FACTOID # 22: South Dakota has the highest employment ratio in America, but the lowest median earnings of full-time male employees.
 
 Home   Encyclopedia   Statistics   States A-Z   Flags   Maps   FAQ   About 
 
WHAT'S NEW
RELATED ARTICLES
People who viewed "Backdoor" also viewed:
 

SEARCH ALL

FACTS & STATISTICS    Advanced view

Search encyclopedia, statistics and forums:

 

 

(* = Graphable)

 

 


Encyclopedia > Backdoor

A backdoor in a computer system (or cryptosystem or algorithm) is a method of bypassing normal authentication or securing remote access to a computer, while attempting to remain hidden from casual inspection. The backdoor may take the form of an installed program (e.g., Back Orifice), or could be a modification to a legitimate program. A BlueGene supercomputer cabinet. ... A cryptosystem (or cryptographic system) is the package of all procedures, protocols, cryptographic algorithms and instructions used for encoding and decoding messages using cryptography. ... In mathematics, computing, linguistics, and related disciplines, an algorithm is a procedure (a finite set of well-defined instructions) for accomplishing some task which, given an initial state, will terminate in a defined end-state. ... Authentication (Greek: αυθεντικός = real or genuine, from authentes = author ) is the act of establishing or confirming something (or someone) as authentic, that is, that claims made by or about the thing are true. ... Back Orifice (often shortened to BO) is a controversial computer program designed for remote system administration. ...

Contents

Overview

The threat of backdoors was when multiuser and networked operating systems became widely adopted. Petersen and Turn discussed computer subversion in a paper published in the proceedings of the 1967 AFIPS Conference.[1] They noted a class of active infiltration attacks that use "trapdoor" entry points into the system to bypass security facilities and permit direct access to data. The use of the word trapdoor here clearly coincides with more recent definitions of a backdoor. However, since the advent of public key cryptography the term trapdoor has acquired a different meaning. More generally, such security breaches were discussed at length in a RAND Corporation task force report published under ARPA sponsorship by J.P. Anderson and D.J. Edwards in 1970.[2] Look up trapdoor in Wiktionary, the free dictionary. ... Public key cryptography is a form of cryptography which generally allows users to communicate securely without having prior access to a shared secret key, by using a pair of cryptographic keys, designated as public key and private key, which are related mathematically. ... Alternate meanings: See RAND (disambiguation) The RAND Corporation is an American think tank first formed to offer research and analysis to the U.S. military. ... The acronym ARPA has several meanings: It is the former abbreviation of a U.S. military organization now known as the Defense Advanced Research Projects Agency (DARPA). ...


A backdoor in a login system might take the form of a hard coded user and password combination which gives access to the system. A famous example of this sort of backdoor was as a plot device in the 1983 film WarGames, in which the architect of the "WOPR" computer system had inserted a hardcoded password (his dead son's name) which gave the user access to the system, and to undocumented parts of the system (in particular, a video game–like simulation mode). Hard-code or hard coding refers to the software development practice of embedding data directly into the source code of a program or other executable object, instead of obtaining that data from external sources such as a configurations file or command-line parameters. ... // February 11 - The Rolling Stones concert film Lets Spend the Night Together opens in New York North Americas Star Wars Episode VI: Return of the Jedi Tootsie Trading Places, starring Dan Aykroyd and Eddie Murphy WarGames, starring Matthew Broderick and Ally Sheedy Superman III Flashdance Staying Alive Octopussy Mr. ... This article is about the 1983 US movie. ...


An attempt to plant a backdoor in the Linux kernel, exposed in November 2003, showed how subtle such a code change can be.[3] In this case a two-line change appeared to be a typographical error, but actually gave the caller to the sys_wait4 function root access to the system.[4] The Linux kernel is a Unix-like operating system kernel. ... 2003 (MMIII) was a common year starting on Wednesday of the Gregorian calendar. ... On many computer operating systems, superuser is the term used for the special user account that is controlled by the system administrator. ...


Although the number of backdoors in systems using proprietary software (that is, software whose source code is not readily available for inspection) is not widely credited, they are nevertheless periodically (and frequently) exposed. Programmers have even succeeded in secretly installing large amounts of benign code as Easter eggs in programs, although such cases may involve official forbearance, if not actual permission. Proprietary software is software with restrictions on using, copying and modifying as enforced by the proprietor. ... Source code (commonly just source or code) is any series of statements written in some human-readable computer programming language. ... The first easter egg For the decorated eggs given out to celebrate the Easter holiday, see Easter egg. ...


It is also possible to create a backdoor without modifying the source code of a program, or even modifying it after compilation. This can be done by rewriting the compiler so that it recognizes code during compilation that triggers inclusion of a backdoor in the compiled output. When the compromised compiler finds such code, it compiles it as normal, but also inserts a backdoor (perhaps a password recognition routine). So, when the user provides that input, he gains access to some (likely undocumented) aspect of program operation. This attack was first outlined by Ken Thompson in his famous paper Reflections on Trusting Trust (see below). This article is about the computing term. ... Ken Thompson Kenneth Thompson (born February 4, 1943) is a pioneer of computer science notable for his contributions to the development of the C programming language and the UNIX operating system. ...


Many computer worms, such as Sobig and Mydoom, install a backdoor on the affected computer (generally a PC on broadband running insecure versions of Microsoft Windows and Microsoft Outlook). Such backdoors appear to be installed so that spammers can send junk e-mail from the infected machines. Others, such as the Sony/BMG rootkit distributed silently on millions of music CDs through late 2005, are intended as DRM measures — and, in that case, as data gathering agents, since both surreptitious programs they installed routinely contacted central servers. A computer worm is a self-replicating computer program. ... The Sobig Worm was a computer worm that infected millions of Internet-connected, Microsoft Windows computers in August 2003. ... Mydoom, also known as Novarg, Mimail. ... This article or section does not cite its references or sources. ... Broadband in telecommunications is a term which refers to a signaling method which includes or handles a relatively wide range of frequencies which may be divided into channels or frequency bins. ... Microsoft Windows is the name of several families of proprietary software operating systems by Microsoft. ... Microsoft Outlook or Outlook (full name Microsoft Office Outlook since Outlook 2003) is a personal information manager from Microsoft, and is part of the Microsoft Office suite. ... E-mail spam is a subset of spam that involves sending nearly identical messages to numerous recipients by e-mail. ... Electronic mail, abbreviated e-mail or email, is a method of composing, sending, and receiving messages over electronic communication systems. ... Sony BMG Music Entertainment is the result of a 50/50 joint venture between Sony Music Entertainment (part of Sony) and BMG Entertainment (part of Bertelsmann) completed on August 5, 2004. ... Digital Rights Management (generally abbreviated to DRM) is an umbrella term that refers to any of several technologies used by publishers or copyright owners to control access to and usage of digital data or hardware, and to restrictions associated with a specific instance of a digital work or device. ... In computer science, a software agent is an abstraction, a logical model that describes software that acts for a user or other program in a relationship of agency. ...


A traditional backdoor is a symmetric backdoor: anyone that finds the backdoor can in turn use it. The notion of an asymmetric backdoor was introduced by Adam Young and Moti Yung in the Proceedings of Advances in Cryptology: Crypto '96. An asymmetric backdoor can only be used by the attacker who plants it, even if the full implementation of the backdoor becomes public (e.g., via publishing, being discovered and disclosed by reverse engineering, etc.). Also, it is computationally intractable to detect the presence of an asymmetric backdoor under black-box queries. This class of attacks have been termed kleptography; they can be carried out in software, hardware (for example, smartcards), or a combination of the two. The theory of asymmetric backdoors is part of a larger field now called cryptovirology. Reverse engineering (RE) is the process of taking something (a device, an electrical component, a software program, etc. ... The introduction to this article provides insufficient context for those unfamiliar with the subject matter. ... A smart card, or integrated circuit(s) card (ICC), is defined as any integrated circuitry embedded into a flat, plastic body. ... Cryptovirology is a field that studies how to use cryptography to design powerful malicious software. ...


There exists an experimental asymmetric backdoor in RSA key generation. This OpenSSL RSA backdoor was designed by Young and Yung, utilizes a twisted pair of elliptic curves, and has been made available.


The classic "Trusting Trust" backdoor problem

Ken Thompson's Reflections on Trusting Trust[5] was the first major paper to describe black box backdoor issues, and points out that trust is relative. It described a very clever backdoor mechanism based upon the fact that people only review source (human-written) code, and not compiled machine code. A program called a compiler is used to create the second from the first, and the compiler is usually trusted to do an honest job. Machine code or machine language is a system of instructions and data directly understandable by a computers central processing unit. ... This article is about the computing term. ...


Thompson's paper described a modified version of the Unix C compiler that would: Filiation of Unix and Unix-like systems Unix (officially trademarked as UNIX®) is a computer operating system originally developed in the 1960s and 1970s by a group of AT&T employees at Bell Labs including Ken Thompson, Dennis Ritchie and Douglas McIlroy. ... C is a general-purpose, procedural, imperative computer programming language developed in 1972 by Dennis Ritchie at the Bell Telephone Laboratories for use with the Unix operating system. ...

  • Put an invisible backdoor in the Unix login command when compiled, and as a twist
  • Also add this feature undetectably to future compiler versions upon their compilation as well.

Because the compiler itself was a compiled program, users would be extremely unlikely to notice the machine code instructions that performed these tasks. (Because of the second task, the compiler's source code would appear "clean".) What's worse, in Thompson's proof of concept implementation, the subverted compiler also subverted the analysis program (the disassembler), so that anyone who examined the binaries in the usual way would not actually see the real code that was running, but something else instead. This version was never released into the wild. It was released to a sibling Bell Labs organization as a test case; they never found the attack.[citation needed] A login (also log in, log on, signon, sign on) is the process of accessing a computer system by identification of the user in order to obtain credentials to permit access. ... A proof of concept is a short and/or incomplete realization of a certain method or idea(s) to demonstrate its feasibility. ... It has been suggested that this article or section be merged with Disassembly. ... Bell Laboratories (also known as Bell Labs and formerly known as AT&T Bell Laboratories and Bell Telephone Laboratories) was the main research and development arm of the United States Bell System. ...


In theory, once a system has been compromised with a back door or Trojan horse, such as the Trusting Trust compiler, there is no way for the "rightful" user to regain control of the system. However, several practical weaknesses in the Trusting Trust scheme have been suggested. (For example, a sufficiently motivated user could painstakingly review the machine code of the untrusted compiler before using it. As mentioned above, there are ways to counter this attack, such as subverting the disassembler; but there are ways to counter that defense, too, such as removing the hard disk and physically examining the program's binary disk image — security is always a metaphorical arms race.) In the context of computer software, a Trojan horse is a program that contains or installs a malicious program (sometimes called the payload or trojan). The term is derived from the classical myth of the Trojan Horse. ... Typical hard drives of the mid-1990s. ... The term arms race in its original usage describes a competition between two or more parties for military supremacy. ...


Backdoors in the media

  • The popular movie WarGames is about a teenage hacker who discovers a backdoor inserted in the Department of Defense's computer system by the system's designer
  • The Keymaker in the Matrix Trilogy was a program used to create keys to the various backdoors of the Matrix.
  • Part of the plot of the Dan Brown novel Digital Fortress involves an attempt by the NSA to place a backdoor in an apparently unbreakable piece of encryption software; this theme may have been inspired by the real-life Clipper chip.
  • In the Battlestar Galactica miniseries, a Cylon agent states that she programmed backdoors into widely implemented military software to shut down human defenses and allow nuclear bombardment.

This article is about the 1983 US movie. ... The United States Department of Defense, abbreviated DoD or DOD and sometimes called the Defense Department, is a civilian Cabinet organization of the United States government. ... List of artificial characters in The Matrix series of films. ... The Matrix series consists of the films The Matrix, The Matrix Reloaded, and The Matrix Revolutions, all written and directed by the Wachowski brothers. ... Dan Brown (born June 22, 1964) is an American author of thriller fiction, best known for the controversial 2003 bestselling novel, The Da Vinci Code. ... Digital Fortress is a novel by American author Dan Brown and published in 1998 by St. ... NSA can stand for: National Security Agency of the USA The British Librarys National Sound Archive This page concerning a three-letter acronym or abbreviation is a disambiguation page — a navigational aid which lists other pages that might otherwise share the same title. ... The Clipper chip is a chipset that was developed and promoted by the U.S. Government as an encryption device to be adopted by telecommunications companies for voice transmission. ... Battlestar Galactica is a three-hour miniseries written and produced by Ronald D. Moore and directed by Michael Rymer. ... Old Cylon Centurion shown in a museum display in the 2003 Battlestar Galactica miniseries The Cylons are a fictional race of bio-mechanical beings appearing in the re-imagined Battlestar Galactica television series. ...

References

  1. ^ H.E. Petersen, R. Turn. "System Implications of Information Privacy". Proceedings of the AFIPS Spring Joint Computer Conference, vol. 30, pages 291–300. AFIPS Press: 1967.
  2. ^ Security Controls for Computer Systems, Technical Report R-609, WH Ware, ed, Feb 1970, RAND Corp.
  3. ^ Linux-Kernel Archive: Re: BK2CVS problem
  4. ^ Thwarted Linux backdoor hints at smarter hacks; Kevin Poulsen; SecurityFocus, 6 November 2003.
  5. ^ Reflections on Trusting Trust

Alternate meanings: See RAND (disambiguation) The RAND Corporation is an American think tank first formed to offer research and analysis to the U.S. military. ... November 6 is the 310th day of the year (311th in leap years) in the Gregorian calendar, with 55 days remaining. ... 2003 (MMIII) was a common year starting on Wednesday of the Gregorian calendar. ...

External links

  • Backdoors removal — List of backdoors and their removal instructions.
  • FAQ Farm's Backdoors FAQ: wiki question and answer forum

  Results from FactBites:
 
Backdoor - Wikipedia, the free encyclopedia (1016 words)
A backdoor in a computer system (or cryptosystem or algorithm) is a method of bypassing normal authentication or securing remote access to a computer, while attempting to remain hidden from casual inspection.
The notion of an asymmetric backdoor was introduced by A. Young and M. Yung in the proceedings of Advances in Cryptology---Crypto '96.
The theory of asymmetric backdoors are part of a greater field known as cryptovirology.
Backdoor (disambiguation) - Wikipedia, the free encyclopedia (252 words)
In computing, a backdoor is a hidden method for bypassing normal authentication systems.
In serialized fiction, a backdoor is a writing technique in which the writer provides a possible solution to reverse any potentially unpopular decision that's currently being done (such as killing off a popular recurring character).
In Jazz Music Theory, a Backdoor Progression is a characteristic harmonic device found in many Jazz Standards.
  More results at FactBites »

 
 

COMMENTARY     


Share your thoughts, questions and commentary here
Your name
Your comments

Want to know more?
Search encyclopedia, statistics and forums:

 


Press Releases |  Feeds | Contact
The Wikipedia article included on this page is licensed under the GFDL.
Images may be subject to relevant owners' copyright.
All other elements are (c) copyright NationMaster.com 2003-5. All Rights Reserved.
Usage implies agreement with terms, 1022, m