On the Legitimacy of Obfuscated Code
Chris Wysopal has written an article about different uses of obfuscation inside of executables. Malicious or not, it is a useful tool for hiding or at least raising the bar on reverse engineering effort required. It's a good article and I recommend you read it. It did get me to thinking about a couple of things in reverse engineering.
One thing that Chris mentions is that users should be able to decide whether or not they want obfuscated code on their system. In many ways this is similar to the open vs. closed source debate. I have long argued that having the assembly for a program is equivalent to having the source code for a skilled reverse engineer. Looking at enough assembly and work with different compiler variations and one can work out what the original code looked like.
Regarding the question about whether obfuscation is a bad thing, Rolf Rolles recently commented that Bitdefender decided wholesale that the VMProtect packer is malware and anything obfuscated with it should be removed. Now the Bitdefender developers are smart guys, and maybe they decided that any legitimate software has no need to use this. Other anti-virus software takes a similar tactic. During the Race To Zero contest at Defcon last year, the winning team noticed that removing all the imports from an executable caused multiple AV vendors to automatically flag an executable as being suspicious.
The choice about the legitimacy of packers and obfuscation has already been made for us by the AV community: It's bad. This may be narrow sighted but hey, that's what the industry is all about.