For basic tasks involving x86 disassembly of common file types, IDA freeware may offer all the capabilities that you require. In particular, IDA 5.0 was the first version of IDA to incorporate an integrated, graph-based display mode. This feature alone represents a substantial upgrade over the previous version of freeware. It is when you find yourself with a need for some of IDA’s more advanced features that the freeware version begins to come up short. This is particularly true regarding the creation of FLIRT signatures and the creation and use of IDA plug-ins. The FLAIR utilities (see Chapter 12) and the IDA SDK (see Chapter 16) are available only to registered users of commercial versions of IDA, making it difficult for freeware users to take advantage of these capabilities.
If you are interested in FLIRT signatures, note that the freeware version is capable of processing signatures generated by the 4.9 and later versions of the FLAIR utilities (if you can get your hands on these utilities or have some-one generate the signatures for you). The SDK is a somewhat different matter. Even if you manage to locate a copy of version 5.0 of IDA’s SDK, plug-ins compiled with an unmodified version of the 5.0 SDK are not compatible with IDA freeware. This is because the freeware utilizes a completely different method of exporting functions from the core IDA libraries and so requires a different set of import libraries than are included in the SDK in order to link properly. This topic has been discussed for previous freeware versions (specifically IDA 4.9) in various reverse engineering forums.[244] Previous solutions required a modified SDK, which was not easy to come by. At the time of this writing, there is no known publicly available means of compiling plug-ins for IDA 5.0 freeware. Therefore, users hoping to try out various well-known plug-ins (see Chapter 23) may need to contact the authors of those plug-ins to see if they have any means of producing binary versions of their plug-ins that are compatible with IDA freeware.