Slashdot Mirror

← Back to Stories (view on slashdot.org)

Backdoor Account Found On Devices Used By White House, US Military (sec-consult.com)

Posted by timothy on from the nothing-to-worry-about dept.

An anonymous reader writes: A hidden backdoor account was discovered embedded in the firmware of devices deployed at the White House and in various US Military strategic centers, more precisely in AMX conference room equipment. The first account was named Black Widow, and after security researchers reported its presence to AMX, the company's employees simply renamed it to Batman thinking nobody will notice. AMX did remove the backdoor after three months. In its firmware's official release notes, AMX claimed that the two accounts were only used for debugging, just like Fortinet claimed that its FortiOS SSH backdoor was used only internally by a management protocol.

10 of 166 comments (clear)

  1. Just What the Government Wants - Backdoors by BoRegardless · · Score: 5, Insightful

    That way they can monitor EVERYTHING, everywhere, including subversives in the White House that might foil FBI, NSA & CIA operations.

    1. Re: Just What the Government Wants - Backdoors by DoofusOfDeath · · Score: 4, Insightful

      Is it backdoors all the way down?

      No, it would be backdoors all the way back.

      It's trapdoors all the way down.

  2. Distinctions by Bovius · · Score: 5, Insightful

    "AMX claimed that the two accounts were only used for debugging,"

    No, you only use them for debugging.

    Even if we choose to trust that you're not using these accounts for nefarious purposes (which we shouldn't), that's not the point. The point is that they exist at all, and just because you created them doesn't mean someone else cannot use them.

    1. Re:Distinctions by Anonymous Coward · · Score: 5, Insightful

      Locking a couple of executives up for endangering national security might be the single best thing anyone could do to prevent this type of thing in the future.

    2. Re:Distinctions by MrTester · · Score: 3, Insightful

      Yeah, there is absolutely no value in pointing out our failures as a society. We should just accept life as it is and move on.
      White men with power will make certain that women and minorities will never get the vote!

      Drivel indeed.

    3. Re:Distinctions by DarkOx · · Score: 1, Insightful

      Why should somebody in the STATE govenment be locked up?

      Because the liberal biased media, Obama, and the Clinton campaign want to blame those nasty Republicans in the state house for poisoning Flint's poor black population. That is pretty much the reason. Yes the water pipe corrosion happened because the emergency manager a state official made decisions to use a chemically different water source, to save money. That person did this without understanding the potential consequences.

      Quite honestly this is clear argument for the IMPORTANCE of HOME RULE, when you let some big far away central government make decisions about local matters these are types of results you get, no matter what party that far away official belongs too. So really we are left with the question of why did Flint not have home rule on the matter, and the reason for that is because the left leaning local politicians had screwed things up so bad their fellow state citizens were stuck bailing them out! Essentially the people of Flint and their elected officials would have been unable to keep the lights on or the water running left to their own devices due to years of mismanagement. If not for the state government a little lead in the water would be the least of their problems. So I don't feel especially sorry for them. This is ultimately a disaster of their own make.

      --
      Repeal the 17th Amendment TODAY! Also Please Read http://www.gnu.org/philosophy/right-to-read.html
  3. One might hope this illustrates danger of backdoor by DutchUncle · · Score: 5, Insightful

    .... but somehow I doubt that the anti-encryption crowd will get the point. Instead they'll point out how they, as government, are a different category.

  4. Re:Buried by lawsuits by ArchieBunker · · Score: 4, Insightful

    The NSA probably "persuaded" them to install it. The NSA spied on congress and nothing happened. Nobody was fired or went to jail. Spying on the whitehouse isn't that far a stretch.

    --
    Only the State obtains its revenue by coercion. - Murray Rothbard
  5. Re:One might hope this illustrates danger of backd by gstoddart · · Score: 3, Insightful

    No, because the people advocating for backdoors still magically think only they can use the backdoors, and don't understand the reality that a backdoor is open to anybody who knows about it.

    Don't ever expect those people to understand how their wishes diverge from reality.

    --
    Lost at C:>. Found at C.
  6. Re:Not Normally Connected by PPH · · Score: 4, Insightful

    isn't physically connected to the house network.

    Stuxnet. Iranian centrifuges.

    --
    Have gnu, will travel.