This Mac hacker’s code is so good, corporations keep stealing it

Illustration by Alex Castro / The Verge

Patrick Wardle's work has traveled farther than he thought it would.

The founder of the Objective- See Foundation is a former employee of the National Security Agency. A lot of Wardle's software code is now free to download and decompile, and some of it has caught the eye of technology companies that are using it without his permission.

Wardle is going to give a presentation at the Black Hat conference on Thursday. Over the years, code written by Wardle and released as open source has made its way into a number of commercial products without the users crediting him or paying for the work.

It is difficult to prove that the code was stolen rather than implemented in a similar way. He was able to make more progress because of Wardle.

Wardle said that he was able to figure out the code theft because he both wrote tools and reverse engineer software. It could happen to my tools, but other developers might not be able to, which is the concern.

The precarious status of open-source code is underscored by the recent thefts. Open-source developers typically make their work available under specific licensing conditions, but since the code is often already public, there are few protections against unscrupulous developers In one recent example, the Donald Trump-backed Truth Social app allegedly lifted significant portions of code from the open-source Mastodon project.

The software tool that Wardle released in 2016 is one of the main examples in his case. Oversight was developed as a way to monitor whether any macOS applications were covertly accessing the microphone orWebcam, with much success, as a way to find Mac malware that was surveilling users, and as a way to uncover the fact that a legitimate application like Shazam was always listening in.

There wasn't a simple way for a Mac user to confirm which applications were activated when, especially if the applications were designed to run in secret. This challenge was solved by his software using a combination of analysis techniques that were unusual and unique.

He was surprised to see a number of commercial applications incorporating similar application logic in their own products, even down to replicating the same bugs that Wardle had.

Image: Patrick Wardle

Three companies were found to be using techniques from Wardle in their software. None of the offending companies are named in the Black Hat talk as Wardle believes the code theft was the work of an individual employee.

According to Wardle, all three vendors he approached reportedly acknowledged that his code had been used in their products without permission, and all eventually paid him directly or donated money to the Objective- See Foundation.

Wardle wants to help developers and companies protect their interests by bringing attention to code theft. He suggests that anyone writing code should assume it will be stolen and learn how to apply techniques that can help uncover instances where this has happened.

He suggests that corporations teach their employees about the legal frameworks surrounding reverse engineering. He wants them to stop stealing.