Experts Comments below:
“Ghidra made open source will be of interest to security consultants and hackers, however its not like anyone didn’t have this capability before with other tools. The process of reverse engineering – understanding the intricacies of how a piece of software processes its data and how it flows while only having the binary executable code – is not a simple process, therefore this tool is only useful in very capable hands. Despite Ghidra having user interface features to make reversing easier, only those who really understand software can get benefit from it.
Ghidra should be used and trusted where appropriate, as it’s simply a tool to help decode compiled software. Commercial tools that decompile and help with reverse engineering are not prohibitively expensive and most likely pirate copies are prolific, however an open source tool such as Ghidra makes reversing more accessible and in the long term improves security by garnering talent in those interested in experimenting. The more software security people we have the more security reviews can be performed, the better risk is understood and the faster software can be fixed.”
Chris Doman, Security Researcher at AT&T Cybersecurity:
Ghidra’s open-sourcing is big news as there has historically been no solid competition to the existing main player IDA Pro – which can be cost prohibitive and there are hurdles to obtain. This may level the reverse engineering playing field, enabling students and newer security researchers to use a high grade reverse engineering tool. That’s good news when one of the largest issue facing cyber-security is the lack of qualified people.
In exchange the NSA is likely hoping for open-source contributions and increased recruitment. – I would remove this as it is speculation and the Wired article lays out why they are making this open source and the pros. Some potential security misconfigurations in Ghidra have been identified – but I’d be very surprised if there was an intentional backdoor in Ghidra. It’s a product aimed at the very people who look for backdoors. Backdoors are more likely to be found in other software. – this is also addressed in the Wired article? And, the reporter didn’t specifically ask about back doors but I guess this goes to the question of “would you trust it?”
Suzanne Spaulding, Advisor at Nozomi Networks and Former Department of Homeland Security Under Secretary:
“While I understand the mistrust, I would certainly use the reverse-engineering tool made public by NSA at RSA this week. First, it’s incredibly useful for forensic threat analysts. Second, it’s open source, so NSA would be taking a huge risk that anything malicious it might build in would be detected eventually. Finally, Rob Joyce and his colleagues at NSA are strongly committed to improving cybersecurity and defeating our adversaries in cyberspace. Helping the private sector better, and more quickly, understand malware makes us all safer. Among other benefits, it can deter bad actors if they know their impact will be limited by defenders who have capacity to more quickly understand how an attack was built.”
Based Blockchain Network