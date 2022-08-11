



Patrick Wardle is known as a Mac malware specialist, but his work is far further than he thought.

A former NSA and NASA employee, he is also the founder of the Objective-See Foundation, a nonprofit that creates open source security tools for macOS. The latter role means that much Wardles software code is now freely available for download and decompilation, and some of this code apparently uses it without his permission. It caught the eye of tech companies.

Three different companies turned out to have adopted technology from Wardles’ work.

Wardle will be presenting at the Black Hat Cybersecurity Conference on Thursday alongside Tom McGuire, a cybersecurity researcher at Johns Hopkins University. Researchers have found that code written by Wardle and released as open source has been widely used over the years without users acknowledging him, licensing him, or paying for his work. found to be incorporated into commercial products from

The problem, Wardle said, is that it’s hard to prove that the code was stolen rather than accidentally implemented in a similar way. Luckily, his Wardle skills at reverse engineering software have allowed him to make more progress than anyone else.

I could only come up with [the code theft] I write both tools and reverse-engineering software, which is less common. I straddle both of these areas, so I was able to find it happening in my tools, but other indie developers may not. This is my concern.

The theft is a reminder of the precarious state of open source code that underpins so much of the Internet. Open-source developers typically publish their work under specific licensing terms, but the code is often already publicly available and has little protection against developers seeking to exploit it maliciously. In a recent example, the Donald Trump-backed Truth Social app allegedly removed a significant portion of the code from his open-source Mastodon project, resulting in a formal complaint from Mastodon’s founders. was given.

One of the central examples in the Wardles case is a software tool called OverSight that Wardle released in 2016. Oversight was developed as a way to monitor whether macOS applications were secretly accessing your microphone or her webcam, and it has had a lot of success. This was not only as a way to spot malware on his Mac monitoring users, but also to expose the fact that legitimate applications like Shazam were constantly listening in the background.

Wardle, whose cousin Josh Wardle created the popular Wordle game, told Mac users which applications were activating the recording hardware at a given time, especially if the applications were designed to run covertly. I say that I created OverSight because there was no easy way to check. To solve this challenge, his software used a combination of analytical techniques that turned out to be unusual and therefore unique.

However, years after Oversight was released, he was surprised to find a number of commercial applications that incorporated similar application logic in their own products, including reproducing the same bug Wardles code had. rice field.

Wardle and McGuires Defcon presentation slides.Image: Patrick Wardle

Three different companies were found to have incorporated technology from Wardles’ research into their commercial software. Wardle believes code theft is likely the work of individual employees, rather than top-down strategies, so Black’s Hut talk didn’t name the companies in question. not.

According to Wardle, companies have responded positively when faced with this issue as well. All three of his vendors that Wardle contacted admitted that his code was used in their products without his permission, and all ended up either paying him directly or donating to the Objective-See Foundation.

Code theft is an unfortunate reality, but Wardle wants to draw attention to it so that both developers and businesses can protect their interests. For software developers, he assumes that anyone who writes code (whether open source or closed source) will have their code stolen, and applies techniques to help uncover stolen cases. I advise you to learn how to do it.

For companies, he suggests better educating employees about the legal framework surrounding reverse engineering another product for commercial gain. want to stop

