Decompilers: Ethical or Unethical?
_ _ _ _ _Code of Ethics
In order for programming code to be converted into a working program, you need to compile the code, that is, turn the text you understand into 1s and 0s for the computer.
As a compiler is a software program that is responsible for changing initial programmed code into a more basic machine language closer to the hardware, and more readable by the computer itself. A high-level source code that is written by a developer in a high-level programming language gets translated into a lower-level object code by the compiler, to make the result “digestible” to the processor.
We can reverse this operation by decompiling the final program. This means we reverse-engineer the code and get back plain text from the 1s and 0s. This isn’t always going to give the results you expect, but it is a viable option.
Let’s say you lost all of your source code (although that would never happen!) and need to try to recover the code you had made. For example, we’ve written a small piece of code in Java. It was compiled and the executable file is published. However, after a drive malfunction, we lost access to the source code. Although you still have the executable file, you don’t have code you can actually work with. Thankfully we have the .jar file (the Java executable) and through the magic of decompiling, we can get back most of our code!
So basically, What Decompilers are?
A computer program that translates an executable file which is taken as input, to a high-level source file which can be recompiled successfully is known as a decompiler. In simple words, a decompiler is the opposite of a compiler which translates a source file and makes it an executable file. The purpose of a decompiler is to get the source back from the binary so we can also call it an anti-compiler. Though decompilers are an important tool in the reverse engineering of computer software; many times, they are unable to perfectly reconstruct the original source code.
What Does Decompile Mean?
To decompile means to convert executable or ready-to-run program code-sometimes called object code into some form of higher-level programming language that humans can easily understand. Decompilation is a type of reverse-engineering that performs the operations of a compiler, which translates source code into an executable format, but in reverse. A decompiler’s recipient is a human user, whereas the compiler’s is the machine.
Let’s see, what exactly Reverse Engineering mean?
Reverse engineering, in computer programming, is a technique used to analyze software in order to identify and understand the parts it is composed of. Because closed, proprietary software never comes with documentation that reveals the source code used to create it, people use reverse engineering whenever they want to understand the software’s inner workings.
The company or developer who intend to build their own product based on an existing one often prefer reverse engineering over creating from scratch because once the parts and the dependencies are identified, the process of reconstructing tends to be much easier.
That is the usual reasons for reverse engineering a piece of software are to recreate the program, to build something similar to it, to exploit its weaknesses or strengthen its defenses.
Some hackers use reverse engineering to find weak points of programs which they can exploit.
In the US, reverse engineering of software is protected by the fair use exception in copyright law.
Why use decompilation?
Decompilation can be categorized in two categories, the first being when the source code retrieval is needed and the second category being when the complete original source code recovery is not needed but the goal is to understand parts of the source code or the whole in a high-level language such as C. As the compiler removes information when it does its work so it is understood that for binary decompilation complete source recovery is impossible. Also, there are some languages where complete decompilation and source code recovery is possible. For example, in PL/SQL language it can be done via the wrapped file as this was one of the intended design features of DIANA. There are some of the best Java decompilers available are: JD Project, Procyon, Cavaj Java Decompiler, DJ Java Decompiler, JBVD, etc.
Decompilers are used for a number of reasons, As decompiler can be useful in some cases for the following purposes:
- Debugging of programs can be done by using decompilers.
- It can migrate applications to a new hardware platform.
- Interoperability to facilitate migration of a program across platforms
- By the help of the decompilers, we can determine the existence of viruses or malicious code in the program.
- Decompilation provides antivirus capability so by the help of it we can find vulnerabilities in the given program.
- Recovery of lost source code is one the most important applications of decompilation as it helps in maintaining code if it is lost by accident or via a disgruntled employee.
So now the question that arises here is,
If Decompilation is possible to a certain extent, is it then also allowed?
The Ethics of Decompilation
Before we talk about the legal uses of decompilers, we need to know about the copyright law which protects computer programs throughout the world. Copyright law protects the developer’s (or company’s) intellectual property by protecting the expression of an idea in the form of a program. It provides the rights to reproduce and make adaptations to the developed computer program to the software developer, among others, which means it provides a number of exclusive rights accordingly to protect the program. Also, it is considered a breach of copyright if some unauthorized user makes reproductions and adaptations without permission of the copyright holder. In some cases, license agreements also bind the user to operate the program in a certain way and to avoid using decompilation or disassembly techniques on that program.
Talking further about the copyright owner’s rights, different countries have different exceptions so precedent has been established in court proceedings which means that some uses are allowed by law. Some of the most common ones are listed below:
- For the purposes of interoperability (to another piece of software or hardware) decompilation/disassembly is allowed where the interface specification has not been made available.
- When the owner of the copyright is not available to make the correction if any, decompilation/disassembly is allowed for the purposes of error correction.
- One can determine the parts of the program without breach of other forms of protection (e.g., patents or trade secrets) only when those parts are not protected by copyright (e.g., algorithms).
In addition to this, we must know that these laws differ from country to country.
Are they Ethical or Unethical?
Decompilers are consider illegal according to the software’s EULA or Terms of Agreement.
The user shall not transfer, distribute or dissemble in any way, in whole or in part, any of the software (From companies Terms of Agreement)
Most companies that produce software have a part this is like this in their Agreements or EULA. The part dissemble means decompile. Usually by having the software on your computer, you are bound to the EULA or the Agreements, just like a legal contract, so by using a decompiler is therefore illegal, because you are violating the legal contract. The original point of the decompiler was to help the programmer who owned the program to get their source code back, in case they lost the code
Not all uses of decompilers are Illegal.
People REALLY need to quit saying “UNETHICAL” unless they know what they’re talking about. There is absolutely NO law in the U.S. that states you cannot copy for private purposes or decompile software. Companies have tried to sue to stop it, but; that’s only civil, not criminal, and therefore not illegal; and they’ve only won when the content was given to an outside party from whom the companies did not receive payment, that the person has been shown to break the law.
Decompiling is absolutely LEGAL, regardless of what the shills say. At most, you can be sued for unauthorized activity relating to software unless you’re redistributing it. Courts in the U.S. have always upheld the right of users to know exactly what code is being installed on their systems by programs they have legitimately obtained.
It is your right to decompile any software your purchase or freeware you download as long as you do not redistribute it or sell it to third parties. It is also legal to talk about your discoveries. You need to read between the lines of a software contracts that is written for the interests of the big corporations. As an example, if you purchase a car, you can remove any piece you don’t want as long as you do not compromise road safety. When you purchase the right to use a product it is yours to play with in any way you want as long as you do not cause damage to others by doing so. In the software business you pay for a license to use it however you are the one that pays the rent and you can twist such piece of software to fit your needs. If you want to remove pieces of it to make it faster it is your choice, if you want to remove the access key or learn how it works you can do so as long as you are doing it with a paid copy. As far as intellectual property rights, it is the same story when you buy a book and you just read the part of the book that you like, you could tear off any page you don’t like and you are not breaking the law.
Conclusion
Well talking about the ethnicity of decompilers, We don’t think decompiling a program to see how it works should be considered unethical. Besides reverse-engineering is clearly not illegal as ‘theft’ is ‘breach of property’ law and this at worst can be called ‘breach of contract’. Software is something that comes as a result of investment of time. It may contain some nifty techniques but We doesn’t agree to the fact that it will damage the value of the product, if those techniques are publicly known. Also, for 99% of the code there, the efforts needed to decompile the code and then understand it are much more than writing the code in its first place.
As long as developers use knowledge gained from decompilation to learn the underlying techniques and not do a cut-paste job and use it into their own codes, we don’t think they are doing anything unethical. Also, as far as one obeys the country laws, decompiling would remain ethical.
If you liked the article and it helped you in knowing some of these concepts please like, comment and share. Let us know what you think about it !
Authors:
- Sanskruti Kakade
- Shoaib Shaikh
- Aayusha Shingavi
- Devarshi Wadadkar
