X

Google denies disassembling Vista software

Search giant says it didn't use reverse-engineering method to bring a security feature to its browser on Windows XP. But it defends disassembly as an aid for software compatibility.

Stephen Shankland Former Principal Writer
Stephen Shankland worked at CNET from 1998 to 2024 and wrote about processors, digital photography, AI, quantum computing, computer science, materials science, supercomputers, drones, browsers, 3D printing, USB, and new computing technology in general. He has a soft spot in his heart for standards groups and I/O interfaces. His first big scoop was about radioactive cat poop.
Expertise Processors, semiconductors, web browsers, quantum computing, supercomputers, AI, 3D printing, drones, computer science, physics, programming, materials science, USB, UWB, Android, digital photography, science. Credentials
  • Shankland covered the tech industry for more than 25 years and was a science writer for five years before that. He has deep expertise in microprocessors, digital photography, computer hardware and software, internet standards, web technology, and more.
See full bio
Stephen Shankland
2 min read

The source code underlying Google's Chrome Web browser suggests that Google used a reverse-engineering technique called disassembly to figure out how to employ a useful Windows Vista security feature, but the company said it didn't, in fact, do so.

The Chrome source code said a particular security feature available on Vista, Data Execution Prevention, can be used on Windows XP SP2 and Windows Server 2003 SP1, though it's not documented for the older operating systems. The source code also said the feature can be understood with a disassembler, a method of reverse-engineering that deconstructs a binary file--such as Windows--into instructions more easily understood by a human.

An explanatory comment in the Chrome source code mentions use of a disassembler to figure out the security feature. "Completely undocumented from Microsoft. You can find this information by disassembling Vista's SP1 kernel32.dll with your favorite disassembler," the comment says.

But Google itself didn't take that route. "We did not disassemble this code," the company said in a statement. "The source code indicates that the technique came from http://www.uninformed.org/?v=2&a=4. Please also note that...disassembling is just one of several methods one can use to find this information."

Software companies trying to protect their proprietary software often aren't fans of disassemblers. For example, Vista's End-User License Agreement (PDF) states, "You may not...reverse-engineer, decompile, or disassemble the software, except and only to the extent that applicable law expressly permits, despite this limitation."

Google stuck up for the practice, though. "Disassembling is a common and accepted practice in software development, frequently used to make sure software features are compatible with other software programs or operating systems," the company said.

Regarding the Data Execution Prevention interface, the Chrome source code says, "Try documented ways first. Only available on Vista SP1 and Windows 2008." The method described at Uninformed comes in a later section, labeled thus: "Go in darker areas. Only available on Windows XP SP2 and Windows Server 2003 SP1."