|
Top-level
It's a product by iODD, and I now have the improved version: https://www.amazon.com/IODD-ST400-Enclosure-Bootable-Encryption/dp/B0B3HQMV5T/ However, lately I've been using Ventoy for just simple multi-booting, but the iODD ST400 is still great for hardware encryption and booting an ISO as a CD/DVD, although it uses NTFS storage unfortunately, which is the biggest drawback. 12 comments
@eickmeyer @cdp1337 @vkc Curiosity got the better of me. I've now downloaded the full blob-laden Ventoy source code and all release artifacts from the latest release for safe-keeping and future analysis. Does anyone have good suggestions for #reverseengineering tools? I know about #ghidra but am interested in other suggestions too. #linux #ubuntu https://hex-rays.com/ida-free/ is the only product I've used for this type of work. I generally don't do much reverse engineering though as I find it annoyingly tedious. One thought; if you know the original source repo of the binary files, you can compare the hash of the compiled files from the authoritative source to see if they've been modified / recompiled before uploading to Ventoy's repo.  @arraybolt3 @eickmeyer @cdp1337 @vkc @FritzAdalis @eickmeyer @cdp1337 @vkc That's more or less what I had planned. Reverse engineering tools were what I hoped to use for investigating how things changed from the original source code, if they changed. @arraybolt3 @FritzAdalis @eickmeyer @cdp1337 @vkc Look for strings contained in the blob first—sometimes you can learn a lot that way.  @arraybolt3 @FritzAdalis @eickmeyer @cdp1337 @vkc I don't have time to do this myself, but I'd run all of the binary blobs I might want to compare through ssdeep. That way I would get a quick first feel for which are similar/alike, and which are different, and to what extend. https://ssdeep-project.github.io/ssdeep/index.html Doing something like `vimdiff <(xxd binary1) <(xxd binary2) also helps me for quick checks. https://cutter.re/ is a free gui for reversing. @arraybolt3 @FritzAdalis @eickmeyer @cdp1337 @vkc diffoscope is an excellent tool for analysing differences in binaries. It will dive down i into any format it knows (including ELF) to extract meaningful diffs.  |
Gregory's Server
@eickmeyer @cdp1337 @vkc You may want to read the first post in this thread - Ventoy has suspicious activity surrounding it that have multiple people (some of them notable) concerned as to its safety.
(Part of me is thinking seriously about attempting to crack open some of the binaries in Ventoy and find out what they're hiding, if anything)