No announcement yet.

Patrick Wardle & Tom McGuire - Déjà Vu: Uncovering Stolen Algorithms in Commercial Products

  • Filter
  • Time
  • Show
Clear All
new posts

  • Patrick Wardle & Tom McGuire - Déjà Vu: Uncovering Stolen Algorithms in Commercial Products

    Patrick Wardle & Tom McGuire - EvilCorp(s): Déjà Vu: Uncovering Stolen Algorithms in Commercial Products

    Patrick Wardle, Founder, Objective-See Foundation, he/him
    Tom McGuire, CTO and Instructor (he/him)

    Presentation Title:
    Déjà Vu: Uncovering Stolen Algorithms in Commercial Products

    Length of presentation: 20 minutes


    In an ideal world, members of a community work together towards a common goal or greater good. Unfortunately, we do not (yet) live in such a world.

    In this talk, we discuss what appears to be a systemic issue impacting our cyber-security community: the theft and unauthorized use of algorithms by corporate entities. Entities who themselves may be part of the community.

    First, we’ll present a variety of search techniques that can automatically point to unauthorized code in commercial products. Then we’ll show how reverse-engineering and binary comparison techniques can confirm such findings.

    Next, we will apply these approaches in a real-world case study. Specifically, we’ll focus on a popular tool from a non-profit organization that was reverse-engineered by multiple entities such that its core algorithm could be recovered and used (unauthorized), in multiple commercial products.

    The talk will end with actionable takeaways and recommendations, as who knows, this may happen to you too! For one, we'll present strategic approaches (and the challenges) of confronting culpable commercial entities (and their legal teams). Moreover, we’ll provide recommendations for corporations to ensure this doesn’t happen in the first place, thus ensuring that our community can remain cohesively focused on its mutual goals.


    Patrick Wardle:
    Patrick Wardle is the creator of the non-profit Objective-See Foundation, author of the “The Art of Mac Malware” book series, and founder of the “Objective by the Sea” macOS Security conference.

    Having worked at NASA and the NSA, as well as presenting at countless security conferences, he is intimately familiar with aliens, spies, and talking nerdy.

    Patrick is passionate about all things related to macOS security and thus spends his days finding Apple 0days, analyzing macOS malware, and writing free open-source security tools to protect Mac users.

    Tom McGuire:
    Tom has been working in the security industry since the late 90s. He is the CTO of a cybersecurity firm and an Instructor at Johns Hopkins University where he teaches Reverse Engineering, OS Security, Cryptology and Cyber Risk Management. He loves his family, all things security, biotech and the Red Sox!

    Last edited by number6; June 8, 2022, 18:14.