QOTD on Reverse Engineering

People believe that once you compile human readable 'source' code, that humans can no longer read the resulting binary 'object' code. That is in incorrect. Code can easily be decompiled back to (nearly) the original source. In our (Errata Security) pentests, we regularly find embedded usernames and passwords that nobody believe hackers can read. It usually takes us less than 5 minutes.
Note: emphasis is mine.

No comments: