A backdoor is a method of accessing a computer system undetected that bypasses the usual authentication techniques. It can be used for illegitimate access or to save time for legitimate access. Backdoors can be: 1) present in a computer system to begin with, either intentionally or unintentionally; 2) created through installation of specific software; or 3) created by modifying programs already present on a machine.
The most famous example of a backdoor is BackOrifice, a program sent as a harmless-looking email attachment by an intruder. When opened by the user, the attachment installs a small server program on the user’s computer. Once installed, the server program connects with the intruder, who can then control the user’s computer remotely (from another location). The program installs itself without any user intervention and hides itself from unsuspecting users. BackOrifice has potentially legitimate uses as a remote administration tool, but has been mostly used maliciously, and is therefore identified as malware by most anti-virus software and other programs providing protection from malware.
Programmers have advanced backdoor programs so they are able to send out information about a user's system to an intended destination. In this regard they are similar to spyware/malware, which also collect a user’s information. The key difference is that spyware/malware does not provide intruders with a method of getting into the system, or controlling the system, whereas backdoor programs do.
Computer worms can frequently carry programs that may modify existing programs to create a backdoor and can potentially be used to compromise a system.
Malicious organizations or individuals are not the only creators of backdoor programs. In 2005 Sony/BMG came under criticism when it was discovered that their audio CDs, when played on Windows systems, installed a rootkit that collects and transmits information about users’ habits and activities. Although this program was not used for malicious activities, it certainly had that potential.
It is easy to assume that backdoors are illegal. Backdoor programs, however, often provide architects or administrators of a large system quick access to it in case something does go wrong. This saves a lot of time, since the backdoor bypasses the time-consuming checks that are in place. Thus backdoors also sometimes have legitimate uses. The U.S. government considered inserting backdoors in all encryption products in the wake of the 9/11 attacks so that they could easily access all communication. For this reason, backdoors are not classified as illegal, but are frowned upon by some software engineering practitioners.
References
- Backdoor FAQ
(WikiAnswers)
Links
- BackOrifice
- Sony, Rootkits and Digital Rights Management Gone Too Far (Mark Russinovich's technical blog)
- Senator Backs Off Back Doors (Wired)
Print view
Email to a friend
Submit to Reddit
Save to del.icio.us
Submit to Digg.com
Stumble It!