Google denies disassembling Vista

By Stephen Shankland, CNET News.com
Monday, September 22, 2008 10:22 AM

The source code underlying Google's Chrome Web browser suggests that Google used a reverse-engineering technique called disassembly to figure out how to employ a useful Windows Vista security feature, but the company said it did not, in fact, do so.

The Chrome source code said a particular security feature available on Vista, Data Execution Prevention, can be used on Windows XP SP2 and Windows Server 2003 SP1, though it is not documented for the older operating systems. The source code also said the feature can be understood with a disassembler, a method of reverse-engineering that deconstructs a binary file--such as Windows--into instructions more easily understood by a human.

An explanatory comment in the Chrome source code mentions use of a disassembler to figure out the security feature. "Completely undocumented from Microsoft. You can find this information by disassembling Vista's SP1 kernel32.dll with your favorite disassembler," the comment says.

But Google itself did not take that route. "We did not disassemble this code," the company said in a statement. "The source code indicates that the technique came from http://www.uninformed.org/?v=2&a=4. Please also note that...disassembling is just one of several methods one can use to find this information."

Software companies trying to protect their proprietary software often are not fans of disassemblers. For example, Vista's End-User License Agreement (PDF) states, "You may not...reverse-engineer, decompile, or disassemble the software, except and only to the extent that applicable law expressly permits, despite this limitation."

Google stuck up for the practice, though. "Disassembling is a common and accepted practice in software development, frequently used to make sure software features are compatible with other software programs or operating systems," the company said.

Regarding the Data Execution Prevention interface, the Chrome source code says, "Try documented ways first. Only available on Vista SP1 and Windows 2008." The method described at Uninformed comes in a later section, labeled thus: "Go in darker areas. Only available on Windows XP SP2 and Windows Server 2003 SP1."

This article was first published as a blog on CNET News.com.

0

0 votes

Save to My Library

Talkback 0 comments

There are currently no comments for this post.

Reply to story

Related Whitepapers

Tech Jobs Now!

TechGuides

Specials
News and Interviews
Whiteboard

UOB banks on economic downturn
Singapore bank's IT chief Susan Hwee explains how financial crisis offers new opportunities to reengineer
Play video
Domino's Pizza keeps customers eating
CEO Don Meij discusses strategy to grow customer base
Play video

As Sun acquisition closes, Oracle outlines new vision
Touts "complete, integrated, engineered systems"
Play video
Apple introduces the iPad
Apple CEO Steve Jobs unveils tablet type device
Play video

Cost Effective, Secure and HA Server Infrastructure for SMBs
Alan Wan from Dell illustrates how small and medium businesses can build a high availability IT infrastructure without requiring heavy investments on skills and resources.
Play video
Enterprise 2.0
Vince Casarez, vice president of product management at Oracle, explains how Web 2.0 technologies, such as tags, wikis, and mash-ups, can be applied within an organization.
Play video