Ricardo Narvaja interview
In a previous article we gave a recommendation on where to start looking for information to learn reverse engineering from scratch and in this article we recommend the Ricardo Narvaja website and its courses.
Before entering 2014 and to serve as motivation for some curious soul that falls in this article, I publish the interview I have been able to make to the great Ricardo Narvaja . It has had to be by email, because moving to its location is impossible for me.
I don’t mess with more words and I hope you like it.
Introductory questions, to get to know Ricardo Narvaja a little better.
En mi caso, un día necesitaba un serial para un programa e incié como siempre una búsqueda en Google, después de varios intentos fallidos llegué a su curso, el cual ignoraría por completo en ese momento, pero al cabo de cuatro años volvería a visitarlo ya ponerlo en practica (no completamente por desgracia). Interviewer: In my case, one day I needed a serial for a program and started as always a Google search, after several failed attempts I reached its course, which I would completely ignore at that time, but after four years I would return to visit it and put it into practice (not completely unfortunately). From this I have a series of questions that always go through my head:
What led you to discover reverse engineering?
Well first of all I must say that I am much better interviewed verbally than in written form, those who know me know that I speak a lot and a recorder in front can get me hours of conversation and many anecdotes, which I do not get in the interview written, but hey we have to adapt and that’s why we will try not to be sparing when writing.
I must also clarify that I am very bad remembering exact dates or exact years in which this or that thing happened, so surely you will find the long time ago, or I think it does so much, and well one when you get old Memories have them, but the exact dates are blurred, so I apologize.
Going to the question and doing a little history I was born in 1963 that is to say that I am 50 years old.
When I went to high school, I received an electronics technician, got married and then studied at the engineering faculty of the UBA until the fourth year, unfortunately due to family problems I had to leave without having ever given an exam badly, but well life is like that and I had other satisfactions in compensation.
At the time that in high school I chose the career of electronics technician at that time there were no traces of personal computing or the Internet or anything that currently exists, and when I started in the faculty (by 1983) I still do not know I had developed the personal computer boom, it was something I met later to leave the faculty.
I started with a simple commodore 64 and as most were a fan of the games of the same, and we had the famous datasette to load and play, there I began to buy magazines that brought tricks to get infinite lives and cheats, and it was stinging the Curious about how you could get modifications to the games yourself to be able to have more chances to play them.
At that time there was a cartridge for commodore 64 called The Final Cartridge 3, which was placed in a slot of the commodore and had a button that when playing if you pressed it freezeabas the game or program that was running and entered a cartridge menu that was like an internal machine world, had disassembler, hexadecimal editor, dumpeador, debugger, the best SOFTICE style but instead of being a program it was a cartridge that fulfilled that function and allowed you from the point where you had Once the program has been screened, continue inspecting by tracing and browsing.
With that tool and reading the low-level instructions I found at that time, I began to trace and see how the games worked to make my own cheats, to dumpear, patch and many more things that still remain the basis today because even being another processor different from the current one, the logic remains the same and when one learns to put a hand in one, then the adaptation to another scenario is simple.
Meanwhile, since I was 18, I worked in elevator repair, and when I got home I used the computer for hours and sometimes I didn’t sleep or stayed in bed thinking about the solution of some computer mess.
Over the years I was migrating to the world of PC, and with the first Internet connections, we could read the first cracking tweets of teachers who were very sparing only some lines of text with very little explanation, more than anything for those who They were already in the cracking world.
I am not going to put all the great masters here because we all had the same, but I think that for many of us the Karpoff page was like the reference where you could find the greatest ones and from there I went down tutes and started to put aside the games (nowadays I haven’t played one for years) and start focusing on programs and their protections.
The world of cracking is something exciting is a constant challenge and as there are people who like to solve cross-words, such as a mental challenge, others solve puzzles, others play chess, I was given to try to overcome protections as a challenge and at To achieve it one feels a huge satisfaction really is a difficult pleasure to match for those who are sick of this hehe.
I continued working in elevators and in 2000 I entered a mailing list called CONNECTS of yahoo groups, there someone said they had a program that I needed and if someone could find the crack of it. I replied that it was very easy to do it for yourself that you forget to look for cracks and make them yourself, and I sent a simple tutorial on how to crack it for yourself.
Well that was at that time like an explosion, half of the list was stunned and wanted to know more about the subject, the other half was against it and said that the list was not what we left for and that we did on August 18, 2000 with a partner of CONNECTS we created CRACKSLATINOS in yahoo groups and there were half of the members of CONNECTS who wanted to learn, having promised to send a weekly course on our list, with chapters that would increase from scratch for everyone to learn.
That old course made with SOFTICE because OLLYDBG did not exist yet is still on my website is called OLD COURSE and many people started there, the first years of crackslatins were the so-called golden age, I taught and learned at the same time, I was getting sophisticated in The art of cracking and analysis.
He used a new tool at that time called OLLYDBG that just came out I realized the potential it had, even though it was not perfect, and not having as SOFTICE the possibility of debugging RING 0, I realized that the use of it It was simple, it had a smooth learning curve which made it ideal for newbies, unlike the SOFTICE which was very powerful but since its installation it was complicated and difficult to handle by a newbie.
Of course my CRACKING COURSE FROM ZERO was very criticized by most of the scene and the cracking experts of the moment, everyone was using SOFTICE I was the first one using OLLYDBG and the darts to my course and OLLYDBG himself did not wait.
Like the CRACKING COURSE FROM ZERO I had and still has an appeal that I think is difficult to find in other cracking courses and is that being completely self-taught, I tried not to use difficult words (some I didn’t really know hehe) and put myself in the place of a rookie who was reading it using many images so that they are not lost, unlike the tutes with five lines of text made for a specialist like most of the courses that were at that time that were unintelligible to They weren’t inside the cracking world.
How many years ago did you write the course?
Well, the CRACKING COURSE FROM ZERO was written at the time when Windows XP came out, while the previous old course with SOFTICE had been done in WINDOWS 95, from there you can calculate the age of each hehe.
What motivated you to write this course?
Well, I told you a little earlier, I really liked it so much and I still like the issue of cracking and on the other hand I felt when I entered cracking groups before creating crackslatins, which in most cases the rookie was treated badly as if he didn’t know sin, and as if they had been born knowing, before the questions of a rookie the teasing was the common thing, that’s why thinking of me as an outsider of all that, and not wanting to enter that silly and burlesque little game against the rookie, I thought about creating a space where newbies feel comfortable, where the questions are answered if you see that the person is trying to learn, a different group than what was in vogue at that time that were the closed groups of experts only and I think that crackslatins It was and still is, a place to learn and ask and practice.
Most of us who started the list, even though we were on the list, we no longer write tutes but well we guide the new ones and of course there are new generations of crackslatins that they learned and over time they became teachers and well the generational change exists and passes Even on our list, the new ones most of the times surpassed us, it is the law of life.
Doesn’t it seem surprising that after so many years it cannot be considered outdated and remains the reference material?
The course is and was thought humbly, it is not grandiloquent, and I think it is well done for someone who starts from scratch, its learning curve is smooth, has many images, many people started with it, and then continued to improve, not I can count the number of people who are working in computer science today in very good positions that tell me that they either started with my course or complemented what they taught in the faculty with it and it served them a lot, that makes me very happy also that served me myself and I have been working in computer science for years as an exploit writer, like many of the initial crackslatins, most of them are working in computer science using reversing either in security or antivirus or computer companies in general.
Otherwise, having so many images, the translation of the CRACKING COURSE FROM ZERO to other languages ??was simpler since they make it very clear, there are versions of my course in the rarest languages ??hehe.
It is seen that there was a gap in teaching that cannot be accessed in any faculty and we knew how to fill it with something that was needed, so even though being old it is very useful.
Questions focused on the world of reverse engineering.
Nowadays, with the amount of malware, viruses, etc. that must be analyzed, do you think that reverse engineering has an exit in the working world?
In the security company that I work there are many crackslatins working from exploit writers to testing, I know of many who work in antivirus or security companies in general, I believe that there are not many people who dedicate themselves to this and it is not taught in any faculty for which in spite of being a small labor market, being few those that can carry out the work, it is generally obtained work well paid.
What types of jobs can an expert in reverse engineering opt for?
And the possibilities are many all work that requires analysis and reversing of low level, the work of exploit writer is an example, the analysis and discovery of vulnerabilities, the work with viruses and Trojans, there is a lot of field and few people who do it.
Correct me if I am wrong, but dedicate yourself to reverse engineering in a professional way. Is it one of those professions that you get not when you like something, but when you are passionate about it?
I call it “the disease”, you have to be half sick of computer science to spend hours looking at lines of code, the rest of the company where I work, programmers eg. They go through our posts and see what we do and they tell us that we are crazy that as we can be analyzing for days or weeks low level code, and good for me it is great to reverse and I really do not like to program, hehe, except small tools to help me to reverse, I detest the work payment of programming, I think it is very slave, the times and deadlines etc, in reversing there are no deadlines is much freer, nobody can know how much can take a task, it is difficult to measure and put deadlines, I think we move with more freedom.
My curiosity can and it is inevitable to ask if it is dedicated to reverse engineering professionally.
After the crisis of 2001 here in Argentina I lost my job in elevators and being unemployed several friends of crackslatins (+ NCR) and MR. SICK told me that there was a company that was looking for reversers.
Well there I sent my resume and I was just about to enter it + NCR, I was in the interview stage, and in them he told them that I was out of work and that I had taught him and the rest of the crackslatins and There in CORE I worked and was one of the owners GERA (Gerardo Richarte), an expert in Argentine computer security known worldwide and he had heard of my courses and read them so my name is.
I went to the interview and told him what I knew and said that he had read my courses and that I was going to do well on the exploit topic, I told him that I had never done an exploit, he told me that it was very similar to cracking and reversing that using that and as I already knew how difficult it was to reverse, the rest was a matter of time and there between and here I am today in CORE SECURITY , then from inside I was always asked to bring more people from the list and so after + NCR and I, entered SOLID, MR SICK, DAMIAN, MARCIANO, TENA, MCKSYS etc etc.
Is there a challenge (program, crackme or protection system) that has caused you special satisfaction to overcome?
I was very happy to be the first in the world to overcome the copymem2 protection of armadillo with OLLYDBG, it was said that it was impossible that only with SOFTICE could be overcome and well we looked for the return with hours taken from sleep and the basic technique that occurred to me It is used today for programs with two or more processes where one debuted the other (copymem2).
What do you think of the effectiveness of the software protection systems used today?
Obviously they have improved but they have also improved crackers hehe it is a crazy race, I think that today it is more laborious to beat a protection, but the old methods are still worthwhile and there are new methods that have been discovered that one is adding with the experience.
Have you ever thought about editing a book about reverse engineering? I don’t know if it’s a crazy idea, but I’d love to see my bookshelf with a copy of that book.
Yes, but when we had everything almost done with a computer magazine that published books, those who advertised it said that if they took out that book, they would take away the publicity, because it was illegal, so nothing came out.
Interviewer: The interview ends here.
From Vozidea we thank with all my heart the time and kindness of Ricardo Narvaja for granting this interview. This was the first interview we conducted in Vozidea and perhaps the interviewer (mine) has not been very successful due to lack of experience, but Don Ricardo’s responses have been very interesting.
From Vozidea we send greetings to Ricardo and all the members of the CRACKSLATINOS list, who in our opinion do a work of scientific dissemination in the area of ??computer science of the most interesting that we can find in the network.