Cudder is a Liar

Cudder, where is your C/C++/Delphi decompiler? A few years agou you promised to deliver the IDA killer, but still you're silent. Not even a tech demo.

>>39
kill yourself you cock sucking cunt die in a fire

I want Cudder to release his advanced decompiler so I could port my Windows programs to MIPS.

>>23
Remember !w4lolitaKs? She specialised in
LLLLLLLLLLLLLEEEEEEEEEEEEEEELLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLL
>LE TRIPLE KIKE TRANNY SAMEFAGGOT
>XDDDD

check 'em dubz

>>24
"See if"? As if you don't think we've considered that? I wish I could disclose the details, but I'll just say it's more amusing to see the exploits that have been added by these "security patches"...

>>33
Maybe the average neet exploit finder living in a basement doesn't have a tool like this, but you can bet your ass that the professionals do.
It's not a "tool", it's a whole bloody system. Said exploit finder would likely not have the compute resources either, so we're just giving the professionals even more firepower if we released it; we realise not releasing it won't prevent hacking, but at least it won't make exploit rates rise dramatically.
>>34
We're basically trying to solve the Halting Problem here, and how far you can go depends on how much storage and processing power you have. There's nothing we can do about that; state/path analysis is naturally resource-intensive.

>>38
This is not a debugger (unless you mean that it can find the bugs for you...), nor a simple-minded single-use-case thing like IDA. The use cases are also completely different; it's not a realtime "load this program in a debugger and step through it to see what's happening", it's more like "analyse this program and see all the possible things it could do." I wouldn't call this a decompiler either, since being able to generate the semantically equivalent HLL code is just a side-effect of this process.

>>45
not releasing it won't prevent hacking, but at least it won't make exploit rates rise dramatically.
Just use Lisp! You can't analyze dynamically typed programs.

>>46
You can't analyze poorly written programs.
ftfy

>>45
I think I may have a solution.

Write letters to all maintainers of all the open source projects that matter. Tell them about your analysis tool that could potentially find a wide array of vulnerabilities in their code, and how you are reluctant to release it due to rise in exploits. Ask them to donate some funding to cover the cost of running the tool on their code base. Give them the final report generated and give them a few months to fix everything. Repeat for all projects. Once all the maintainers check it, release it.

Is it just source analysis or can it process binaries too? If the later then that's a more serious problem.

>>46
Actually you can...

>>48
Is it just source analysis or can it process binaries too?
*facepalm*
"Source? We don't need no stinkin' source!"

>>49
Welp, nevermind. That is quite the hacker's delight.

https://en.wikipedia.org/wiki/Ilfak_Guilfanov
for later use

Remember !w4lolitaKs? She specialised
she
is she attractive?

>>50
You mean crackers?

and is this program written in C?

Anyways, whatever cudder. I'm just going to make one in lisp that does the same functionality and stays below 500 MB of space. It ain't no thang.

>>11
Who is this ``we''?

>>54
The server part is mostly C with some Perl, SQL, and XML (not in order of prevalence). Clients in C, Java, and PHP.

>>56
REchan IHG and its subsidiaries.

>>57
Ah so that was that awesome test-bed sit I was looking for. Too bad they went off the air. I was looking for it frantically once, but never found it. Now I know why.

>>49
Can it analyse the paths of haskell programs too?

>>49
Actually you can...
How exactly would you analyze (EVAL (SETQ X '`(EVAL (SETQ X ',X))))?

>>60
Very, very carefully.

When's REchan coming back up?

>>46,60
You're thinking about it wrong. Dynamically typed languages are implicitly convertible to unitype static languages. You can skip type unification entirely (see bottom and top types.)

>>63
Really?  Are you sure?  In practice, it might be a pain in the ass, but if you just want a HURR DURR proof I can just invoke Turing Completeness to make a unitype static language to build a computer that does anything a particular dynamically typed program does.  Realistically, I might be able to scan the context, then bundle together the power set of object classes (i.e. String_or_Integer_or_Hashmap foo; Integer_or_Tuple_of_Strings bar;), which I guess is what you're referring to as type unification.

Of course, perhaps I'm thinking about this wrong.  Could you elaborate?

>>64
I am not quite following your argument but I'll try.

The obvious example is asm.js. It accepts Javascript, does meaningful type-level analysis on it and interprets it differently if the code meets certain conditions.

In general though, analysis only begins at the type level, and you will need to unify types and reject improperly typed languages. Many static languages do this in their compilers, then proceed to erase the types entirely. But that isn't strictly where type theory ends, the programmer can write their own constraints and dispatch (eg. ADTs &c. but you don't need anything fancier than conditionals or computed jumps.)

So once you've gotten the compiler-recognized types unified according to the type system, you're left with the same problem as in dynamic languages: figuring out the second system.

Static types will give you a cheap advantage in analysis. You can express powerful semantics with the right type system. But you can express only lies with weak ones like C's. BCPL's is more honest and unityped.

What I'm saying is in general, you can't count on a static type system to tell you enough to do meaningful analysis on types alone, and once you get past the types, you have the same problem as with dynamic languages. Even if the types can provide enough information, the is no guarantee that the code is written to take advantage of that property.

The downward spiral is a program in any language can be written to be completely opaque to any particular means of analysis. You have to pick your target.

>>59,60
Doesn't matter what produced it, as long as it's an executable binary. In other words no interpreted languages (but it's perfectly happy to, e.g., chew on the JVM or php.exe or python.exe or MSVBVM60.DLL or whatever.)

>>62
When we find a good reason to.

>>63-65
Our system is not based on any of this academic bullshite... one way to think about it could be "a more practical Coq".  Sometimes the best way to innovate is to ignore all the academics who have basically painted themselves into a corner. (See also: register allocation, rigid calling conventions, etc. I've had enough of the "use graph colouring" idiots. But that's a rant for another day...)

>>66
65 outlines problems that need to be solved for analysis to be successful. Whether or not you use academic bullshite methods you still have to solve the problems.

>>66
constraint satisfy my anus, cudder.

Is it just me, or Cudder became infected by Mentifex memes and solved AI?

>>67
I have no idea what problems he's talking about with that incomprehensible drivel, but it works fine for what we've needed it for and if it doesn't then we fix it until it does. Nothing more than that.

>>70
Does it work though? If you don't even know what problems you're solving the 'analysis' can't be trusted.

Our system is not based on any of this academic bullshite
the best way to innovate is to ignore all the academics
I've had enough of the "use graph colouring" idiots
How did Arthur Murray hijacked Cudder's tripcode?

>>72
He programmed ANDRU to do it.

Do you know what Cudder really did with this software? (S)he sold it to the Mossad. Instead of giving it away to benefit humanity, Cudder sold it to an evil organization so they could create another Stuxnet and cause Fukushima 2.0.

bloody liar bloody hell bloody Cudder bloody trans pig

redpill me on Cudder pls

checkem

Cudder also told that hardware reverse engineering is prohibitively costly and no one would ever be able to hack Intel hardware. Yet STM microscopy is so cheap, even school pupils can built one from spare parts: https://news.ycombinator.com/item?id=700352 and that should be enough to start reversing anything.

x86 is shit.

Cudder is a girl!