Search This Blog

Sunday, July 1, 2018

LibreOffice

From Wikipedia, the free encyclopedia
LibreOffice
LibreOffice Logo Flat.svg
LibreOffice 6.0.1 Start Center
LibreOffice 6.0.1 Start Center
Original author(s) Star Division
Developer(s) The Document Foundation
Initial release 25 January 2011; 7 years ago
Stable release
  • "Fresh" version:
    6.0.5 (22 June 2018; 9 days ago[1])
  • "Still" version:
    5.4.7 (17 May 2018; 45 days ago[2]) [±]
Preview release 6.0.5 RC1 (1 June 2018; 30 days ago[3]) [±]
6.1.0 Beta 2 (15 June 2018; 16 days ago[4]) [±]
Repository Edit this at Wikidata
Written in C++, Java, and Python[5]
Operating system Linux, Microsoft Windows, macOS,[6] FreeBSD, OpenBSD,[7] NetBSD, Android (Viewer), Haiku
Platform IA-32, x86-64, ARMel, ARMhf, MIPS, MIPSel, PowerPC, Sparc, S390, S390x, IA-64 (additional Debian platforms)[8]
Standard(s) OpenDocument
Available in 110 languages[9]
Type Office suite
License MPLv2.0 (secondary license GPL, LGPLv3+ or Apache License 2.0)[10]
Website www.libreoffice.org

LibreOffice is a free and open source office suite, a project of The Document Foundation. It was forked from OpenOffice.org in 2010, which was an open-sourced version of the earlier StarOffice. The LibreOffice suite comprises programs for word processing, the creation and editing of spreadsheets, slideshows, diagrams and drawings, working with databases, and composing mathematical formulae. It is available in 110 languages.[9]

LibreOffice uses the international ISO/IEC standard OpenDocument file format (ODF) as its native format to save documents for all of its applications. LibreOffice also supports the file formats of most other major office suites, including Microsoft Office, through a variety of import/export filters.[11][12]

LibreOffice is available for a variety of computing platforms,[6] including Microsoft Windows, macOS, and Linux (including a LibreOffice Viewer for Android[13]), as well as in the form of an online office suite.[14][15] It is the default office suite of most popular Linux distributions. It is the most actively developed free and open-source office suite, with approximately 50 times the development activity of Apache OpenOffice, the other major descendant of OpenOffice.org.[20]

The project was announced and a beta released on 28 September 2010. Between January 2011 (the first stable release) and October 2011, LibreOffice was downloaded approximately 7.5 million times.[21] The project claims 120 million unique downloading addresses from May 2011 to May 2015, excluding Linux distributions, with 55 million of those being from May 2014 to May 2015.[22]

Features

Included applications

Module Notes
LibreOffice 4.0 Writer Icon.svg Writer A word processor with similar functionality and file support to Microsoft Word or WordPerfect. It has extensive WYSIWYG word processing capabilities, but can also be used as a basic text editor.[12]
LibreOffice 4.0 Calc Icon.svg Calc A spreadsheet program, similar to Microsoft Excel or Lotus 1-2-3. It has a number of unique features, including a system which automatically defines series of graphs, based on information available to the user.[12][23]
LibreOffice 4.0 Impress Icon.svg Impress A presentation program resembling Microsoft PowerPoint. Presentations can be exported as SWF files, allowing them to be viewed on any computer with Adobe Flash Player installed.[12][24]
LibreOffice 4.0 Draw Icon.svg Draw A vector graphics editor and diagramming tool similar to Microsoft Visio and comparable in features to early versions of CorelDRAW. It provides connectors between shapes, which are available in a range of line styles and facilitate building drawings such as flowcharts. It also includes features similar to desktop publishing software such as Scribus and Microsoft Publisher.[25] It is also able to act as a PDF-file editor.
LibreOffice 4.0 Math Icon.svg Math An application designed for creating and editing mathematical formulae. The application uses a variant of XML for creating formulas, as defined in the OpenDocument specification. These formulas can be incorporated into other documents in the LibreOffice suite, such as those created by Writer or Calc, by embedding the formulas into the document.[26]
LibreOffice 4.0 Base Icon.svg Base A database management program, similar to Microsoft Access. LibreOffice Base allows the creation and management of databases, preparation of forms and reports that provide end users easy access to data. Like Access, it can be used to create small embedded databases that are stored with the document files (using Java-based HSQLDB as its storage engine), and for more demanding tasks it can also be used as a front-end for various database systems, including Access databases (JET), ODBC/JDBC data sources, and MySQL, MariaDB, PostgreSQL or Microsoft Access.[12][27]
Work is ongoing to transition the embedded storage engine from HSQLDB to the C++ based Firebird SQL backend. Firebird has been included in LibreOffice as an experimental option since LibreOffice 4.2.[28][29]

Operating systems


Screenshot of LibreOffice 5.3 Writer using the MUFFIN interface running on Ubuntu 16.04

LibreOffice Viewer on Android
The Document Foundation developers target LibreOffice for Microsoft Windows (IA-32 and x86-64), Linux (IA-32 and x86-64) and macOS (x86-64).[30] Community ports for FreeBSD,[31] NetBSD,[32] OpenBSD and Mac OS X 10.5 PowerPC[33] receive support from contributors to those projects, respectively.[34][35][36] LibreOffice is also installable on OpenIndiana via SFE.[37]

In 2011, developers announced plans to port LibreOffice both to Android and to iOS.[38] A beta version of a document viewer for Android 4.0 or newer was released in January 2015;[13] In May 2015, LibreOffice Viewer for Android was released with basic editing capabilities.[39]

The LibreOffice Impress Remote application for various mobile operating systems allows for remote control of LibreOffice Impress presentations.

LibreOffice Online

LibreOffice Online is the online office suite edition of LibreOffice. It allows for the use of LibreOffice through a web browser by using the canvas element of HTML5. Development was announced at the first LibreOffice Conference in October 2011, and is ongoing.[40] The Document Foundation, IceWarp, and Collabora announced a collaboration to work on its implementation.[41][42]

A version of the software was shown in a September 2015 conference,[43] and the UK Crown Commercial Service announced an interest in using the software.[44][45] On 15 December 2015, Collabora, in partnership with ownCloud, released a technical preview of Libreoffice Online branded as Collabora Online Development Edition (CODE).[46] In July 2016, Nextcloud and Collabora partnered to bring CODE to Nextcloud users.[47][48] By October 2016, Collabora had released nine updates to CODE.[49] First source code release of LibreOffice Online was done with LibreOffice version 5.3 in February 2017.[14]

Unique features of LibreOffice

A detailed 60-page report in June 2015 compared the progress of the LibreOffice project with the related project Apache OpenOffice. It showed that "OpenOffice received about 10% of the improvements LibreOffice did in the period of time studied."[50]

Miscellaneous features

LibreOffice can use the GStreamer multimedia framework in Linux to render multimedia content such as videos in Impress and other programs.

Visually, LibreOffice uses the large "Tango style" icons that are used for the application shortcuts, quick launch icons, icons for associated files and for the icons found on the toolbar of the LibreOffice programs.[69][70] They are also used on the toolbars and menus by default.

LibreOffice also ships with a modified theme which looks native on GTK-based Linux distributions. It also renders fonts via Cairo on Linux distributions; this means that text in LibreOffice is rendered the same as the rest of the Linux desktop.[71]

LibreOffice has a feature similar to WordArt called Fontwork.[72]

Licensing

The LibreOffice project uses a dual LGPLv3 (or later) / MPL 2.0 license for new contributions to allow the license to be upgraded.[73] Since the core of the OpenOffice.org codebase was donated to the Apache Software Foundation, there is an ongoing effort to get all the code rebased to ease future license updates. At the same time, there were complaints that IBM had not in fact released the Lotus Symphony code as open source, despite having claimed to. It was reported that some LibreOffice developers wanted to incorporate some code parts and bug fixes which IBM already fixed in their OpenOffice fork.[74]

Scripting and extensions

LibreOffice supports third-party extensions.[75] As of July 2017, the LibreOffice Extension Repository lists more than 320 extensions.[76] Another list is maintained by the Apache Software Foundation[77] and another one by the Free Software Foundation.[78] Extensions and scripts for LibreOffice can be written in C++, Java, CLI, Python, and LibreOffice Basic. Interpreters for the latter two are bundled with most LibreOffice installers, so no additional installation is needed. The application programming interface for LibreOffice is called "UNO" and is extensively documented.[79]

LibreOffice Basic

LibreOffice Basic is a programming language similar to Microsoft Visual Basic for Applications (VBA) but based on StarOffice Basic. It is available in Writer, Calc and Base. It is used to write small programs known as "macros", with each macro performing a different task, such as counting the words in a paragraph.[80]

History

A timeline of major derivatives of StarOffice and
OpenOffice.org with LibreOffice in green

ooo-build, Go-oo and Oracle

Members of the OpenOffice.org community who were not Sun Microsystems employees had wanted a more egalitarian form for the OpenOffice.org project for many years; Sun had stated in the original OpenOffice.org announcement in 2000, that the project would eventually be run by a neutral foundation,[81] and put forward a more detailed proposal in 2001.[82]

Ximian and then Novell had maintained the ooo-build patch set, a project led by Michael Meeks, to make the build easier on Linux and due to the difficulty of getting contributions accepted upstream by Sun, even from corporate partners. It tracked the main line of development and was not intended to constitute a fork.[83] It was also the standard build mechanism for OpenOffice.org in most Linux distributions[84] and was contributed to by said distributions.[85]

In 2007, ooo-build was made available by Novell as a software package called Go-oo (ooo-build had used the go-oo.org domain name as early as 2005[86]), which included many features not included in upstream OpenOffice.org. Go-oo also encouraged outside contributions, with rules similar to those later adopted for LibreOffice.[87]

Sun's contributions to OpenOffice.org had been declining for some time,[88] they remained reluctant to accept contributions[89] and contributors were upset at Sun releasing OpenOffice.org code to IBM for IBM Lotus Symphony under a proprietary contract, rather than under an open source licence.[90]

Sun was purchased by Oracle Corporation in early 2010. OpenOffice.org community members were concerned by Oracle's behaviour towards open source software,[91] the Java lawsuit against Google[92] and Oracle's withdrawal of developers[93] and lack of activity on or visible commitment to OpenOffice.org, as had been noted by industry observers[94] – as Meeks put it in early September 2010, "The news from the Oracle OpenOffice conference was that there was no news."[95] Discussion of a fork started soon after.[96]

The Document Foundation and LibreOffice

On 28 September 2010, The Document Foundation was announced as the host of LibreOffice, a new derivative of OpenOffice.org. The Document Foundation's initial announcement stated their concerns that Oracle would either discontinue OpenOffice.org, or place restrictions on it as an open source project, as it had on Sun's OpenSolaris.

LibreOffice 3.3 beta used the ooo-build build infrastructure and the OpenOffice.org 3.3 beta code from Oracle, then adding selected patches from Go-oo.[101] Go-oo was discontinued in favour of LibreOffice. Since the office suite that was branded "OpenOffice.org" in most Linux distributions was in fact Go-oo, most moved immediately to LibreOffice.[102]

Oracle was invited to become a member of The Document Foundation. However, Oracle demanded that all members of the OpenOffice.org Community Council involved with The Document Foundation step down from the OOo Community Council, claiming a conflict of interest.[103]

Naming

The name "LibreOffice" was picked after researching trademark databases and social media, as well after checks were made to see if it could be used for URLs in various countries.[104] Oracle rejected requests to donate the OpenOffice.org brand to the project.[105]

LibreOffice was initially named BrOffice in Brazil. OpenOffice.org had been distributed as BrOffice.org by the BrOffice Centre of Excellence for Free Software because of a trademark issue.[106]

End of OpenOffice.org and beginning of Apache OpenOffice

Oracle announced in April 2011 that it was ending its development of OpenOffice.org and would lay off the majority of its paid developers.[107] In June 2011, Oracle announced[108] that it would donate the OpenOffice.org code and trademark to the Apache Software Foundation, where the project was accepted for a project incubation process within the foundation, thus becoming Apache OpenOffice. In an interview with LWN in 2011, Ubuntu founder Mark Shuttleworth blamed The Document Foundation for destroying OpenOffice.org because it did not license code under Oracle's Contributor License Agreement.[109] But former Sun executive Simon Phipps denies this is the case:
The act of creating The Document Foundation and its LibreOffice project did no demonstrable harm to Oracle's business. There is no new commercial competition to Oracle Open Office (their commercial edition of OO.o) arising from LibreOffice. No contributions that Oracle valued were ended by its creation. Oracle's ability to continue development of the code was in no way impaired. Oracle's decision appears to be simply that, after a year of evaluation, the profit to be made from developing Oracle Open Office and Oracle Cloud Office did not justify the salaries of over 100 senior developers working on them both. Suggesting that TDF was in some way to blame for a hard-headed business decision that seemed inevitable from the day Oracle's acquisition of Sun was announced is at best disingenuous.[110]
In March 2015, an LWN.net comparison of LibreOffice with its cousin project Apache OpenOffice concluded that "LibreOffice has won the battle for developer participation".[111]

Release history

Versions

Since March 2014 and version 4.2.2, two different major "released" versions of LibreOffice are available at any time, in addition to development versions (numbered release candidates and dated nightly builds).[143] The versions are designated to signal their appropriateness for differing user requirements.[144] Releases are designated by three numbers separated by dots. The first two numbers represent the major version (branch) number, and the final number indicates the bugfix releases made in that series. LibreOffice designates the two release versions as:
  • "Fresh" – the most recent major version (branch), which contains the latest enhancements but which may have introduced bugs not present in the "still" release.
  • "Still" (formerly "Stable") – the previous major version, which, by the time it has become the "still" version, has had around six months of bug fixing. It is recommended for users for whom stability is more important than the latest enhancements.

Release schedule

LibreOffice uses a time-based release schedule for predictability, rather than a "when it's ready" schedule. New major versions are released around every six months, in January or February and July or August of each year. The initial intention was to release in March and September, to align with the schedule of other free software projects.[145] Minor bugfix versions of the "fresh" and "still" release branches are released frequently.

Users and deployments


LibreOffice weekly downloads since 2010.

The Document Foundation estimated in September 2011, that there were 10 million users worldwide who had obtained LibreOffice via downloads or CD-ROMs. Over 90% of those were on Windows, with another 5% on OS X. LibreOffice is the default office suite for most Linux distributions, and is installed when the operating system is installed or updated. Based on International Data Corporation reckonings for new or updated Linux installations in 2011, The Document Foundation estimated a subtotal of 15 million Linux users. This gave a total estimated user base of 25 million users in 2011.[146] In September 2013, after two years, the estimated number of LibreOffice users was 75 million.[147] A million new unique IP addresses check for downloads each week.[148] In August 2016, the number of LibreOffice users was estimated at 120 million.[149]

In 2011, the Document Foundation set a target of 200 million users worldwide before the end of 2020.[146]

LibreOffice has seen various mass deployments since its inception:

2003–2010
  • In 2003–2004, the Brazilian corporation Serpro started migrating its software to BrOffice (the local version of LibreOffice at the time), with estimated value of BRL 3.5 million (approximately US$1.2 million at the time), and became a case study for similar initiatives in Brazil, particularly in e-government.[150]
  • In 2005, the French Gendarmerie announced its migration to OpenOffice.org.[151] It planned to migrate 72,000 desktop machines to a customised version of Ubuntu with LibreOffice by 2015.[152]
  • In 2010, the Irish city of Limerick gradually started migrating to open-source solutions to free itself from vendor lock-in and improve its purchase negotiation power. One of the key aspects of this move has been the use of LibreOffice.[153]
2011
  • The administrative authority of the Île-de-France region (which includes the city of Paris) included LibreOffice in a USB flash drive given to students which contains free open-source software. The USB flash drive is given to approximately 800,000 students.[38][154]
  • It was announced that thirteen hospitals of the Copenhagen region would gradually switch to LibreOffice, affecting "almost all of the 25,000 workers".[155]
2012
  • The Greek city of Pylaia-Chortiatis migrated its PCs to use LibreOffice. The local Linux user group estimated cost savings to be at least €70,000.[156]
  • In July, the Spanish city of Las Palmas switched its 1,200 PCs to using LibreOffice, citing cost savings of €400,000.[157]
  • The administration of Umbria, Italy, started a project to migrate an initial group of 5,000 civil workers to LibreOffice.[158]
  • The city of Largo, Florida, US has been a long-time user[159] of open-source software using Linux thin clients. Originally using OpenOffice.org, the city of Largo switched to LibreOffice in 2013.[160]
2013
  • In June, the government of the Italian province of South Tyrol will be switching 7,000 PCs in administration and "many more thousands" of PCs in health services using LibreOffice and ODF.[161]
  • In August, the administration of the Spanish autonomous region of Valencia has completed the migration of all 120,000 PCs of the administration, including schools and courts, to LibreOffice.[162]
  • The German city of Munich announced that it would transition from OpenOffice to LibreOffice in the near future. This is in line with Munich's long term commitment to using open-source software. Munich uses LiMux, an Ubuntu Linux derivative, on nearly all of the city's 15,000 computers.[163][164] The city of Munich is the second public administration to join the advisory board at the Document Foundation.[165] News appeared in 2014 that the Council is considering migrating back to Microsoft Windows & Microsoft Office[166] but was later denied.[167] Based on a study, the mayor of Munich, Dieter Reiter, initiated the re-investigation of the scenario of migrating back to Microsoft systems.[168] The trustworthiness of the study is questionable because the company has been "Microsoft's Alliance Partner of the Year" for nine years.[169] Further details were issued by the Document Foundation.[170]
2014
  • The French city of Toulouse announced it saved €1 million by migrating thousands of workstations to LibreOffice.[171][172]
2015
  • The Italian Ministry of Defence announced that it would install LibreOffice on 150,000 PCs.[173]
  • The Italian city of Bari replaced Microsoft Office with LibreOffice on its 1,700 PCs.[174]
  • LibreOffice was officially made available for all UK Government agencies nationwide.[175] Annual cost saving on a subscription for 6,500 users compared to MS Office is approximately 900,000 GBP.[176]
  • In July 2015, the IT project manager working for the administration of Nantes (France’s sixth largest city) talked about the ongoing switch of its 5,000 workstations to LibreOffice started in 2013. According to the IT project manager, the switch to LibreOffice allowed the administration to save €1.7 million.[177]
  • As of 2015, LibreOffice is installed on almost all of the 500,000 workstations of the 11 French ministries members of the MIMO working group.[178] The MIMO working group was the first public administration to join the advisory board at the Document Foundation.[179]
2016
2017
  • The majority (75%) of municipalities in the Walloon region of Belgium use open source software and services which include LibreOffice. As of March 2017, over 20,000 public administration staff and many times more citizens use the services.[183]
  • The Spanish autonomous region of Galicia announced plans to finalize its switch to LibreOffice at several central government services and ministries, making LibreOffice the only office productivity suite on 6,000 workstations.[184]
  • The city of Rome, Italy, began installing LibreOffice on all of its 14,000 PC workstations, in parallel to the existing proprietary office suite. It is one of the planned steps to increase the city's use of free and open source software, aiming to reduce lock-in to IT vendors.[185]

Reverse engineering

From Wikipedia, the free encyclopedia
Reverse engineering, also called back engineering, is the process by which a man-made object is deconstructed to reveal its designs, architecture, or to extract knowledge from the object; similar to scientific research, the only difference being that scientific research is about a natural phenomenon.


Reverse engineering is applicable in the fields of mechanical engineering, electronic engineering, software engineering, chemical engineering,[2] and systems biology.[3]

Overview

Reverse engineering has its origins in the analysis of hardware for commercial or military advantage.[4]:13 However, the reverse engineering process in itself is not concerned with creating a copy or changing the artifact in some way; it is only an analysis in order to deduce design features from products with little or no additional knowledge about the procedures involved in their original production.[4]:15 In some cases, the goal of the reverse engineering process can simply be a redocumentation of legacy systems.[4]:15[5] Even when the product reverse engineered is that of a competitor, the goal may not be to copy them, but to perform competitor analysis.[6] Reverse engineering may also be used to create interoperable products and despite some narrowly tailored United States and European Union legislation, the legality of using specific reverse engineering techniques for this purpose has been hotly contested in courts worldwide for more than two decades.[7]

There are many reasons for performing reverse engineering in various fields. Reverse engineering software can help to improve the understanding of the underlying source code for the maintenance and improvement of the software, relevant information can be extracted in order to make a decision for software development and graphical representations of the code can provide alternate views regarding the source code, which can help to detect and fix a software bug or vulnerability.

Frequently, as some software develops, its design information and improvements are often lost over time, but this lost information can usually be recovered with reverse engineering. This process can also help to cut down the time required to understand the source code, reducing the overall cost of the software development.[8] Reverse engineering can also help to detect and eliminate a malicious code written to the software with better code detectors. Reversing a source code can be used to find alternate uses of the source code, such as to detect unauthorized replication of the source code where it wasn't intended to be used, or to reveal how a competitors product was built.[1] This process is commonly used for "cracking" software and media to remove their copy protection,[1]:7 or to create a (possibly improved) copy or even a knockoff, which is usually the goal of a competitor or a hacker.[1]:8 Malware developers often use reverse engineering techniques to find vulnerabilities in an operating system (OS), in order build a computer virus that can exploit the system vulnerabilities.[1]:5 Reverse engineering is also being used in cryptanalysis in order to find vulnerabilities in substitution cipher, symmetric-key algorithm or public-key cryptography.[1]:6
  • Interfacing. Reverse engineering can be used when a system is required to interface to another system and how both systems would negotiate is to be established. Such requirements typically exist for interoperability.
  • Military or commercial espionage. Learning about an enemy’s or competitor’s latest research by stealing or capturing a prototype and dismantling it, which may result in development of similar product, or a better countermeasure against it.
  • Obsolescence. Integrated circuits are often designed on proprietary systems, and built on production lines which become obsolete in only a few years. When systems using these parts can no longer be maintained (since the parts are no longer made), the only way to incorporate the functionality into new technology is to reverse engineer the existing chip and then redesign it using newer tools, using the understanding gained as a guide. Another obsolescence originated problem which can be solved by reverse engineering is the need to support (maintenance and supply for continuous operation) existing, legacy devices which are no longer supported by their original equipment manufacturer (OEM). This problem is particularly critical in military operations.
  • Product security analysis. To examine how a product works, what are specifications of its components, estimate costs and identify potential patent infringement. Acquiring sensitive data by disassembling and analysing the design of a system component.[9] Another intent may be to remove copy protection, or circumvention of access restrictions.
  • Competitive technical intelligence. Understand what one's competitor is actually doing, versus what they say they are doing.
  • Saving money, when one finds out what a piece of electronics is capable of, it can spare a user from purchase of a separate product.
  • Repurposing, when obsolete objects are reused in a different but useful manner.

Common situations

Reverse engineering of machines

As computer-aided design (CAD) has become more popular, reverse engineering has become a viable method to create a 3D virtual model of an existing physical part for use in 3D CAD, CAM, CAE or other software.[10] The reverse-engineering process involves measuring an object and then reconstructing it as a 3D model. The physical object can be measured using 3D scanning technologies like CMMs, laser scanners, structured light digitizers, or Industrial CT Scanning (computed tomography). The measured data alone, usually represented as a point cloud, lacks topological information and is therefore often processed and modeled into a more usable format such as a triangular-faced mesh, a set of NURBS surfaces, or a CAD model.[11]

Hybrid Modelling is commonly used term when NURBS and Parametric modelling are implemented together. Using a combination of geometric and freeform surfaces can provide a powerful method of 3D modelling. Areas of freeform data can be combined with exact geometric surfaces to create a hybrid model. A typical example of this would be the reverse engineering of a cylinder head, which includes freeform cast features, such as water jackets and high tolerance machined areas.[12]

Reverse engineering is also used by businesses to bring existing physical geometry into digital product development environments, to make a digital 3D record of their own products, or to assess competitors' products. It is used to analyse, for instance, how a product works, what it does, and what components it consists of, estimate costs, and identify potential patent infringement, etc.

Value engineering is a related activity also used by businesses. It involves de-constructing and analysing products, but the objective is to find opportunities for cost cutting.

Reverse engineering of software

In 1990, Institute of Electrical and Electronics Engineers (IEEE) defined reverse engineering as "the process of analyzing a subject system to identify the system's components and their interrelationships and to create representations of the system in another form or at a higher level of abstraction", where the "subject system" is the end product of software development. Reverse engineering is a process of examination only: the software system under consideration is not modified (which would make it re-engineering or restructuring). Reverse engineering can be performed from any stage of the product cycle, not necessarily from the functional end product.

There are two components in reverse engineering: redocumentation and design recovery. Redocumentation is the creation of new representation of the computer code so that it is easier to understand. Meanwhile, design recovery is the using of deduction or reasoning from general knowledge or personal experience of the product in order to fully understand the product functionality.[8] It can also be seen as "going backwards through the development cycle".[13] In this model, the output of the implementation phase (in source code form) is reverse-engineered back to the analysis phase, in an inversion of the traditional waterfall model. Another term for this technique is program comprehension.[5] Working Conference on Reverse Engineering (WCRE) has been held yearly to explore and expand the techniques of reverse engineering.[1][14] Computer-aided software engineering (CASE) and automated code generation have contributed greatly in the field of reverse engineering.[1]

Software anti-tamper technology like obfuscation is used to deter both reverse engineering and re-engineering of proprietary software and software-powered systems. In practice, two main types of reverse engineering emerge. In the first case, source code is already available for the software, but higher-level aspects of the program, perhaps poorly documented or documented but no longer valid, are discovered. In the second case, there is no source code available for the software, and any efforts towards discovering one possible source code for the software are regarded as reverse engineering. This second usage of the term is the one most people are familiar with. Reverse engineering of software can make use of the clean room design technique to avoid copyright infringement.

On a related note, black box testing in software engineering has a lot in common with reverse engineering. The tester usually has the API, but their goals are to find bugs and undocumented features by bashing the product from outside.[15]

Other purposes of reverse engineering include security auditing, removal of copy protection ("cracking"), circumvention of access restrictions often present in consumer electronics, customization of embedded systems (such as engine management systems), in-house repairs or retrofits, enabling of additional features on low-cost "crippled" hardware (such as some graphics card chip-sets), or even mere satisfaction of curiosity.

Binary software

Binary reverse engineering is performed if source code for a software is unavailable.[1] This process is sometimes termed Reverse Code Engineering, or RCE.[16] As an example, decompilation of binaries for the Java platform can be accomplished using Jad. One famous case of reverse engineering was the first non-IBM implementation of the PC BIOS which launched the historic IBM PC compatible industry that has been the overwhelmingly dominant computer hardware platform for many years. Reverse engineering of software is protected in the U.S. by the fair use exception in copyright law.[17] The Samba software, which allows systems that are not running Microsoft Windows systems to share files with systems that are, is a classic example of software reverse engineering,[18] since the Samba project had to reverse-engineer unpublished information about how Windows file sharing worked, so that non-Windows computers could emulate it. The Wine project does the same thing for the Windows API, and OpenOffice.org is one party doing this for the Microsoft Office file formats. The ReactOS project is even more ambitious in its goals, as it strives to provide binary (ABI and API) compatibility with the current Windows OSes of the NT branch, allowing software and drivers written for Windows to run on a clean-room reverse-engineered Free Software (GPL) counterpart. WindowsSCOPE allows for reverse-engineering the full contents of a Windows system's live memory including a binary-level, graphical reverse engineering of all running processes.

Another classic, if not well-known example is that in 1987 Bell Laboratories reverse-engineered the Mac OS System 4.1, originally running on the Apple Macintosh SE, so they could run it on RISC machines of their own.[19]
Binary software techniques
Reverse engineering of software can be accomplished by various methods. The three main groups of software reverse engineering are
  1. Analysis through observation of information exchange, most prevalent in protocol reverse engineering, which involves using bus analyzers and packet sniffers, for example, for accessing a computer bus or computer network connection and revealing the traffic data thereon. Bus or network behavior can then be analyzed to produce a stand-alone implementation that mimics that behavior. This is especially useful for reverse engineering device drivers. Sometimes, reverse engineering on embedded systems is greatly assisted by tools deliberately introduced by the manufacturer, such as JTAG ports or other debugging means. In Microsoft Windows, low-level debuggers such as SoftICE are popular.
  2. Disassembly using a disassembler, meaning the raw machine language of the program is read and understood in its own terms, only with the aid of machine-language mnemonics. This works on any computer program but can take quite some time, especially for someone not used to machine code. The Interactive Disassembler is a particularly popular tool.
  3. Decompilation using a decompiler, a process that tries, with varying results, to recreate the source code in some high-level language for a program only available in machine code or bytecode.

Software classification

Software classification is the process of identifying similarities between different software binaries (for example, two different versions of the same binary) used to detect code relations between software samples. This task was traditionally done manually for several reasons (such as patch analysis for vulnerability detection and copyright infringement) but nowadays can be done somewhat automatically for large numbers of samples.

This method is being used mostly for long and thorough reverse engineering tasks (complete analysis of a complex algorithm or big piece of software). In general, statistical classification is considered to be a hard problem and this is also true for software classification, therefore there aren't many solutions/tools that handle this task well.

Source code

A number of UML tools refer to the process of importing and analysing source code to generate UML diagrams as "reverse engineering".

Although UML is one approach to providing "reverse engineering" more recent advances in international standards activities have resulted in the development of the Knowledge Discovery Metamodel (KDM). This standard delivers an ontology for the intermediate (or abstracted) representation of programming language constructs and their interrelationships. An Object Management Group standard (on its way to becoming an ISO standard as well), KDM has started to take hold in industry with the development of tools and analysis environments which can deliver the extraction and analysis of source, binary, and byte code. For source code analysis, KDM's granular standards' architecture enables the extraction of software system flows (data, control, & call maps), architectures, and business layer knowledge (rules, terms, process). The standard enables the use of a common data format (XMI) enabling the correlation of the various layers of system knowledge for either detailed analysis (e.g. root cause, impact) or derived analysis (e.g. business process extraction). Although efforts to represent language constructs can be never-ending given the number of languages, the continuous evolution of software languages and the development of new languages, the standard does allow for the use of extensions to support the broad language set as well as evolution. KDM is compatible with UML, BPMN, RDF and other standards enabling migration into other environments and thus leverage system knowledge for efforts such as software system transformation and enterprise business layer analysis.

Reverse engineering of protocols

Protocols are sets of rules that describe message formats and how messages are exchanged (i.e., the protocol state-machine). Accordingly, the problem of protocol reverse-engineering can be partitioned into two subproblems; message format and state-machine reverse-engineering.

The message formats have traditionally been reverse-engineered through a tedious manual process, which involved analysis of how protocol implementations process messages, but recent research proposed a number of automatic solutions.[20][21][22] Typically, these automatic approaches either group observed messages into clusters using various clustering analyses, or emulate the protocol implementation tracing the message processing.

There has been less work on reverse-engineering of state-machines of protocols. In general, the protocol state-machines can be learned either through a process of offline learning, which passively observes communication and attempts to build the most general state-machine accepting all observed sequences of messages, and online learning, which allows interactive generation of probing sequences of messages and listening to responses to those probing sequences. In general, offline learning of small state-machines is known to be NP-complete,[23] while online learning can be done in polynomial time.[24] An automatic offline approach has been demonstrated by Comparetti et al.[22] and an online approach by Cho et al.[25]

Other components of typical protocols, like encryption and hash functions, can be reverse-engineered automatically as well. Typically, the automatic approaches trace the execution of protocol implementations and try to detect buffers in memory holding unencrypted packets.[26]

Reverse engineering of integrated circuits/smart cards

Reverse engineering is an invasive and destructive form of analyzing a smart card. The attacker grinds away layer after layer of the smart card and takes pictures with an electron microscope. With this technique, it is possible to reveal the complete hardware and software part of the smart card. The major problem for the attacker is to bring everything into the right order to find out how everything works. The makers of the card try to hide keys and operations by mixing up memory positions, for example, bus scrambling.[27][28] In some cases, it is even possible to attach a probe to measure voltages while the smart card is still operational. The makers of the card employ sensors to detect and prevent this attack.[29] This attack is not very common because it requires a large investment in effort and special equipment that is generally only available to large chip manufacturers. Furthermore, the payoff from this attack is low since other security techniques are often employed such as shadow accounts. It is uncertain at this time whether attacks against CHIP/PIN cards to replicate encryption data and consequentially crack PINS would provide a cost effective attack on multifactor authentication.

Reverse engineering for military applications

Reverse engineering is often used by people in order to copy other nations' technologies, devices, or information that have been obtained by regular troops in the fields or by intelligence operations. It was often used during the Second World War and the Cold War. Well-known examples from WWII and later include:
  • Jerry can: British and American forces noticed that the Germans had gasoline cans with an excellent design. They reverse-engineered copies of those cans. The cans were popularly known as "Jerry cans".
  • Panzerschreck: The Germans captured an American Bazooka during World War II, and reverse engineered it to create the larger Panzerschreck.
  • Tupolev Tu-4: In 1944, three American B-29 bombers on missions over Japan were forced to land in the USSR. The Soviets, who did not have a similar strategic bomber, decided to copy the B-29. Within three years, they had developed the Tu-4, a near-perfect copy.
  • SCR-584 radar: copied by USSR after the Second World War. Known in the form a few modifications - СЦР-584, Бинокль-Д.
  • V-2 rocket: Technical documents for the V2 and related technologies were captured by the Western Allies at the end of the war. The American side focused their reverse engineering efforts via operation Paperclip, which led to the development of the PGM-11 Redstone rocket.[30] The Soviet side used captured German engineers to reproduce technical documents and plans, and work from captured hardware in order to make their clone of the rocket, the R-1. Thus began the postwar Soviet rocket program that led to the R-7 and the beginning of the space race.
  • K-13/R-3S missile (NATO reporting name AA-2 Atoll), a Soviet reverse-engineered copy of the AIM-9 Sidewinder, was made possible after a Taiwanese AIM-9B hit a Chinese MiG-17 without exploding in September 1958.[31] The missile became lodged within the airframe, and the pilot returned to base with what Russian scientists would describe as a university course in missile development.
  • BGM-71 TOW Missile: In May 1975, negotiations between Iran and Hughes Missile Systems on co-production of the TOW and Maverick missiles stalled over disagreements in the pricing structure, the subsequent 1979 revolution ending all plans for such co-production. Iran was later successful in reverse-engineering the missile and are currently producing their own copy: the Toophan.
  • China has reversed engineered many examples of Western and Russian hardware, from fighter aircraft to missiles and HMMWV cars.
  • During the Second World War, Polish and British cryptographers studied captured German "Enigma" message encryption machines for weaknesses. Their operation was then simulated on electro-mechanical devices called "Bombes" that tried all the possible scrambler settings of the "Enigma" machines to help break the coded messages sent by the Germans.
  • Also during the Second World War, British scientists analyzed and defeated a series of increasingly sophisticated radio navigation systems being used by the German Luftwaffe to perform guided bombing missions at night. The British countermeasures to this system were so effective that in some cases German aircraft were led by signals to land at RAF bases, believing they were back in German territory.

Overlap with patent law

Reverse engineering applies primarily to gaining understanding of a process or artifact, where the manner of its construction, use, or internal processes is not made clear by its creator.

Patented items do not of themselves have to be reverse-engineered to be studied, since the essence of a patent is that the inventor provides detailed public disclosure themselves, and in return receives legal protection of the invention involved. However, an item produced under one or more patents could also include other technology that is not patented and not disclosed. Indeed, one common motivation of reverse engineering is to determine whether a competitor's product contains patent infringements or copyright infringements.

Legality

United States

In the United States even if an artifact or process is protected by trade secrets, reverse-engineering the artifact or process is often lawful as long as it has been legitimately obtained.[32]

Reverse engineering of computer software in the US often falls under both contract law as a breach of contract as well as any other relevant laws. This is because most EULAs (end user license agreement) specifically prohibit it, and U.S. courts have ruled that if such terms are present, they override the copyright law which expressly permits it (see Bowers v. Baystate Technologies[33][34]). Sec. 103(f) of the DMCA (17 U.S.C. § 1201 (f)) says that a person who is in legal possession of a program, is permitted to reverse-engineer and circumvent its protection if this is necessary in order to achieve "interoperability" — a term broadly covering other devices and programs being able to interact with it, make use of it, and to use and transfer data to and from it, in useful ways. A limited exemption exists that allows the knowledge thus gained to be shared and used for interoperability purposes.[35]

European Union

EU Directive 2009/24 — which superseded an earlier (1991) directive[36] — on the legal protection of computer programs, governs reverse engineering in the European Union.[37][38]

Delayed-choice quantum eraser

From Wikipedia, the free encyclopedia https://en.wikipedia.org/wiki/Delayed-choice_quantum_eraser A delayed-cho...