HP and backdoor hacking

Date: December 22, 2007
Source: itbusinessedge.com


Kelly Jackson Higgins posted an interesting and unsettling story at Dark Reading that focuses on back doors which, as the name implies, are programs that provide easy or special access into software products. There are legitimate reasons for backdoors, such as shortcuts for testing. There also are a good number of malicious uses.

The story defines three types of backdoors: Special credential backdoors are hard-coded passwords or keys that provide immediate access; hidden functionality backdoors let a hacker issue commands automatically; and rootkit backdoors hide activity from system administrators.

Though the story is, for the most part, frightening, it is predicated on a bit of good news: Veracode has added features to its SecurityReview application scanning service that Higgins says can detect “some of these backdoor programs.” This, we guess, is somewhat reassuring.
Original article

---

Add comment  Email to a Friend