Security ?
Les
hlhowell at pacbell.net
Thu Dec 16 10:57:04 UTC 2010
On Thu, 2010-12-16 at 17:21 +0000, JB wrote:
> JB <jb.1234abcd <at> gmail.com> writes:
>
> > ...
>
> We should be careful with judgements about software backdoors and their
> implementers.
>
> They can be life- or cause-saving, literally, in extreme circumstances (when
> much or many depend on ability to communicate with others/outside world).
>
> For that reason, I would expect a gifted dev or "white hat" be able and ready
> to introduce, maintain, and distribute a backdoor very quickly, if a need
> arises.
>
> It is a "Cui bono ?" situation.
> There are "good" and "bad" backdoors and their implementers.
> And so is a "revelation" about them.
>
> JB
>
>
I don't see the message you are responding to, but what do you think
would justify a back door? And are you including administrative
operations a back door? Is it impossible to administer a properly
designed system without a back door?
Some times good intentions and even debugging leads us astray. Code
gets "left behind" that should not, or enabled when it should not, or
even inadvertently promulgated when it should not.
It has been shown that software can be developed and built into a
compiler that will insert a back door into any code compiled by it. The
original intention was debugging, but the technique has other
applications, not all good.
Do you know if your code includes such a back door? How would you
detect it?
Regards,
Les H
More information about the users
mailing list