, SecurityFocus 2003-11-06
Software developers on Wednesday detected and thwarted a hacker's scheme to submerge a slick backdoor in the next version of the Linux kernel, but security experts say the abortive caper proves that extremely subtle source code tampering is more than just the stuff of paranoid speculation.
Expand all |
Post comment
Thwarted Linux backdoor hints at smarter hacks
2003-11-09
Anonymous (4 replies)
Anonymous (4 replies)
Thwarted Linux backdoor hints at smarter hacks
2003-11-11
Cid Skid the Former Script K1d (3 replies)
Cid Skid the Former Script K1d (3 replies)
1. Better check all that code that runs with escalated privileges. (UNIX setuid programs, login programs etc, programs for Windows that bump privileges).
2. This classic C error is caught by static checkers like lint.
3. In Peter van der Linden's "Expert C Programming" he describes how the system programmers at SunSoft had a big "lint" party when they inherited the SVR4 UNIX source. I don't have the details at hand, but apparently it took several weeks for a team of programmers to track down and fix all the warnings. In the process they fixed several outstanding bugs.
4. Finally, check out Ken Thompsons paper "Reflections on Trusting Trust". ( http://www.acm.org/classics/sep95 ) He describes how he backdoored UNIX and managed to remove his hacks from the sources. However the hack was propagated every time the code was recompiled.
[ reply ]
Link to this comment: http://www.securityfocus.com/comments/articles/7388/23635#23635