On Mon, 24 Jun 2013 10:33:21 +0200, Nils wrote in message <[email protected]>:
> Am 24.06.2013 10:17, schrieb Armijn Hemel: > > On 06/24/2013 09:19 AM, Matthias Bock wrote: > >> What do you think, wouldn't that be useful ? > >> ... comments, suggestions, disadvantages, drawbacks etc. ? > > > > Some people use binwalk to discover offsets (and possibly unpack, I > > don't use it), other people use the Binary Analysis Tool ( > > http://www.binaryanalysis.org/ ) for a fully automated scan > > (disclaimer: I wrote it, so I'm biased). > > Uh, your BAT looks awfully cool, wow! > I did not know it (yet) and definitely will give it a try. ..me too. ;o) ..sha256 is the one approved gold standard? In the EU too? Norwegian "law enforcement" _evades_ this very issue whenever I ask. > While on the other hand I have to admit that the cases I currently > dealt with did not need such a tool (yet). > > I most cases the companies / people bringing the device in question > into public are either completely unaware of the issue or try to > silently ignore it. Once they are made aware of it they pretty soon > resolve the issue without the need to fully proof all and everything. ..in my cases they play Kafka games litigating me, and prevail with "Chad's Defense", because I don't have the money to hire lawyers. ..I do have one case going where the merits _may_ be tested, the court all of a sudden wants an oral hearing by video-link. ;o) > But there are surely also cases where the manufacturer simply denies > everything and then it will be super handy to have this tool! > > > You have to keep in mind that automated tooling is just used to > > gather evidence for a *possible* GPL violation. ..in my 2, 3, 4 cases I'm able to prove GPLv2 violations, and Kafka style evasion. > Indeed. > > > armijn > Cheers > nils > > > > -- ..med vennlig hilsen = with Kind Regards from Arnt Karlsen ...with a number of polar bear hunters in his ancestry... Scenarios always come in sets of three: best case, worst case, and just in case.
