Word Notes 3.9.21
Ep 40 | 3.9.21

backdoor (noun)

Transcript

Rick Howard: The word is: backdoor.

Rick Howard: Spelled: back as in not the obvious front way in and door as in a portal of entry.

Rick Howard: Definition: An undocumented or publicly unknown method to access a computer system undetected or to break the cipher used to encode messages.

Rick Howard: Example sentence: From my favorite hacker movie of all time, "WarGames." Just a second, let me put my thespian mask on here. "Mr. Potato Head, Mr. Potato Head, backdoors are not secrets." Not too bad. I should have been an actor.

Rick Howard: Origin and context: It's unclear where the word "backdoor" first entered the network defender's vocabulary. You can make an argument that at least as far back as World War I, combatants on both sides were trying to create backdoors for enemy encrypted radio communications. During World War II, the Allies deployed backdoors at scale with their Enigma code breaking efforts at Bletchley Park and equivalent efforts in Washington, DC against the Japanese Purple code. That said, you can also make a strong case that the word entered the popular culture zeitgeist in 1983 when the movie "WarGames" hit theaters. Since then, according to the MalwareBytes blog, we have seen very public examples of backdoors pop up in diverse parts of our culture. In 1993, the NSA tried to convince the world to put a backdoor into an encryption chip designed for computers and phones that would give them access with the proper warrants. When you say it out loud like that, you can see why that idea got universally thrown out by privacy advocates. In 2005, Sony BMG shipped a rootkit with millions of their music CDs. After the rootkit transferred to the computer, it allowed Sony BMG to track your music listening habits and stopped you from burning music onto other CDs. They paid out millions to settle lawsuits related to the rootkit and recalled most of the shipped music CDs. There are other examples, but probably the most famous are the backdoor operations discovered in two egregious supply chain attacks: NotPetya and SolarWinds. In these two adversary campaigns, hackers inserted backdoors into commonly used software that got delivered to their victims through the automatic software update mechanism.

Rick Howard: Nerd reference: My favorite hacker movie of all time, is the previously-mentioned "WarGames." The main character, David, played by Matthew Broderick, tries to break into a gaming company to play their unreleased games. He asks his geek friends, Jim, played by Maury Chaykin and Melvin, played by the perennial movie nerd, Eddie Deezen, for advice.

M. Broderick, E. Deezen & M. Chaykin: Jim, how do I get into that system? I want to play those games.

You're not supposed to see any of that stuff. That system probably contains new data encryption algorithm. You'll never get in there.

I don't believe that any system is totally secure.

I bet you Jim could get in.

Yeah, I bet you couldn’t.

I bet you he could.  

Well, you'll never get in through the front line security, but you might look for a backdoor. 

I can't believe it, Jim. That girl standing over there listening and you're talking about our backdoors. 

Mr. Potato Head, Mr. Potato Head. Backdoors are not secrets. 

Yeah, but Jim you're giving away all our best tricks. 

They're not tricks. 

What's a backdoor? 

Well, whatever I design a system, I always put in a simple password that only I know about. That way, whenever I want to get back in, I can bypass whatever security they've added on. That's basically what it is.