struts-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Zahid Rahman <zahidr1...@gmail.com>
Subject Re: Black Box Tesing v White Box Testing
Date Wed, 04 Dec 2019 11:59:20 GMT
I'm not talking of reverse engineering, my point is traceability.

If you can decompile code then if there is a problem then there is a chance
that you can trace it. With .exe or dll you cannot trace the problem.




On Wed, 4 Dec 2019, 11:06 Dave Newton, <davelnewton@gmail.com> wrote:

> On Wed, Dec 4, 2019 at 01:16 Zahid Rahman <zahidr1000@gmail.com> wrote:
>
> > .exe  and  DLLs (C,C++) have unknown internals (AFAIK DLLs can't be
> > decompiled).
>
>
> They're just code like anything else. And I don’t quite understand why
> there’s a distinction made here between reverse engineering an exe and a
> jar.
>
> I also chose Java because one can decompile  classes , so any unknown
> > behaviour can be identified ,
>
>
> Decompiling a jar is a small part of understanding its behavior in a
> system. A variety of mechanisms can alter library behavior during load and
> run time, plus the additional layer of abstraction from the JVM, plus some
> indeterminism depending on what GC and JRE decisions were made.
>
> In any case, unless you’re running on bare metal and assuming we’re
> ignoring cpu unknowns, we’re working in black box environments most of the
> time anyway—it’s just that most of the time we have the luxury of being
> able to ignore this.
>
> --
> em: davelnewton@gmail.com
> mo: 908-380-8699
> tw: @dave_newton <https://twitter.com/dave_newton>
> li: dave-newton <https://www.linkedin.com/in/dave-newton/>
> gh: davelnewton <https://github.com/davelnewton>
> so: Dave Newton <http://stackoverflow.com/users/438992/dave-newton>
> bl[0]: Bucky Bits <http://buckybits.blogspot.com/>
> bl[1]: Maker's End Blog <https://blog.makersend.com>
> sk: davelnewton_skype
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message