In recent years it has become almost commonplace for leaked National Security Agency (NSA) hacking tools to hit the headlines thanks to being used in attacks such as WannaCry, NotPetya and even the Democratic National Committee (DNC) email breach during Hilary Clinton’s U.S. election campaign. But now the NSA has released an open-source, reverse-engineering, hacking tool, called Ghidra into the public domain itself. The question is, would you trust a security tool developed by spooks?
What is it for?
Perhaps it would be better to first explain what it isn’t for, and that’s hacking into stuff. Well, if that ‘stuff’ is hardware at any rate. This is a reverse-engineering platform so instead it allows security researchers and malware analysts to hack into the code behind the nasty software stuff. Think of it as a magic window into the binary world of software, all the zeros and ones, that translates that installed and compiled code into something that reveals exactly what the software actually does. As Lily Hay Newman, writing for Wired, puts it, security researchers using this tool to investigate malware can « understand how it works, what its capabilities are, and who wrote it or where it came from. » The big question though is can they trust it, given the nature of the NSA beast? During a speech at the annual RSA security conference in San Francisco this week, Senior Advisor for Cybersecurity Strategy to the Director of the NSA, Rob Joyce, insisted that there is no backdoor in Ghidra. « This is the last community you want to release something out to with a backdoor installed, to people who hunt for this stuff to tear apart » Joyce said. I decided to ask around amongst security professionals to see if they were in a trusting mood and, indeed, whether they would be using Ghidra.
Source : Forbes