Home Business IT Security Security backdoors extremely prevalent

Security backdoors extremely prevalent

According to Wikipedia a backdoor (or cryptosystem or algorithm) is a method of bypassing normal authentication, securing illegal local or remote access to a computer or network device while attempting to remain undetected. The backdoor may take the form an installed program (e.g., Back Orifice) or may subvert the system through a rootkit - or the manufacturer could have built in a hard coded user login and password to satisfy its own, or national security agency needs.

A traditional backdoor allows anyone with the key to use it but newer asymmetric versions can only be used by the author (or IP address) regardless of how public the key may have become.

Various governments for example have accused Chinese owned Huawei of modifying its compiler to automatically include a backdoor on the various network and communications systems it sells but I stress that paranoia runs high and this has never been proven.

We even heard the outlandish claim this week that outsourcing programing to India for example will ensure that your finished programs have a backdoor that allows unauthorised access by unnamed parties.

Paranoia rose to extreme levels in May 2012 when Cambridge University Quo Vadis Labs revealed that a microchip used by the US military and manufactured in China (as so much IT stuff is) contained a secret backdoor. The backdoor was later claimed to be a debugging tool used by the manufacturer.

Later however two UK researchers found a hardware backdoor in Military grade chips, specifically Actel/Microsemi ProASIC3. See article here. This is apparently the first real hard evidence of backdoors built into silicone chips.

With the internet of everything paranoia is again on the rise with claims that manufacturers are placing backdoors in all internet connected devices – routers, TVs, fridges and storage units that can be activated by ’the military’ or some corrupt foreign government and take over our lives.

That’s not as funny as it seems – for some time the rumour mills have been saying that Chinese made Wi-Fi chips have had a backdoor to do just this. I hasten to add that nothing has been proven but all these components must be validated before they get anywhere near ‘military-grade’ use.

Chinese owned TP-Link, well known for home and small business routers and network equipment has been accused by Security experts in Poland of having “a treacherous asymmetric backdoor in various router models made by TP-Link. When a specially crafted URL is called, the router will respond by downloading and executing a file from the accessing computer”, reports Michał Sajdak from Securitum. The advisory states that at least the TL-WDR4300 and TL-WR743ND models are affected however the features in question exist on other models as well. TP-Link denied it was anything more than a testing mechanism.

Late last year Barracuda Networks Inc., maker of firewalls and spam filters was exposed as having secret backdoor remote access. The boxes were configured to listen for SSH connections from a range of IP addresses, many of them not belonging to Barracuda. Subsequent investigation showed that the backdoor had been in place since 2003 (when the company was founded) and the inference was that Barracuda was unaware of how it got into their systems. As far as I am aware Barracuda (which operates in Australia) has remedied the issue.

Now we get to the crux – the US Government wants backdoor access to all communications (read networks) under a proposal to expand the reach of the Communications Assistance for Law Enforcement Act (CALEA). If passed it would force all providers to provide backdoors to government agencies after obtaining court approval. Such backdoors must also counter any attempt to use encryption i.e. expose the plain text or unaltered data stream.

An unnamed IBM researcher told Black Hat conference attendees that "These openings can still expose information about us to hackers and allow them to 'watch' our Internet activity. Backdoors are implemented in routers and switches so law enforcement officials can track the Internet communications and activity of an individual or individuals under surveillance. They are required by law to be incorporated in devices manufactured by networking companies and sold to ISPs" he said

Several sources stated that the NSA has had a  security backdoor in Windows since 1999 (see one article here) and later Linux (and Apache Internet server) and OS X and despite denials by Apple about PRISM cooperation these are reputed to exist in iOS as well. I can see a great new Anti-Backdoor industry rising up from the Anti-virus providers.

We are now hearing about a vast array of other devices – medical, nuclear power stations and more industrial systems all with backdoors. (See article here)

I am going to stop now – I could go on and list backdoors found in home routers including Linksys, Asus, Belkin, Netgear, Billion and dozens of other high end commercial routers but I think you get the point. The moment you connect to the internet someone is watching.

I just ask you to take notice of all the media talk about PRISM and realise that it’s been happening for some time and we need to be aware of the issues.


Did you know: Key business communication services may not work on the NBN?

Would your office survive without a phone, fax or email?

Avoid disruption and despair for your business.

Learn the NBN tricks and traps with your FREE 10-page NBN Business Survival Guide

The NBN Business Survival Guide answers your key questions:

· When can I get NBN?
· Will my business phones work?
· Will fax & EFTPOS be affected?
· How much will NBN cost?
· When should I start preparing?


Ray Shaw

joomla stats

Ray Shaw ray@im.com.au  has a passion for IT ever since building his first computer in 1980. He is a qualified journalist, hosted a consumer IT based radio program on ABC radio for 10 years, has developed world leading software for the events industry and is smart enough to no longer own a retail computer store!