Hacker Read

eps · 2010-12-15 14:53:45

Backdoors need not be literal. A well-misplaced if will go a long way in leaking a key information. Hardly a "backdoor" in a more common sense of the word, but an exploitable weakness nonetheless.

lupire | karma 8318 | avg karma 1.26 · | 2022-11-17 11:03:53

Backdoors aren't poorly coded, they are well coded but malicious.

snowwrestler | karma 28901 | avg karma 3.63 · | 2017-05-17 05:31:02+00:00

Backdoors are always a bad idea, because there is no way to guarantee that they'll only be used as intended.

foota | karma 6719 | avg karma 2.15 · | 2018-10-18 07:49:00+00:00

I mean, a backdoor can just be flipping an if somewhere from && to ||, not exactly suspicious if it's mixed in with other stuff.

thatiscool | karma 16 | avg karma 0.73 · | 2020-05-14 18:28:28+00:00

is it security flaw or backdoor?

meowface | karma 10977 | avg karma 2.45 · | 2013-09-20 21:27:46+00:00

An intentionally introduced vulnerability can be considered a backdoor, even if it's not a matter of saying "open sesame" to open the so-called backdoor.

DelightOne | karma 483 | avg karma 1.15 · | 2019-05-01 19:27:04+00:00

So a backdoor is okay incase it's not hidden?

redox99 | karma 2736 | avg karma 3.25 · | 2024-03-31 08:48:55

I don't think this kind of backdoor is that widespread. But intentional vulnerabilities for sure are.

willstrafach | karma 1179 | avg karma 1.75 · | 2017-06-28 19:45:21+00:00

I do not know what you mean by this. Again, my point was that any backdoor is highly unlikely to stay hidden.

wyattpeak | karma 2481 | avg karma 4.41 · | 2020-10-03 03:16:14+00:00

While I doubt it's an intentional backdoor, I wouldn't assume that backdoors would be obfuscated. You can't deny knowledge of an obfuscated backdoor, while an obvious one could plausibly be a simple mistake.

gnode | karma 2428 | avg karma 2.09 · | 2019-05-01 19:36:31+00:00

A vulnerability is not as damning if it wasn't intentionally inserted to be a backdoor. It being easily discoverable suggests that there was no intention to hide it, and thus it was not intended to be a backdoor.

If conversely the vulnerability was difficult to find externally, was publically unknown, and was seen being used for attacks, that would be suggestive of a deliberate backdoor, and far more damning.

reply

bostand | karma 679 | avg karma 2.09 · | 2017-05-15 15:53:21+00:00

BGR logic strikes again. There is a world of difference between a backdoor and an exploit...

Neither is desirable but one can at least be secured by a key or something.

reply

sebazzz | karma 3584 | avg karma 2.19 · | 2018-12-06 15:45:07+00:00

The problem is that a backdoor might not be so obvious. It can be simply a wrong chosen algorithm key size, and you need to be a cryptographic expert to know that.

Fnoord | karma 8086 | avg karma 1.35 · | 2019-04-30 06:05:24

Backdoors are always hidden. Else it is a "frontdoor".

SquareWheel | karma 5258 | avg karma 2.74 · | 2019-05-15 00:41:52+00:00

A backdoor to me suggests an intentional loophole through a level of security. A bug that does the same is severe, but isn't intentional.

At least that's my reading.

reply

AdmiralAsshat | karma 23050 | avg karma 6.82 · | 2020-02-06 13:06:07

"Backdoor" usually implies the vulnerability was put in there intentionally.

charcircuit | karma 2002 | avg karma 0.38 · | 2021-08-09 15:43:59

It's not a backdoor if it's a public part of the system / protocol.

morsch | karma 9935 | avg karma 3.28 · | 2016-07-22 12:45:23

Source? What kind of backdoor are we talking about here?

q3k | karma 7511 | avg karma 5.41 · | 2018-08-09 20:25:48

How is it not a backdoor? Just because it's unintended or due to a very complex reason doesn't mean it's not one.

labguy10001 | karma -9 | avg karma -4.5 · | 2014-04-08 17:59:07

It's not a vulnerability. It's a BACKDOOR.