[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] Multiple Backdoors found in eEye Products (IRIS and Secure

To: Dave Aitel <dave@xxxxxxxxxxxxxxx>
Subject: Re: [Full-Disclosure] Multiple Backdoors found in eEye Products (IRIS and Secure
From: Blue Boar <BlueBoar@xxxxxxxxxxx>
Date: Sun, 02 Jan 2005 20:27:09 -0800

Dave Aitel wrote:

Of course, this sort of thing is basically impossible to disprove - especially without source.

If I were looking for a well-hidden backdoor, I wouldn't bother with source. There's no guarantee that a particular binary was produced by a particular group of source unless you can compile it yourself to the same set of bytes. Even then, you've got no guarantee the backdoor isn't introduced as part of the build process or a compiler quirk, rather than being in the source.

As for proof in this particular case, I find the claim rather extraordinary, so I would place the burden of proof on the claimer. Let's see an exploit.

                                        BB
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Follow-Ups:
- Re: [Full-Disclosure] Multiple Backdoors found in eEye Products (IRIS and Secure
  - From: Paul Schmehl

References:
- Re: [Full-Disclosure] Multiple Backdoors found in eEye Products (IRIS and Secure
  - From: Lance Gusto
- Re: [Full-Disclosure] Multiple Backdoors found in eEye Products (IRIS and Secure
  - From: Dave Aitel

Prev by Date: Re: [Full-Disclosure] Santy Variant attacking about 50 PHP-applications
Next by Date: Re: [Full-Disclosure] change email
Previous by thread: Re: [Full-Disclosure] Multiple Backdoors found in eEye Products (IRIS and Secure
Next by thread: Re: [Full-Disclosure] Multiple Backdoors found in eEye Products (IRIS and Secure
Index(es):
- Date
- Thread