By Richard Baguley, 14 July 1999 00:01
COMMENT Last Saturday, a new piece of software was unveiled before an eager audience. In a hotel in Las Vegas, the programmers got up on stage and demonstrated their new product to an audience itching to get their hands on it. Questions were asked, and members of the press rushed from the room to quickly file stories when the launch was over. It sounds like any ordinary software launch, but this one was a bit different: the organisation behind the software is the hacker group, the Cult of the Dead Cow (cDc), and the product is called Back Orifice 2000. It could be one of the best things that has happened to Internet and network security for a long time. In case you aren't familiar with it, Back Orifice is a program that allows a computer to be controlled over the Internet. cDc describes it as a "remote administration system", but that's only the tip of the iceberg. When the server is installed on a PC, it can be remotely controlled, including the ability to create and delete files, run programs, alter the registry and even open and close the door of the CD-ROM drive. In the wrong hands, it could be used to cause mayhem, as it allows the remote user to do pretty much whatever they want with the machine. There's even a program available which will 'wrap' Back Orifice in a legitimate program, and running it will install the server. The new version will run on Windows NT as well as Windows 98, and will also use strong encryption to mask its network traffic. Not surprisingly, the previous version of Back Orifice caused something of a stir when it was launched. System administrators were concerned that the program could be used as a back door into their networks, and the media quickly picked up and hyped the story, claiming it could cause chaos. Personally, I think the launch of this new program is a good thing. The reason for this is the way that cDc have launched Back Orifice. Instead of sneaking it out or just releasing it to a select group of hackers, cDc have made a big thing of it, going to some pains to tell the world about why they have written and released this program. For the new version, they have even decided to release the source code (under the GNU license), so you can download the code and see how it works. The reason they have done this is simple: they think Windows is insecure, and they that this is the best way to prove their claims. As Dildog (the cDc member who wrote Back Orifice 2000) said: "Now that we've enhanced the Windows administration experience, we hope Microsoft will do its best to ensure its operating systems are robust enough to handle the control we've given to them." Some people argue that making this sort of program freely available encourages hacking, but I think that this is getting hold of the wrong end of the stick. Back Orifice isn't the only program of its type, but it is definitely the best known, and this notoriety encourages people to think harder about security. Anybody who has seen Back Orifice in action will think a lot harder before running programs that they've been sent, and this is precisely the sort of thinking that helps security systems work. Although the security (or lack of it) in Windows is a hotly-debated matter, what the availability of software like Back Orifice allows people to do is understand and demonstrate how easy it can be to gain illicit access to systems like Windows. Instead of just ignoring it, it encourages people to think about computer security, which benefits us all. In the end, these people that the IT community so often regards as outsiders and criminals help us all become more secure...
In order to post a comment you need to be registered and logged in.
Log in or create your silicon.com account below