No Next Item No Next Conference Can't Favor Can't Forget Item List Conference Home Entrance    Help
View Responses


Grex Systems Item 122: Backdoor or No Backdoor? [linked]
Entered by bellstar on Thu Dec 23 18:38:40 UTC 2010:

> OpenBSD code audit uncovers bugs, but no evidence of backdoor
> 
> OpenBSD project leader Theo de Raadt disclosed an e-mail earlier this
> month in which former NETSEC CTO Gregory Perry claimed that his company
> was paid by the FBI to plant a "backdoor" in the OpenBSD IPSEC stack.
> The allegations led to a thorough code review and historical analysis of
> the relevant code.
> 
> [...]

-- http://is.gd/jjOZB
-- (redirects to Ars Technica)

I particularly liked this comment:

> If I put my tin foil hat on I'd say the source code could look 100% clean
> if the project's compiler/linker has something nasty to add.

In the light of this:

> Historically, back doors have often lurked in systems longer than anyone
> expected or planned, and a few have become widely known. Ken Thompson's
> 1983 Turing Award lecture to the ACM admitted the existence of a back
> door in early Unix versions that may have qualified as the most
> fiendishly clever security hack of all time. In this scheme, the C
> compiler contained code that would recognize when the login command was
> being recompiled and insert some code recognizing a password chosen by
> Thompson, giving him entry to the system whether or not an account had
> been created for him.
> 
> Normally such a back door could be removed by removing it from the
> source code for the compiler and recompiling the compiler. But to
> recompile the compiler, you have to use the compiler . so Thompson also
> arranged that the compiler would recognize when it was compiling a
> version of itself, and insert into the recompiled compiler the code to
> insert into the recompiled login the code to allow Thompson entry . and,
> of course, the code to recognize itself and do the whole thing again the
> next time around! And having done this once, he was then able to
> recompile the compiler from the original sources; the hack perpetuated
> itself invisibly, leaving the back door in place and active but with no
> trace in the sources.
> 
> The Turing lecture that reported this truly moby hack was later
> published as "Reflections on Trusting Trust", Communications of the ACM
> 27, 8 (August 1984), pp. 761--763 (text available at
> http://www.acm.org/classics/). Ken Thompson has since confirmed that
> this hack was implemented and that the Trojan Horse code did appear in
> the login binary of a Unix Support group machine. Ken says the crocked
> compiler was never distributed. Your editor has heard two separate
> reports that suggest that the crocked login did make it out of Bell
> Labs, notably to BBN, and that it enabled at least one late-night login
> across the network by someone using the login name "kt".

-- Jargon File, 'back door'
-- http://ftp.sunet.se/jargon/html/B/back-door.html

13 responses total.



#1 of 13 by keesan on Thu Dec 23 18:47:40 2010:

Shouldn't this be in a computer conference not agora?


#2 of 13 by nharmon on Thu Dec 23 18:59:16 2010:

It is.


#3 of 13 by bellstar on Thu Dec 23 19:09:56 2010:

Re #1:

> Computers:
>   amiga           - Commodore Amiga and its descendants
>   graphics        - Hardware, software, and techniques - learn, teach, [...]
>   hardware        - Nuts & Bolts
>   internet        - Navigating the information highway
>   systems         - Operating systems and programming of all kinds
>   micros          - Microcomputers of all types
>   web             - web page authoring, HTML

That was made before the intertubez became a superhighway and then transcended
that. Regardless, thanks to nharmon (?):

> 121  28 Fav editors
>    <item is linked>
> 122   2 Backdoor or No Backdoor?
>    <item is linked>

Also, I bet the "[very] general public" of Grex wouldn't regard this in
distaste.


#4 of 13 by jvmv on Fri Dec 24 01:16:54 2010:

Hahahh... Brown-Nose got burned really bad!


#5 of 13 by jgelinas on Sat Dec 25 01:05:31 2010:

Given the perennial discussion of which OS to use, Agora is a good place
for this to show up. :)

Almost as good as coop.


#6 of 13 by tsty on Sat Dec 25 20:45:55 2010:

  
re 0 ... umm, waht was the date/time stamp on that clip? it makds a differenc
  


#7 of 13 by bellstar on Sun Dec 26 19:19:30 2010:

Originally, it was December 22, I seem to remember.


#8 of 13 by tsty on Sun Dec 26 19:43:05 2010:

  
 1823 ? 
  


#9 of 13 by bellstar on Mon Dec 27 17:48:50 2010:

0xDEADBEEF

I have no idea what you're talking about. I imagined you asked the original
date of the Ars Techinca article linked to on #0.


#10 of 13 by tsty on Mon Dec 27 18:39:04 2010:

  
yes, i did .. and one owuuld presume that a year would bve included. ???
  


#11 of 13 by bellstar on Mon Dec 27 19:03:21 2010:

One would think that you'd infer the year quite easily. Alas, one would be
wrong.


#12 of 13 by madmike on Sun Jan 16 01:46:02 2011:

good article - after that... not so much :\


#13 of 13 by butiki on Thu Aug 31 20:33:56 2017:

Response not possible - You must register and login before posting.

No Next Item No Next Conference Can't Favor Can't Forget Item List Conference Home Entrance    Help

- Backtalk version 1.3.30 - Copyright 1996-2006, Jan Wolter and Steve Weiss