Difference between revisions of "Backdoor"
m (some addons) |
(fix grammar) |
||
Line 4: | Line 4: | ||
|constitutes= | |constitutes= | ||
|interests= | |interests= | ||
+ | |description=A covert means of gaining unauthorised and/or unmonitored access to a computing system. | ||
}} | }} | ||
A '''backdoor''' to a computing system is a means intended to provide unauthorised access. It may be derived from a [[zero day]] exploit. The extent to which modern electronic equipment is routinely backdoored is matter of speculation, but there are examples that clearly show that some pieces of hardware are manufactured with backdoors and the intention to keep the vulnerability, even if it is reported a s a bug.<ref>https://www.synacktiv.com/ressources/TCP32764_backdoor_again.pdf saved at [https://web.archive.org/web/20140420023502/http://www.synacktiv.com/ressources/TCP32764_backdoor_again.pdf Archive.org]</ref> | A '''backdoor''' to a computing system is a means intended to provide unauthorised access. It may be derived from a [[zero day]] exploit. The extent to which modern electronic equipment is routinely backdoored is matter of speculation, but there are examples that clearly show that some pieces of hardware are manufactured with backdoors and the intention to keep the vulnerability, even if it is reported a s a bug.<ref>https://www.synacktiv.com/ressources/TCP32764_backdoor_again.pdf saved at [https://web.archive.org/web/20140420023502/http://www.synacktiv.com/ressources/TCP32764_backdoor_again.pdf Archive.org]</ref> | ||
Line 11: | Line 12: | ||
===Intel=== | ===Intel=== | ||
− | Modern chips from [[Intel]] all include the [[Intel Management Engine]] (IME), which is provides an extra feature set. This ''might'' be usable as a low level backdoor. Although the lack public documentation | + | Modern chips from [[Intel]] all include the [[Intel Management Engine]] (IME), which is provides an extra feature set. This ''might'' be usable as a low level backdoor. Although the lack of public documentation hinders its understanding, [[hackers]] have reverse engineered it to some extent. |
==UEFI== | ==UEFI== | ||
− | Computers use an inbuilt low level system to load a full operating system (such as Windows). Previous referred to as [[BIOS]], modern computers use [[UEFI]], which is a not clearly supported by manufacturers and | + | Computers use an inbuilt low level system to load a full operating system (such as Windows). Previous referred to as [[BIOS]], modern computers use [[UEFI]], which is a not clearly supported by manufacturers, may have design flaws and harbour backdoors.{{cn}} |
==Operating system== | ==Operating system== |
Revision as of 14:56, 28 January 2020
Backdoor | |
---|---|
Interest of | Dragos Ruiu |
A covert means of gaining unauthorised and/or unmonitored access to a computing system. |
A backdoor to a computing system is a means intended to provide unauthorised access. It may be derived from a zero day exploit. The extent to which modern electronic equipment is routinely backdoored is matter of speculation, but there are examples that clearly show that some pieces of hardware are manufactured with backdoors and the intention to keep the vulnerability, even if it is reported a s a bug.[1]
Hardware
Although there are countless brands of computers, the differences between them are superficial; almost all modern computing devices rely on CPUs from a very small number of manufacturers. Some design flaws may be deliberate, or after discovery are kept secret for as long as possible.[2]
Intel
Modern chips from Intel all include the Intel Management Engine (IME), which is provides an extra feature set. This might be usable as a low level backdoor. Although the lack of public documentation hinders its understanding, hackers have reverse engineered it to some extent.
UEFI
Computers use an inbuilt low level system to load a full operating system (such as Windows). Previous referred to as BIOS, modern computers use UEFI, which is a not clearly supported by manufacturers, may have design flaws and harbour backdoors.[citation needed]
Operating system
- Full article: Operating system
- Full article: Operating system
Open source operating systems, by definition, allow public access to the source code, which allows for the discovery of backdoors. The most widely used open source operating system is Linux, generally reckoned to be less vulnerable to backdoors than closed source alternatives. Although Microsoft is not known to have made a formal admission, the discovery of a debugging symbol name "_NSAKEY" in Windows 98 is by some interpreted as evidence of an NSA backdoor in that system.
Software
- Full article: Software
- Full article: Software
Some operating systems routinely ship with pre-installed malware and/or manufacturers' software of dubious pedigree. This applies not only to closed source OS, but also Android.[3][4]
Installation
Installation of backdoors is a common payload of malware.
Exodus is piece of spyware that eSurv produced to order for the Italian government. It was revealed to permanently create backdoors, lowering the security of the devices on which it was installed. Since this is illegal under Italian law, once this was publicised, the Italian police began an investigation into eSurv.
References
- ↑ https://www.synacktiv.com/ressources/TCP32764_backdoor_again.pdf saved at Archive.org
- ↑ https://www.theverge.com/2017/9/12/16294904/bluetooth-hack-exploit-android-linux-blueborne saved at Archive.org and Archive.is
- ↑ https://news.drweb.com/show/?lng=en&i=11749&c=5
- ↑ https://www.extremetech.com/mobile/304577-malware-spotted-on-government-subsidized-android-phone