Electronic surveillance

NSA Releases Security Research Tool But Can You Trust It?

In recent years it has become almost commonplace for leaked National Security Agency (NSA) hacking tools to hit the headlines thanks to being used in attacks such as WannaCry, NotPetya and even the Democratic National Committee (DNC) email breach during Hilary Clinton's U.S. election campaign. But now the NSA has released an open-source, reverse-engineering, hacking tool, called Ghidra into the public domain itself. The question is, would you trust a security tool developed by spooks?

What is it for?

Perhaps it would be better to first explain what it isn't for, and that's hacking into stuff. Well, if that 'stuff' is hardware at any rate. This is a reverse-engineering platform so instead it allows security researchers and malware analysts to hack into the code behind the nasty software stuff. Think of it as a magic window into the binary world of software, all the zeros and ones, that translates that installed and compiled code into something that reveals exactly what the software actually does. As Lily Hay Newman, writing for Wired, puts it, security researchers using this tool to investigate malware can "understand how it works, what its capabilities are, and who wrote it or where it came from."