Security through the backdoor
Author
Nicolai OberthürA backdoor refers to the parts of a computer system that usually enable hidden access to the system or its data without having to use the regular routes. Most backdoors can be found in the software, but some hardware also contain built-in backdoors. The purpose of a backdoor is to gain remote access to a system or to be able to read encrypted data without the system’s regular users knowing about it or being able to defend themselves against it. Accessing the backdoor is not always done with the intention of doing something wrong. Hardcoded master passwords can be used to provide a developer with maintenance access to a system, for example. However, backdoors can also be exploited by intelligence agencies or hackers to gain unauthorised access.
In order to visualise this, let’s imagine the backdoor of a building. As an example, a concert venue has a regular entry in the front for the guests. This is usually manned by security as well as by someone checking tickets. Of course, we wouldn’t expect the musicians to arrive at their own performance through the front door or show a ticket. They’d get access to the venue using their own entrance in the back. However, if anyone else knew where the backdoor was and pretended to be staff by wearing the right clothes, they could also get into the concert through the backdoor without having to spend money on a ticket.
The backdoor described above would be considered a totally legitimate part of the building, ensuring smooth operation and allowing mischievous individuals to take advantage. But there are also cases where a backdoor serves purely malicious purposes, having been integrated into a system after the fact. An example of this would be bank robbers digging a tunnel into the vault of a bank.
Famous backdoors
Computer experts were already discussing the possibility of backdoors (then called trapdoors) at the end of the 1960s. So it’s no surprise that new backdoors have been detected again and again over the years. Here are a few examples:
- In the database system Interbase from the Borland company, a backdoor had been hard coded by the developers. With the username "politically" and password "correct", you could log in via a network connection and gain complete control over the databases.
- Another case involved the Sony BMG label and some 22 million music CDs, which were put into circulation at the end of 2005. To prevent illegal copies of the CDs from being made, one of two hidden programs was installed when a CD was inserted into a computer, modifying the operating system while hiding its existence. Both programs created backdoor vulnerabilities that could be exploited by other malware, and the programs were not easy to uninstall. In fact, one of the programs was installed even when people didn’t agree to the end-user contract; it then sent extensive reports about the users' music habits to Sony BMG. After these backdoor programs became public, Sony BMG released an "uninstaller" for one of the programs. However, this only ensured that the program was no longer hidden; in return, it installed even more hidden software and created new vulnerabilities.
- The WannaCry crypto worm from 2017 used the DoublePulsar backdoor, which had become popular just a short time before, to reproduce itself on other computers in a network.
- Apple is currently planning a nudity filter for its iMessage service. The filter is supposed to protect children and teenagers with Apple family accounts from receiving nude pictures and notify parents when they receive or share such content. Since this overrides the principle of end-to-end encryption of the service, the filter acts by means of a backdoor in iMessages.
- Backdoors are also represented in fiction: for example, there’s a backdoor in the “WOPR” computer in the movie War Games. The protagonists can gain access to the military computer by entering a specific password in the code.
Backdoors and secret services
State intelligence agencies also have a great interest in backdoors in order to use them to gather information covertly. First and foremost, the NSA, the U.S. domestic intelligence agency, is constantly lobbying software manufacturers to build backdoors into their programs or to keep encryption levels low; the NSA then uses them to gain access to otherwise encrypted communications. For example, the Clipper Chip, specially developed by the NSA, was intended to make telephone communications easier to monitor. The chip was designed to be used by telecommunications providers as an encryption device and included a way for the NSA to listen in on encrypted communications.
Similarly, the Dual_EC_DRBG random number generator, in widespread use at the time, contained a way for the NSA to easily predict the random numbers generated and, in turn, break encryption made using that generator.
Data protectionists constantly criticise this policy, as the backdoors known to or generated by the intelligence agencies can also fall into the wrong hands. This was the case with WannaCry, for example. The respective loophole was known to NSA for years before the information was stolen by hackers. So the crisis could easily have been avoided if communication had been open.
How Trojan horses are different
A Trojan horse, also known as a Trojan, is a program that appears to serve a specific purpose on the outside but has a completely different function on the inside. Whether or not the phoney external purpose is carried out or not doesn’t matter when it comes to classifying the program as a Trojan. A Trojan may serve to install a backdoor on the system. A backdoor may also be part of a Trojan and only be effective as long as the Trojan program is running. However, not every Trojan contains a backdoor, and not every backdoor is opened via a Trojan. Therefore, the two terms are not mutually interchangeable.
Protection against backdoors
Unfortunately, protecting yourself effectively against backdoors is not as simple as it might seem since their function primarily lies in the fact that users are unaware of them. Backdoors embedded in distributed software can be difficult to detect. Open-source software can be a good tool for this. The source code is publicly available with open-source software, and anyone with sufficient know-how can verify that the software is free of malware. However, the public availability of the source code does not necessarily ensure that any security loopholes will be detected. Furthermore, it’s not easy to check whether the executable program that you receive from the developers was really created with the available source code. To confirm this, you could compile each piece of software yourself. However, this isn’t very convenient and is not necessarily recommended for non-experts. And even this step can’t provide ultimate protection since it’s theoretically possible for a compilation program itself to be vulnerable and add a backdoor during compilation.
Of course, if you don't want to compile your software yourself, you should make sure you only use software from trusted sources. Other measures include running anti-malware software to detect any known backdoors and using firewalls to prevent unauthorised network access. If you want to play it even safer, you can use special analytics tools to scan all network traffic for suspicious activity.