A few neophyte reversing questions

4 replies [Last post]
Joined: 2011/01/06

I'm pretty new to reversing software, I followed the neophyte's guide and I've read the recommended book about asm and I'm at about the half way mark in Lena's tutorials and so far it's blowing my mind, I've learned more about computers this past month than I did during the past five years probably and I even made some changes in my life to reflect, so props to SX for taking my technology interest embers and blowing them up into an inferno of curiosity.
Anyways, I've got a few questions:

- Any good books about assembly, something more up to date than Assembly Step by Step (it was great and informative, but now I want more) that any one here could recommend? I ordered Intel's manuals and should have them in a few days as a great resource, but I'm also look for something more along the text-book type of book to get. Also, any trail for me to follow to get to know the WinApi a bit - should I look for books on it or should I start with simple tutorials at first?

- This is more of question about current reversing trends. Most of Lena's tuts focus on ye olde applications from 99-2005 and most of them have a laughable level of protections which could be broken with a few NOPs, JMPs or changing xor al,al into mov al,1, but it's 2011 today and I bet that trends in software protection have somewhat shifted, how does software protection look nowadays?
I'm gonna check this on my own too, but I'm afraid my limited scope of information would cause me to not see certain things or see things which aren't there, so I'd rather ask this someone in the know - is software more protected nowadays than it was 5-6 years ago? Is protection a much more common implementation now? I know that high profit stuff like Windows probably uses pretty decent protection, but can regular shareware programs of today still be cracked using pretty simple methods? How often do you see encryptors and packagers in use? I've noticed that it's much more common now to use phone-home functions (Adobe CS5, MRI) also, is that true?

- I've checked a few forums and other sites and I've noticed that most people still use tools that are now years old, tools like OllyDbg or PEiD and while those tools are still awesome, are there any newer tools that are simply not mentioned in older tutorials? Surely, programmers have caught up to those things and implement anti-debugger functions in the software. I know that reversers are also good programmers so they probably make lots of tools for themselves instead of using ready tools, but I'm still curious.

Also, what do you think about the more and more popular ARM architecture? It's only in use in phones and some tablets, but it's gaining popularity and there are news that they want to migrate ARM to laptops and desktop applications.

Aight, that seems to be all I wanted to ask about.