NSA plans to release tool for reverse-engineering software
It feels like it has been a while since we've had any NSA-related news -- interest in mass surveillance has been overtaken by other concerns. After a series of Vault 7 leaks from WikiLeaks about the organization, the NSA is now planning to release its GHIDRA framework, designed to reverse-engineer malware and other software, later in the year.
The framework will be available for Windows, macOS and Linux, and it is set to be demonstrated and publicly released at the RSAConference in March. While it might seem like a bad idea to release a tool that can be used to break down malware and see how it works -- and, therefore, create other similar attack tools -- the idea is actually to help increase security.
The news comes via the agenda for the RSAConference which takes place in the Moscone Center in San Francisco between March 4 and 8. A session which is due to be held on March 5 will be hosted by Robert Joyce, a senior advisor at the NSA:
NSA has developed a software reverse engineering framework known as GHIDRA, which will be demonstrated for the first time at RSAC 2019. An interactive GUI capability enables reverse engineers to leverage an integrated set of features that run on a variety of platforms including Windows, Mac OS and LINUX and supports a variety of processor instruction sets. The GHIDRA platform includes all the features expected in high-end commercial tools, with new and expanded functionality NSA uniquely developed, and will be released for free public use at RSA.
The tool will give anyone who wants to try it the ability to deconstruct software designed for Android, iOS, macOS and Windows. It will be possible to analyze the assembly code that's generated and see what makes a piece of software tick.