Re: Reverse Engineering - Legality

["Mr. MailingLists" <mailinglists () soul-dev com>]

On 6/30/2010 9:23 AM, chintan dave wrote:
> Hi Experts,
>
> I need a small help from you.
>
> Is RE legal for security assessments of products purchased from vendors?
I'm willing to bet its defined in the EULA (End User License Agreement) of the particular
application you are looking at.
> There has been a bit of confusion around RE topic.
Not really, It will most likely defined in the EULA. If it is not explicitly stated, look
for a clause that disallows using the software other than what it was designed for.
> I know it is illegal to do RE to steal the idea, however this one, I
> need feedback from you folks.
If it is not explicitly stated in the EULA that you can feel free to reverse this software
(or an explicit agreement with the company for whose software you will be reversing) I
would stay away.
> If you can share some authoritative resources that could confirm on
> the legality/illegality, it would be great.
Thanks and don't forget to read the EULA.

http://www.eff.org/issues/coders/reverse-engineering-faq

Put on yer black hat.

------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified. 

http://www.iacertification.org
------------------------------------------------------------------------