Windows

Open Source Back Doors


This blog is brought to you by conspiracy theorists across the globe.

That being said...

I read a post recently on the Fedora Core mailing list about a rumor of a back door in all of Microsoft's products from Windows 95 to the present that allowed NSA in via a back door. The mailing list entry reads:

"A CARELESS mistake by Microsoft programmers has revealed that special access codes prepared by the US National Security Agency have been secretly built into Windows. The NSA access system is built into every version of the Windows operating system now in use, except early releases of Windows 95 (and its predecessors). The discovery comes close on the heels of the revelations earlier this year that another US software giant, Lotus, had built an NSA "help information" [local] trapdoor into its Notes system, and that security functions on other software systems had been deliberately crippled.

The first discovery of the new NSA access system was made two years ago by British researcher Dr Nicko van Someren. But it was only a few weeks ago when a second researcher rediscovered the access system. With it, he found the evidence linking it to NSA.

Computer security specialists have been aware for two years that unusual features are contained inside a standard Windows software "driver" used for security and encryption functions. The driver, called ADVAPI.DLL,.........snip" 

Here's a LINK to the full article that was published in 2002.

Now that's old news of course. But is it relevant? Think about it...with the way world politics are moving, digital rights arguments all over the place, security threats across the globe - it's not far a leap to make. Could the world's governments actually have access to anyone's computers? In theory - yes. Especially if there are "special back doors" created by the software makers that allow them just that.

But there is one piece of good news. The open source community - specifically those that develop SELinux - would never allow this to happen. Or so we are told. But it should be said that NSA has a hand in the development of SELinux. NSA designed and implemented flexible mandatory access controls in the major subsystems of the Linux kernel and implemented the new operating system components provided by the Flask architecture, namely the security server and the access vector cache. The NSA researchers reworked the LSM-based SELinux for inclusion in Linux 2.6, and continue to maintain the 2.6-based SELinux. So, should they choose, they probably could insert some back door into the code and bury it deep enough that no one, not even Linus himself, would see it.

My point is this: the rumor has been circulating for a long time. After existing long enough a rumor does one of two things: is proven true or becomes urban myth. For the most part this rumor has fallen into the latter category simply because their has not been nearly enough proof of its existence.  But the proof is in the pudding that Microsoft has closed the public's eye to. We can't see their code. We'll never see their code. There's no way for the public to be able to examine, first hand, that which is rumored to exist.

On the other hand, anyone can grab the code for SELinux (don't believe, go HERE, and grab it) and dig as deeply as they want. If a back door exists, and your persistent enough, you'll find one.

We live in a very different world than we did in 2002. Spying on individuals is becoming more the norm than ever. And the possibility of their being back doors in software gives me even more reason to not want to use proprietary software. I feel much safer knowing that, should I choose, I can open up the code I use and peek around to see if there's anything suspect. Does that mean I might find something? Probably not (I stopped coding a long time ago). But it's reassuring to know that at least with Linux I can do that.

Windows? Not so much. 

About

Jack Wallen is an award-winning writer for TechRepublic and Linux.com. He’s an avid promoter of open source and the voice of The Android Expert. For more news about Jack Wallen, visit his website getjackd.net.

31 comments
dawgit
dawgit

Yup, I sure do. :p Now is somebody going to tell me that one of the most un-secure OS's is asisted in being so by the folks who are supposed to be the security 'experts'. And since the US Government is one of the biggest clients of MS, with Windows all over the world, is securly un-secured due to 'their' not-so-secret back-door? Are they then spending all their time snooping in their own back-doors? (sounds kind of kinky to me) And now, those same people are building little back-doors in OS's that are not under anybodys control? Did I hear that right? Next is hidden cameras in the Porta-Potties, those are just soooo un-secure. You just never know what goes on in those things. Oh- the terror.!. I bet they have one in Uncle Jonnys Out-house already. I've got a little more tin foil if anyone else needs a safe hat. ;\ -d

CharlieSpencer
CharlieSpencer

I'd be more concerned if this was the only hole in Window security, and if the Feds were the only ones trying to get into my computer. I'm not going to worry about an unconfirmed threat that may or may not misuse my data when there's plenty of confirmed threats with proven malicious intent. Besides, if the Feds had entire agencies trying to determine Iraq's WMD capabilites and couldn't get it right, what makes anybody think they can data mine all the Windows computers in a capable fashion?

TechExec2
TechExec2

I don't know what you people are worried about. Our President has assured us that "...The privacy of ordinary Americans is fiercely protected in all our activities..." and "...the government is not mining or trolling through the personal lives of millions of innocent Americans...". Bush says U.S. not 'trolling through personal lives' http://www.cnn.com/2006/POLITICS/05/11/nsa.phonerecords/index.html

jmgarvin
jmgarvin

Because there are enough geeks that are worried about just such a thing things like SELinux are scrutinized carefully and we can actually KNOW if there is a back door. The difference is that with closed source software, you don't know if there is a backdoor until it is used. With open source, you can not only look at the code, but see exactly how the code works (gdb is your best friend)

jainvikassoho
jainvikassoho

It seems that whole world is Against Microsoft. But I feel Mr. Gates want such theories to be floated and who knows its done by them. This ensures that Microsoft remains in media and give illusion that poor company having so many enemies all want to pull this giant down. Also a human nature is to be soft against a person who has so many allegations. So Is Microsoft banking on Sympathetic Votes? might be true or false but Microsoft do it Always Consistently. See all the articles for Vista. All on same track

plumley
plumley

Microsoft lobbied hard for the DMCA to get laws against 'reverse engineering'. Not because their code was so good that everybody copied it, but to keep the numerous flaws from becoming public knowledge. Well, we see how well that worked out. 1 - 'We are from the Federal government, and are here to help you.' 2 - Microsoft IS trusted computing. 3 - 'Ignore the man behind the curtain'. I always like number 3, at least you know it is a flim-flam operation.

Geoffrey.Gerlach
Geoffrey.Gerlach

If this were true, would not the hackers of th world already found out, and be visiting my pc on a nightly basis? I mean, there have to be 50 or a 100 times as many hackers out there banging away, as there are NSA specialists doing the same thing. Certainly they would have succeeded by now, or has Microsoft hidden it so well that only the NSA can find it? PUULLLLLEEEEEEZZZZZE!!!!!

apotheon
apotheon

It's not just the NSA. It's entirely possible that the NSA may have mandated backdoors installed in software like MS Windows, but there are two reasons I don't even bother worrying about that if/when I need to use Windows (a distinct rarity these days -- only for Guild Wars and City of Heroes in the last year or so): 1. Telling anyone that the gub'mint has had backdoors installed in MS Windows just makes me sound like a conspiracy theorist that people will ignore (to say nothing of the fact that I'm not 100% positive the NSA is doing so). 2. There are other intentional, built-in security issues to worry about first. If the Sony rootkit fiasco didn't teach you to distrust proprietary software, you're not paying attention (or you didn't need teaching because you already knew). The MS Windows EULAs after Win2k SP2 all specifically allow for Microsoft to include any damned spying, external access, and remote system control capability that MS decides the market will bear, and exempts MS from having to tell you about it. The question is not whether there are backdoors in your MS Windows software, but whether the specific backdoors built into it are going to bite you in particular on the arse.

w2ktechman
w2ktechman

but I am sure they have GG, shellbot, and steffi wired already. secret pay-per-view sesions available only to spooks and the like.

Absolutely
Absolutely

If the NSA is watching that closely, why aren't they catching all the kiddie porn bot-net software when it's deployed?

Kyser Soze
Kyser Soze

Paranoids, that is. When the goverment first start weaving the strips into money as an anti-counterfeiting device, I knew a fellow who pulled them out of every bill because he was convienced it was a government conspiricy to track his money. He wasn't doing anything illeagal, he just did not want anyone know how much money he had. If anyone wants to be throughly bored, track my personal life.

Tony Hopkinson
Tony Hopkinson

is surprise? I think not! If the software design showed the the same focus as the advertising campaign there would be a lot less to complain about. One wonders if the development is being rescued by marketing, or more likely in my experience, they are struggling for resources to make what's being sold. :D Vista in my opinion is all over the place just like every other MS OS. Add some pretty stuff, open hole, fill hole, adjust prettyness, make another hole, fill hole ....

apotheon
apotheon

I'm not terribly surprised, though, since Microsoft Windows is pretty thoroughly lacking in options in that area. It's entirely possible for a secure "back door" to be designed into a piece of software. All it requires is something like a secure, encrypted database containing access data for "hidden" user accounts, an encrypted connection protocol similar to SSH, and the ability to update access codes automatically like Windows Update in case of a leak. I'm not saying the NSA has done it -- just that it wouldn't be all that difficult if the NSA and Microsoft worked together on it.

Your Mom 2.0
Your Mom 2.0

Even if hackers weren't able to find and use these backdoors, don't you think that the info would leak from either someone at the NSA or even Microsoft? Of course, it could be possible that these backdoors exist but most of us aren't even blips on the radar screen to these guys. There are roughly 80 million PCs running Windows, so someone would have to have a good reason to go to the trouble to track down a specific host and hack into it. Most home users' PCs wouldn't be worth all the effort. But there again, the "black helicopter" guys would say that it does happen but the gov't keeps the public in the dark. Who really knows? The Bush Administration has destroyed most of the trust I had in the government, so nothing really surprises me any more.

rap3
rap3

Codex pitched DIRT to the NSA and other Gov't agencies back in the last century. CALEA currently requires gov't accessible surveillance capabilities in all switching equipment - SS7, DMS100, cisco routers and switches, broadband aggregation boxes, etc. http://www.fcc.gov/calea/ http://cryptome.quintessenz.org/mirror/dirt-guide.htm Looks as if Big Bro's incompetence is the last remaining defence for our privacy.

SysAdminII
SysAdminII

Correct me if I am wrong, but I thought this is what WWII was over (getting rid of the gastopo). It appears that it lives on through the infamous Microsoft Software as well as other facets. Guess I wouldnt expect anything less since the CIA and NSA have been sleeping with the telecommunications industry for years now.

Your Mom 2.0
Your Mom 2.0

Previously I stated there are 80 million PCs runnning Windows. Actually, I found a site that shows that 239 million PCs were sold worldwide in 2006. So the total number of Windows PCs is probably much greater than even that figure if you add all of the existing PCs prior to 2006...

metilley
metilley

This doesn't surprise me and I doubt any of this is "conspiracy theory". With this illegal administration ANY thing is possible. What does surprise me is the need for the NSA (or any govt agency) to need a "back door" for access. Have you seen the so-called "wizards" that work for the govt and have you seen what salaries they offer? They are pathetic. They are not getting quality professionals at those wages. Maybe idiots to enter data off of punch cards... And please don't mention Microsoft "carelessly leaving back doors" in their code. I doubt very much if these entrance ways were "carelessly" left. They were deliberately put there! If you want secure apps and secure software, you'd better do it yourself. Remember the X-Files credo: "Trust No One".

godzillex
godzillex

Even if a successful line-by-line analysis of the Linux source code revealed that there were no back doors, a malicious compiler can easily add the backdoor access to any source code it compiles -- every time, without you ever knowing about it. Unless you design and develop your own software (and hardware) you're taking chances.

bmoler@aldenbank.com
bmoler@aldenbank.com

Maybe that's the price Microsoft paid to remain a monopoly by the government suit a few years ago.

Absolutely
Absolutely

We would be wise to expect that, other things being equal, the possibility of peer review will improve the quality and integrity of work in other endeavors, including software. You're right, "It's so obvious, it's almost a tautology." But it's also worth repeating, so I did.

godzillex
godzillex

But before giving up so soon, perhaps Apotheon should have re-read my previous responses more carefully to see what they had to say about the merits, AND the potential vulnerabilities of the open source. Perhaps it is I who should call it a day. I suppose if the legendary Ken Thompson could not convince Apotheon of the "absurdity" of his position, there is no way that I, or anyone else for that matter, ever could.

apotheon
apotheon

I, for one, have given up trying to explain to godzillex that before the scrutiny of many eyes, all bugs are shallow. Godzillex seems to think there are five people in the world who are really world-class hackers, and they're all working for proprietary software vendors doing stuff that prevents them from helping out on the open source front. Yeah, I'm done trying to explain the absurdity of that.

godzillex
godzillex

Unlike most of the Unix derivatives, the majority of the open source software do NOT have the benefit of the "several hand-full" of experts dedicated to checking their code. A secure chain is only as strong as its weakest link; which in this case means that there is potentially nothing preventing a back door hack, similar to the one outlined by Ken Thompson, from happening to the rest of the open source software. There is a potential, and it has been proven in real life to happen (see below). Also, the fact that a back door has to be directly related to the Linux kernal itself is completely irrelevant. Any software has potential to create holes in the security of the system. As for Ken Thompson, he not only described his famous hack, but also implemented it in real life: "In his Turing award lecture, Reflections On Trusting Trust, Ken Thompson described a hack that he placed into early UNIX systems: the C compiler would insert a back door whenever it compiled the login program, allowing Ken Thompson to access any UNIX system." -- source: http://tinyurl.com/3592q3 As for the hex editors, decompilers, and C interpreters: They are all good suggestions, but really suited only for a postmortem investigation. Generally, the user has no way of knowing that a compiler is the source of his system's vulnerability (how would he?). In real life, there is nearly a zero chance of someone using a hex editor to actively look for a back door in the compiler (of all things), especially when he is not even suspecting a foul play. As I have stated earlier, open source software is still the better choice when it comes to security -- just so long as we don't get too cozy about it.

Tony Hopkinson
Tony Hopkinson

as malware that reinstalls itself. ie not at all once you are looking for it.

apotheon
apotheon

"[i]Yes, as far as the security is concerned, open source software is FAR better than any proprietary code; but that was not the point I was addressing. Even in an open source environment the threat of a back door exist. Many of us are under a false sense of security thinking that if the code is open source, then another expert has taken their valuable time to examine and put their stamp of approval on it.[/i]" You're right -- there are no absolutes in security. I spoke of relative security expectations and characteristics in practice. I never said that open source software was necessarily immune to security issues, whether such issues are intentional or not. All else being equal, the popularity of an open source application is at minimum directly proportional to the reasonable expectation of secure code. The more people use, and thus devote time to working on, a given piece of open source software, the more security review it receives. Ultimately, this means that in the case of the most popular open source software projects, you are almost guaranteed that there are not any intentional "back doors" hidden in the code. For something less popular, the chances of something like that being able to slip by are slightly increased by virtue of the fact that there are fewer people checking out the source code for purposes of improving, or perhaps just understanding, it. "[i]How many of us have the TIME, RESOURCES, and more importantly, the EXPERTISE to pour over an open source compiler and look for malicious code? If the answer is "not many", then consider the difficulty of examining the source code for an entire operating system -- it's mind boggling.[/i]" . . . and yet, the submissions and testing process for source code submission and inclusion in projects such as the Linux kernel project are designed specifically to ensure that malicious code doesn't get into the main codebase. There are people for whom the Linux kernel is literally a (more than) full-time job. You don't need the dilettantes among us poring over the gnarly depths of the Linux kernel source in great detail, with a fine-toothed comb, to ensure that all the code has been seen: you only need the dilettantes to help catch the occasional bit that might have escaped the notice of the people who spend forty or more hours a week doing just that. "[i]There may only be a handful of people who are even qualified for maintaining the open source code for an OS, and even then, each one of them is usually assigned to a particular section of the code which he/she has the expertise to deal with.[/i]" There are far more of them than a mere handful. There are several hands-full just in the Linux kernel project. There are more in the FreeBSD, NetBSD, OpenBSD, and Plan9 projects, as well. A great many people qualified to write and maintain kernel code don't even work on kernels -- they spend their time working on device drivers, applications, security software, embedded systems, and so on. Not everyone that is qualified makes kernel hacking a personal priority, and yet there are quite enough of them that do make kernel hacking a personal priority so that we don't have to worry about whether there are enough qualified developers working on the kernels of the major open source operating systems. "[i]Ken Thompson's 1983 Turing Award lecture to the ACM revealed the existence of a back door in early Unix versions that may have qualified as the most fiendishly clever security hack of all time. The C compiler contained code that would recognise when the 'login' command was being recompiled and insert some code recognizing a password chosen by Thompson, giving him entry to the system whether or not an account had been created for him.[/i]" Incorrect. Ken Thompson did not reveal an extant "back door". He revealed the potential for such a beast. That is all. He proved it was possible to achieve that "undetectable back door". There is no evidence to suggest that it actually exists, anywhere, via any compilers. Further, it's not undetectable. It can be detected by way of hex editors and decompilers. Additionally, it's possible to write a compiler using an interpreted language, such that the compiler can clearly not possibly contain such problematic functionality where it is unviewable to the casual observer because the source code of the compiler itself need never be compiled. Perl is a language that allows bit-twiddling of the sort that would make it possible to write an interpreted C compiler. Finally, if you discovered such a problem with a hex editor or decompiler, you could solve the problem by simply compiling a new copy of your compiler via an interpreted compiler so that you can be sure that the new compiler is not tainted. None of this has proven necessary, however, as such a "back door" is not, in practice, evident. The theory of such a supposedly undetectable "back door" is a sound one, assuming certain things about the behavior of programmers and the limitations of their tools. Such assumptions would, in practice, likely prove unrealistic. As such, the chances of something like that slipping by the community at large for more than a year or two at most would be vanishingly, infinitesimally, small. Meanwhile, a proprietary compiler with the full weight of government enforcement of the DMCA backing up prohibitions against reverse engineering could very well have such a "back door" written into it, and such a "back door" could survive for twenty years or more without even the software vendor itself being aware it exists, thanks to the limitations of the closed source software development model. So, again . . . sure, security issues are still possible, and even extant, in open source software. You're still far less vulnerable to malicious code in your open source software than in your closed source proprietary software. As I said, it's almost a tautology. None of that is a detraction of Ken Thompson's particular genius, however. He made a very good point. The fact he did so just proves that open source hackers like him are going to figure out the potential problems more often, more readily, and more quickly than the malicious bastards against whom we must arm ourselves. I'm happy to have them on "my side", working on open source software and ensuring its safety for people like me who at present do not possess quite the same level of programming mastery.

godzillex
godzillex

Yes, as far as the security is concerned, open source software is FAR better than any proprietary code; but that was not the point I was addressing. Even in an open source environment the threat of a back door exist. Many of us are under a false sense of security in thinking that if the code is open source, then another "expert" has already taken their valuable time to examine it, and put their stamp of approval on it. How many of us have the TIME, RESOURCES, and more importantly, the EXPERTISE to pour over an open source compiler and look for malicious code? If the answer is "not many", then consider the difficulty of examining the source code for an entire operating system -- it's mind boggling. There may only be a handful of people who are even qualified to maintain the open source code for an OS; and even then, each one of them is assigned to a particular section of the code that he has the expertise for. It's not that difficult to think of the reasons as to why an individual *could* add a back door to the OS. I will leave you with the following excerpt to drive my point: Ken Thompson's 1983 Turing Award lecture to the ACM revealed the existence of a back door in early Unix versions that may have qualified as the most fiendishly clever security hack of all time. The C compiler contained code that would recognise when the "login" command was being recompiled and insert some code recognizing a password chosen by Thompson, giving him entry to the system whether or not an account had been created for him. Normally such a back door could be removed by removing it from the source code for the compiler and recompiling the compiler. But to recompile the compiler, you have to *use* the compiler - so Thompson also arranged that the compiler would *recognise when it was compiling a version of itself*, and insert into the recompiled compiler the code to insert into the recompiled "login" the code to allow Thompson entry - and, of course, the code to recognise itself and do the whole thing again the next time around! And having done this once, he was then able to recompile the compiler from the original sources; the hack perpetuated itself invisibly, leaving the back door in place and active but with no trace in the sources. Here is the link: http://www.cacs.louisiana.edu/~mgr/404/burks/foldoc/81/9.htm Good day.

apotheon
apotheon

The more transparent the development process, the more likely community peer review is to find problems that make software untrustworthy. This gives open source software a distinct advantage over closed source proprietary software. It's so obvious, it's almost a tautology.

Tony Hopkinson
Tony Hopkinson

I know the NSA can't get on my PC. They would have stuck me on a carribean island for being unamerican. I use windows so there's nothing on my PC, I'm bothered about somebody getting hold of. First rule for keeping a secret don't tell anyone, including your PC.

Editor's Picks