People seem to equate reverse engineering with decompiling. Those are not the same.
To me, reverse engineering is attempting to answer Why a piece of code does something. While just reading code attempts to answer What the code does. You attempt to reconstruct the decisions that lead to the current behaviour of the software.
Even if you do have the source code, and can easily answer What the code does, you may still not know why.
For example: why did the Lemmy devs disable captchas in server version 0.18.0? It is easy to see in the code that they did, but if they left no documentation, it is hard to know why. And without knowing why, you cannot fix any problem they had with it.
Unfortunately, most why-questions are a lot harder to answer than that one. Mostly because the Lemmy devs are decent at commucation.
Reverse engineering is more about understanding how a piece of software does something so you can better work with it, or make your own version of it. Typically requires a lot of time studying it, and usually goes hand in hand with decompiling. But decompiled source isnt the cleanest and doesn’t give you the exact same code the devs have. It only gives you the low level order of operations.
Most of the time, knowing why requires understanding all the code from an architecture perspective, which typically requires being part of the internal decision making. You won’t get that unless you have the actual source code with good comments and documentation. All of which would be stripped out during compilation.
Whenever I reverse engineer something at work is because it is usually a super old 3rd party software that’s out of support, and I need to see how it’s performing some task. I’m never able to get the context of why they do it a certain way but I do get the how of it
While you are correct, I would note that OP didn’t ask “What is reverse engineering?”, they asked “How do you reverse engineer software?”. That typically always starts with decompiling in some form. You’re right that it’s not the whole picture, but I would say “Decompiling and studying binaries” would be a satisfactory ELI5 answer to OPs question.
People seem to equate reverse engineering with decompiling. Those are not the same.
To me, reverse engineering is attempting to answer Why a piece of code does something. While just reading code attempts to answer What the code does. You attempt to reconstruct the decisions that lead to the current behaviour of the software.
Even if you do have the source code, and can easily answer What the code does, you may still not know why.
For example: why did the Lemmy devs disable captchas in server version 0.18.0? It is easy to see in the code that they did, but if they left no documentation, it is hard to know why. And without knowing why, you cannot fix any problem they had with it. Unfortunately, most why-questions are a lot harder to answer than that one. Mostly because the Lemmy devs are decent at commucation.
Reverse engineering is more about understanding how a piece of software does something so you can better work with it, or make your own version of it. Typically requires a lot of time studying it, and usually goes hand in hand with decompiling. But decompiled source isnt the cleanest and doesn’t give you the exact same code the devs have. It only gives you the low level order of operations.
Most of the time, knowing why requires understanding all the code from an architecture perspective, which typically requires being part of the internal decision making. You won’t get that unless you have the actual source code with good comments and documentation. All of which would be stripped out during compilation.
Whenever I reverse engineer something at work is because it is usually a super old 3rd party software that’s out of support, and I need to see how it’s performing some task. I’m never able to get the context of why they do it a certain way but I do get the how of it
While you are correct, I would note that OP didn’t ask “What is reverse engineering?”, they asked “How do you reverse engineer software?”. That typically always starts with decompiling in some form. You’re right that it’s not the whole picture, but I would say “Decompiling and studying binaries” would be a satisfactory ELI5 answer to OPs question.