Security real talk time: So what exactly do we mean by 'backdoor'? If there's one thing we've learned from the Snowden revelations it's that when you're dealing with law enforcement and national security, words matter. Section 215 of the US Patriot Act, for example, noted that the NSA was allowed to seize any "tangible thing" that is "relevant" to an investigation. It decided that definition …
"Undisclosed Actor" = "Bloody hell, the Elbonians found our back door and are using it against us".
And if it isn't the Elbonians, it will be "Multiple criminal gangs" or "Oh noes, someone's added it to the Rootkit Of The Day".
Weaken a door or lock, and EVERYBODY gets to take advantage.
A couple of months back, I posted about the politicos referring to back doors that only they could use. Here's a recap...
They're probably thinking more along the lines of a cat flap, one of the "smart" ones that only allows your own cats to enter and leave at your whim.
But what happens WHEN (not IF) that flap gets busted ? It's going to allow a lot more than their own cats to get in - we're talking about other cats, small dogs, large rats/mice, birds, whatever.
Not to mention thieves who can use that open flap to grab unsecured keys and open the door fully.
My neighbors' cat hadn't been seen for several weeks, but its food dish on the basement stair landing, filled daily, was always empty each morning. The neighbors presumed the cat was coming in and out through the basement door "cat flap". Then one day the neighbor opened the basement door to see a coyote eating out of the cat's food dish. Guess the coyote ate the cat and then moved up the food chain!
A definition - Any software or hardware that allows ANY third party to have access to the system without the permission of the owner is a back door. Back doors are distinct from malware as they are part of the system. The back door may be caused by a programming or design error or introduced deliberately via normal system maintenance/upgrades.
Note: I do not care who the third party is or what their intent is when using the backdoor.
I would say that a backdoor needs to be intentionally created by some party with an interest in subverting normal security or restrictions on accessing or controlling a program or device. Unintentional stuff is "vulnerabilities", and as bad as those are I can understand how they happen. Backdoors are overtly designed to compromise some portion of IT/comms, and on a societal level are far more dangerous/problematic, because they can represent surreptitious efforts to monitor or control supposedly free actors in society, such as individuals or businesses.
Backdoor is a euphemism for a collection of evils intended as shorthand for an informed audience (not lay people). Trying to define it is:
1: Impossible - it is like trying to come up with a universally agreed, legal, and quantifiable definition of "shenanigans"
2: Distracting - once defined (poorly and inconsistently) it becomes a smoke screen for those who will subsequently misapply it (or refute its application) that will cloud public debate
3: Unhelpful - once you start dealing with important issues metaphorically, particularly outside of informed communities, you start to create a separation between the term and the complex situation it represents.
The term for a thing should not be technically complex but neither should it be so abbreviated that its true nature is obscured (or obscurable, by manipulative spin doctors) from the intended audience. For a lay audience (including legislators and public officials) the very least we should EVER say is:
".. a typically deliberate flaw in a system that, when known or discovered by any person, will allow that person to access or control that system as well as the information it contains or has access to .."
Every time. No shorthand. No lingo
"Every time. No shorthand. No lingo" -- AC
Whilst I get the import and largely agree with what you are saying, this is just not practical. Firstly, there's the issue of convenience. You've still got to talk about RAM, SSDs, CPUs etc. without having to spell it out. Secondly, there's the issue of being unable to prescribe, or proscrobe, language. Lay people are going to (continue to) use the term 'backdoor', whether we think they should or not. The best we can do is make sure that they know what it is.
My definition: "An always intentional and typically secret means of bypassing or weakening normal access control mechanisms"
"A backdoor is a component of a security system, in which the component is active on a computer system without consent of the computer's owner, performs functions that subvert purposes disclosed to the computer's owner, and is under the control of an undisclosed actor."
So, does this mean DRM is a back door?
Blu-Ray comes to mind where inserting a media disc can insert or revoke decryption keys or even update the firmware without notification.
How about Amazon or Android where they can remotely remove media or software? [Google "Amazon" and the infamous 1984 incident.]
How about OSX and Windows, I the latest version of both which deleted software when updating to the latest version? [Windows 10, and El Capitan]
How about silent and/or mandatory updates that may not even require a reboot? [OSX, Windows, Android (play services), SIM cards and probably everything else now..]
How about software reporting back the contents of your hard drive? [Windows 95, I'm looking at you..]
How about apps under iOS and Android which get access to TCP/IP and cannot be sandboxed by from the network by design? [Why does a flashlight app on your phone get communication with the Internet whether it needs it or not?]
What exactly counts as a backdoor?
It seems that the one weasel phrase in there is "undisclosed actor".
Does this mean that the manufacturer (or its asignees) are exempt from the label?
Why the bloody hell do we need to define an existing word? Rhetorical, natch: the "need" for definition comes from the need to obfuscate the matter. Obvious for everyone to see.
The backdoor is just that - another point of entrance. And I really don't give a damn whether it is advertised or kept hidden - there shouldn't be any in the first place or if there is, there needs to be a way to keep it shut, just like the main door.
Cheers!
It appears that something significant is overlooked in the heated debates about the backdoor.
The recent models of iPhone and many other smart devices already have an effective backdoor, namely, a fingerprint scanner or a set of camera and software for capturing faces, irises and other body features which are easily collected from the unyielding, sleeping, unconscious and dead people. .
The vendors of those smart devices who are conscious of privacy and security of consumers could tell the consumers not to turn on the biometric functions. The authorities who want these biometric backdoors to be kept open could tell consumers to keep them turned on all the times. And, needless to say, consumers who are concerned about their privacy and security could refrain from activating those backdoors.
There's a limitation to this on the iPhone. If the user hasn't authenticated to Touch ID for 48 hours (not changeable, but hopefully that will become configurable in the future as Apple will likely pay more attention to this) or the phone was just powered up it requires the password, Touch ID will not authenticate you.
So if the cops are coming, power off your phone.
The way the iPhone works today, you can update iOS on a locked phone, by connecting it to iTunes and putting it in DFU mode (sort of a preboot state) That's the "backdoor" that the FBI wants Apple to exploit by creating and installing a hacked version of iOS. DFU mode updates are permitted because it allows recovery from a bad flash.
Apple said last week they were already working on removing that ability (I have to wonder if they started when the FBI first brought up the idea of having Apple developed a hacked version of iOS...) So by the end of this year 80% of iPhones in the world will be immune to what the FBI is asking Apple to do, so precedent won't matter by the time it wends its way through the courts and the Supreme Court decides.
Probably they'll still permit DFU mode updates - either find a way to check the passcode, or rely on iTunes authenticating itself to an iPhone that has been previously connected to it in an unlocked state. Because the FBI decided to try to use the "backdoor" Apple left that allows DFU mode updates for the convenience of its customers, Apple is forced to do extra work to close it off!
The way the iPhone works today, you can update iOS on a locked phone, by connecting it to iTunes and putting it in DFU mode (sort of a preboot state)
But that is intended functionality not a backdoor! What the FBI are wanting to do is to subvert this functionality.
My front door has a letterbox, it is intended to be used for mail and newspapers. However, that doesn't prevent someone from subverting this useful facility and delivering a letter bomb (ie. a moded version of iOS), or attaching a grappling hook and pulling the door off... Neither of these two exploits could reasonably be considered to be 'backdoors'; except, perhaps, in a US court...
Remember a backdoor, is exactly that, it is an entrance that gives full access to a house in exactly the same way as the front door. Whilst Santa might use the chimmey, no normal person would regard this as a backdoor.
"Remember a backdoor, is exactly that, it is an entrance that gives full access to a house in exactly the same way as the front door." -- Roland6
Does the same key open both doors? Or is, as I believe as intended in the metaphor, the security of the backdoor weaker (or even non existent)?
Or is, as I believe as intended in the metaphor, the security of the backdoor weaker (or even non existent)?
The front door is the publicly advertised entrance, which will have whatever level of security deemed appropriate - including none. The back door, whilst it may be known about is typically out-of-sight and require the taking of a different path, with it's obstacles and/or security measures. Additionally, the door itself may be weaker - mine has a panel that can be kicked in - it is intended to assist access in the event of a fire. So yes typically the security of the back door will be weaker than the front door; but given many people's attitude to front door security, this is probably largely irrelevant...
Interestingly, it hasn't occurred to me to have the same key for both doors, I've just gone along with convention and used different locks...
That doesn't mean it isn't a backdoor if it is capable of being used in that way. The distinction is that this is a backdoor available only to Apple. It is interesting to see the evolution of Apple's security mindset with regard to the iPhone over the years.
Stage 1: protect against hackers - this is every company's typical security
Stage 2: protect against the government - Snowden made it clear that tech companies could be coerced with secret laws to reveal information they had, so Apple holding a copy of your iPhone's key (for convenience so they could unlock it for you if you forgot your password) had to be eliminated
Stage 3: protect against themselves - the FBI's "great idea" about forcing Apple to hack the iPhone's security means Apple now has to protect against the possibility it could be coerced not into revealing something they already have, but actively subverting the security they've established
Protecting against the ability to flash firmware in DFU mode by someone other than the authorized user may not be the end of stage 3.
I can never talk about backdoors without thinking of Fear and Loathing in Las Vegas
"A backdoor is a component of a security system, in which the component is active on a computer system without consent of the computer's owner, performs functions that subvert purposes disclosed to the computer's owner, and is under the control of an undisclosed actor."
This is a terrible definition; all the stuff about who knows / authorises what is irrelevant and quite obviously only there to support the FBI's current position with Apple.
A backdoor is simply 'another way in', nothing more, nothing less.
The implications are more complex; primarily that it bypasses / circumvents the 'usual' authentication / security mechanisms in some way...
If you're going for precision rather than elegance it's hard to avoid a little clunkiness. I think the definition was deliberately legalistic.
He in the icon (being the party of the third part, notwithstanding) agrees with me completely, categorically and in totality, m'lud -->
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
