and data through it right.. that can't be too hard can it, we can statically analyze the assembly code and make graphs and such and generally automate what everyone does by hand, or even write some kind of funky debugger thing that can do some runtime magic and blah blah blah.
this goes on for some time and it's kind of boring to me because i've had this conversation 100000000 times and i already know what i'm going to say and basically i always end up at the same place and this is where i have to paraphrase (because i dont remember the exact sentence) something dean said to me recently : "I always ask people talking about this sort of thing how they're going to handle indirection and they always start babbling about some sort of debugger/emulator thing and i'm like yeah talk to me when you have it working".
so maybe i'm a cynic but i truly believe that automated binary analysis is pretty fucking hard. the solvable problems aren't interesting or useful and the interesting/useful problems to solve don't seem to be solvable. however, it IS really interesting to watch various smart people try to attack this problem.
i'm perfectly willing to be proved wrong however. maybe when i read martin ward's paper i'll have to eat my words.
i have to conclude with something someone suggested a while back and say that what we REALLY need isn't automated binary analysis but something to make manual analysis easier, faster, and more productive.
this is one reason i want to play with binnavi some day.
posted by Ian at 6:05 PM
0 Comments:
Post a Comment
<< Home