Slashdot Mirror

← Back to Stories (view on slashdot.org)

Do You Write Backdoors?

Posted by Cliff on from the is-'kt'-logged-in? dept.

quaxzarron asks: "I had a recent experience where one of our group of programmers wrote backdoors on some web applications we were developing, so that he could gain access to the main hosting server when the application went live. This got me thinking about how we are dependent on the integrity of the coders for the integrity of our applications. Yet in this case a more than casual glance would allow us to identify potentially malicious code. How does this work when the clients are companies who can't perform such checks - either because they don't know how, or because the code is too large or too complex? How often do companies developing code officially sanction backdoors...even if means calling them 'security features'? How often has the Slashdot crowd put a backdoor in the code they were developing either officially or otherwise? How sustainable is the 'trust' between the developer and the client?"

44 of 791 comments (clear)

  1. microsoft by tmonkey · · Score: 1, Funny

    i believe that our god friend bill had once added a back dor password "netscape users are weenies"

  2. Backdoors by digipak · · Score: 3, Funny

    I've never coded backdoors into any software I've written. I usually don't use them in the future, and if I really need them, I gain access by other means. I can't see a logical reason to add them in, especially if you're job depends on the integrity of your code.

    1. Re:Backdoors by Creedo · · Score: 2, Funny

      I usually don't use them in the future
      And how, exactly, do you know this?

      --
      All that is necessary for the triumph of good is that evil men do nothing.
  3. Microsoft believes in them.. by macshune · · Score: 1, Funny
    Anyone else remember the NSAkey registry entry in Win95?

    1. Re:Microsoft believes in them.. by e2d2 · · Score: 2, Funny

      I don't usually respond to troll acs but I'll bite this time just for "kicks":

      "Literally" is not to be used for emphasis; especially when you're applying it to something you mean figuratively.

      Kind of like: I'd like to figuratively put my foot up your ass?

      If meant it as a jab, a funny, a laugh, a quick haha. I guess you get your kicks in other places. Like in your ass for instance. Oh wait, not actually in your ass. Just figuratively.

  4. of course by kurosawdust · · Score: 5, Funny

    my code is so tight, the front door and backdoor are on the same hinge! hooah!

  5. Backdoors by Anonymous Coward · · Score: 2, Funny

    Only in the BBS Software, did I write backdoors, those kids never registered...had to slap their hands a bit.

  6. Slashdot Has A Backdoor!! by Anonymous Coward · · Score: 2, Funny

    And it lives here!

    This story was just begging for this link!

  7. Given that Slashdot implies "Linux" by Anonymous Coward · · Score: 0, Funny

    I'd say that most slashdotters have "installed" someone's "backdoor" more than a few times.

  8. I'd like to help, but... by Lord_Slepnir · · Score: 3, Funny

    I'd like to post an intelligent responce, but I need more info. Can I have some people send me a list of back doors they've created so that I can investigate further? thanks

    1. Re:I'd like to help, but... by kingkade · · Score: 2, Funny

      run your finger down your back. it's the first hole ya come to.

      --
      why run from Vincenzo?
  9. Jurassic Park by masonbrown · · Score: 2, Funny

    Didn't we learn - if your developer is complaining that he doesn't get paid enough, you'll have dinosaurs eating your customers soon enough?

  10. Re:To do what? by interiot · · Score: 4, Funny
    To do what?

    Haven't you seen Office Space? Most security breaches are by a company's own employees... most money lost illegally is due to the company's own employees. Reasons obviously include at least greed and revenge. And maybe bragging, but only to your girlfriend and the guy on the other side of the wall.

  11. Ha! by praetorian_x · · Score: 2, Funny

    With so many clients deploying on Windows, who needs to waste time putting in a back door?

    Its built right into the OS.

    Cheers,
    prat

  12. Don't call it a backdoor... by djcatnip · · Score: 2, Funny

    Call it an "Administration area"

    --
    I make these: http://beatseqr.com
  13. The Praetorians by version5 · · Score: 3, Funny

    I heard that there's this program called Mozart's Ghost that has a little pi symbol put there by the notorious hacking group, the Praetorians. Anyway, if you click on it while holding down control-shift-back-back-forward-punch, it opens up a backdoor and your screen goes all crazy. I think it let's you hack the gibson or something.

    --

    "It's Dot Com!"

  14. Missing option: by bperkins · · Score: 3, Funny

    Cowboyneal is my backdoor.

    Oh, I'm sorry, I thought this was a poll.

  15. Re:Deadlines by Anonymous Coward · · Score: 1, Funny

    give url and master pw, pls.

    thx

  16. Do I write Backdoors? by Cruciform · · Score: 5, Funny

    Dear Backdoor,

    I'm sorry I haven't written in so long, but you know how busy things get. Maybe it's time for us to move on. I've found this great credit card database that uses default passwords. What can I say, it has so much more to offer.

    Yours truly...

  17. Re:Deadlines by Anonymous Coward · · Score: 5, Funny

    just be careful when the guy you are out drinking with starts leaning forward and discussing "backdoors".

    he may not mean what you think he means ...

  18. Re:Deadlines by motardo · · Score: 5, Funny

    You must work for AOL

  19. Re:the short answer by Anonymous Coward · · Score: 1, Funny

    Then he could hold them ransom for ... one million dollars!!

    [places pinky finger to lips]

  20. Re:Payment Insurance by Xerithane · · Score: 2, Funny

    I know a person who owns his own company and writes code on a for-hire basis. He puts in timed expiration code such that if they don't pay him within 30 days of delivery, his code de-activates.

    My favorite practice is the license keyset approach. After a period of time the code will self-encrypt itself using 2048-bit Blowfish or something, then exit out. You have to have the keyset to decrypt it back out. If they don't pay up, they never get the keyset.

    --
    Dacels Jewelers can't be trusted.
  21. Re:Make sure you get paid. by unicron · · Score: 3, Funny

    I bet he did it with a Hydra..and you just know it has 1024 bit encryption piped through dual ds-3's to a residential address.

    --
    Finally, math books without any of that base 6 crap in them.
  22. Re:Rememeber that movie? by stratjakt · · Score: 2, Funny

    Yeah and there was like a WAR or something because of the GAMES. Then to stop the WAR he had to play GAMES with the computer.

    I think it was called, "The Bus that Couldnt Slow Down".

    --
    I don't need no instructions to know how to rock!!!!
  23. Re:I backdoor all the time.. by sql*kitten · · Score: 3, Funny

    Did you ever think of what would happen if a cracker found out about such a backdoor? Just because you do your best to keep it a secret doesn't mean that crackers can't find out about it.

    Well I don't know about you, but I use the same combination as on my luggage.

  24. Re:Make sure you get paid. by Lan-Z · · Score: 2, Funny

    "But was there a backdoor to the backdoor?"

    I think that was a gay porn title.

  25. code by bluness · · Score: 2, Funny

    my favorite backdoors are not those that are obvious, but those that could be passed for a simple programming error... buffer overflow..etc

  26. Re:Everyone backdoors? by uptownguy · · Score: 2, Funny

    In fact, sociopaths are a minority

    Sort of a tautologous statement, wouldn't you say? I mean, once they are in the majority, then their behavior is called custom right?

    --


    I would have to say that explosives are the most abused technology in all of history.
  27. Re:Make sure you get paid. by pnatural · · Score: 3, Funny

    but how did he pop the firewall?

  28. Re:Deadlines by Blimey85 · · Score: 1, Funny
    they just type in "IAMGOD"

    Damn it!!!! That was my password! I found it first!!!! Now I have to try to think up another one....

    --
    How is it that one careless match can start a forest fire, but it takes a whole box to start a campfire?
  29. We have an easter egg design document by objwiz · · Score: 2, Funny

    I'm not kidding. I work for a major software publisher (who will remain anonymous so that I can keep my job) who as part of our annual design process include a design specification for an easter egg in the product. Even QA spends time testing the easter egg.

  30. Re:Deadlines by fucksl4shd0t · · Score: 4, Funny

    Any method of gaining access that circumnavigates the established security procedures is a back door.

    Hey dude, I thought circumnavigate meant something like circle without penetrating, or something like that. Like, in the seven cities of gold days you would circumnavigate the new world on a couple of trips, go back to spain and get more men and boats and stuff, and then go back to start your exploration of the interior.

    --
    Like what I said? You might like my music
  31. Re:Backdoor? by phildog · · Score: 2, Funny

    didn't Kirk use a sneaky trick like this to get Khan in Star Trek II?

    "Our shields are going down!"

    Kirk: "Fire."

    --
    slashsearch.org - slashdot search. powered by google.
  32. Re:Deadlines by PylonHead · · Score: 2, Funny

    Yea, I realized this with horror just after I hit the post button.

    I knew I could count on some flamage.

    --
    # (/.);;
    - : float -> float -> float =
  33. Re:consequences by GreyLightning · · Score: 2, Funny

    Sounds like they could get their jobs back by negotiating with extreme prejudice.

  34. Why bother? by programmingart · · Score: 1, Funny

    writing a backdoor? Just make sure it runs on MS products. The front door is always open.

  35. The Ultimate Backdoor! by TrailerTrash · · Score: 4, Funny

    We all witnessed Admiral Kirk leveraging the ultimate backdoor in Wrath of Kahn!

    If it's a good enough programming practice for the United Federation of Planets, it's good enough for me.

  36. Re:Deadlines by Ponty · · Score: 2, Funny

    Even Gary Coleman?

  37. Re:Deadlines by Anonymous Coward · · Score: 1, Funny

    ...excep the cat door, which NO ONE can fit through.

    What about cat burglars?

  38. Re:Deadlines by soulsteal · · Score: 4, Funny

    The word he meant to use was "circumvent."

    At least he didn't use "circumcise."

  39. Re:Deadlines by terraformer · · Score: 2, Funny
    Hey dude, I thought circumnavigate meant something like circle without penetrating...

    Yeah, kinda' like the /. crowd...

    --
    Who are you? The new #2 Who is #1? You are #617565. I am not a number, I am a free man! Muhahaha.
  40. Re:Deadlines by Anonymous Coward · · Score: 1, Funny

    just be careful when the guy you are out drinking with starts leaning forward and discussing "backdoors".

    he may not mean what you think he means ...

    You mean this happened to you too?!

  41. Re:Very OT by Iffy+Bonzoolie · · Score: 2, Funny

    You're right, how could I be so ignorant of important PC issues of the day?! You've helped me to decide: I'm leaving computers and the software industry to take up a peaceful life of contemplation. Living off the land, pumping my own water, harvesting crops. I'm obviously a failure as a technologist, so I must find an ecosystem I can truly integrate with.

    -If

    PS: I USE the NET, and pay attention to it all the time, so I don't know what you are implying.

    --
    Run a pencil-and-paper RPG campaign with your far-off friends: Gametable!