I was wanting to get a list started of software, and hardware that are known to have backdoors. So if you know of any then could you please list them in this thread. If the backdoor has legit purposes then you can also list them since they have the potential for abuse. If there is an ongoing debate on a particular software or hardware possibly having a backdoor you can list them as well, but make it very clear that at this time it is only speculation. Keep the thread fact based. I would like to thank anyone in advance that contributes to this thread. Thanks You!

Well theres the possible backdoor in OpenBSD from the FBI.
http://news.cnet.com/8301-31921_3-20025767-281.html
I guess not really confirmed or debunked at this time though.

Hushmail
PGP

Still under debate,but highly widespread info.

@ Cutting_Edgetech

Nice idea for a thread :thumb:

Here's a few more to be going on with.

Windows = Apart from anything else, the infamous NSA key - http://cryptome.org/nsakey-ms-dc.htm

Routers = Supplied by ISP's, maybe others too - http://www.wilderssecurity.com/showthread.php?t=277194

TOR - "Supposedly" backdoored by german government according to reports from a few years ago, but google shows no results for it now ?

-{ Quote: "I was wanting to get a list started of software, and hardware that are known to have backdoors. So if you know of any then could you please list them in this thread. If the backdoor has legit purposes then you can also list them since they have the potential for abuse. If there is an ongoing debate on a particular software or hardware possibly having a backdoor you can list them as well, but make it very clear that at this time it is only speculation. Keep the thread fact based. I would like to thank anyone in advance that contributes to this thread. Thanks You!" }-


Please go back and re-edit the post to be more specific as to what you are implying?

From the way I am reading into this, you mean Rogue Developers posing as legitimate software putting in backdoors?

After all anyone can get a hold of software and put a possible back door in, and finding those answers, well, a lot more difficult, that's like asking who are all the hackers out there and who really knows.

So sticking more to known Rogue problems, seems to be a more realistic focus...

-{ Quote: "Hushmail
PGP

Still under debate,but highly widespread info." }-
I know about Hushmail, but PGP!?

Can you provide a link, please?

-{ Quote: "I know about Hushmail, but PGP!?

Can you provide a link, please?" }-

http://securology.blogspot.com/2007/10/pgp-whole-disk-encryption-barely.html

http://www.nytimes.com/library/cyber/week/100397pgp.html

"Real" software backdoors apparently are few and far between. I wouldn't count PGP and hushmail to them in the classical sense. The rest mentioned so far is only speculation, conspiracy theory or worse.
Here's one that fits the definition:
http://lwn.net/Articles/418478/
an detected attemp:
http://kerneltrap.org/node/1584
and the most famous paper on backdoors in history:
http://cm.bell-labs.com/who/ken/trust.html
a good blog post on hardware backdoors:
http://blog.ksplice.com/2010/10/hosting-backdoors-in-hardware/
CPU backdoors:
http://theinvisiblethings.blogspot.com/2009/06/more-thoughts-on-cpu-backdoors.html

In a wider sense the good old hardware keyloggers and wiretraps could be counted.

Would it be considered a back door when an antivirus whitelists a commercial keylogger?

-{ Quote: "Would it be considered a back door when an antivirus whitelists a commercial keylogger?" }-
If they hide that fact, I guess so. It's not a classical backdoor (hidden remote access left after the initial break-in as a way back) but comes pretty close and there's no other category that would fit better.

-{ Quote: "http://securology.blogspot.com/2007/10/pgp-whole-disk-encryption-barely.html

http://www.nytimes.com/library/cyber/week/100397pgp.html" }-

Use GnuPG (http://www.gnupg.org/) instead.

@tlu: That "backdoor" is in the PGP _disk encryption_. Alternatives are Truecrypt, cryptsetup, DiskCryptor...

-{ Quote: "@tlu: That "backdoor" is in the PGP _disk encryption_. Alternatives are Truecrypt, cryptsetup, DiskCryptor..." }-
Ah, thanks. I was inattentive. AFAIR there had been also rumors about an NSA backdoor in PGP some years ago, though.

-{ Quote: "
PGP

Still under debate,but highly widespread info." }-

Their is not a backdoor in PGP period!

You should actually read the links you shared, because neither has info or proof their is a backdoor in PGP!

-{ Quote: "allows a user who knows a boot passphrase to add a static password " }-
http://securology.blogspot.com/2007/10/pgp-whole-disk-encryption-barely.html

How is this a backdoor? :wacko:

I bet Skype has a back door now.

Skype was down the other day. I know that they and others have been requested to add a back door. I would be surprised if they have not. Skype is U.K., right?

But I wonder. If a person was using portable skype, not installed, ran it only after firing up a VPN, opened it up and ran it sandboxed with Sandboxie, then deleted the Sandbox, what could be done with that back door? just curious.

Only hypothetically of course...
Skype records all calls and connection data, forwards that to LEA, they go after your contacts who likely didn't use the same precautions and "kindly" ask where you are living...
You get a nice visit from the SWAT team :P

But really if there is a backdoor it's not geolocation but in the crypto. Even if all contacts connect over multiple VPNs or heavier anonymity (because for LEA with one VPN your identity is just one subpoena away) there's much to be learned from eavesdropping on the connection, including identity and whereabouts.

-{ Quote: "Only hypothetically of course...
Skype records all calls and connection data, forwards that to LEA, they go after your contacts who likely didn't use the same precautions and "kindly" ask where you are living...
You get a nice visit from the SWAT team :P

But really if there is a backdoor it's not geolocation but in the crypto. Even if all contacts connect over multiple VPNs or heavier anonymity (because for LEA with one VPN your identity is just one subpoena away) there's much to be learned from eavesdropping on the connection, including identity and whereabouts." }-

I remember reading a while back that at some tech conference an NSA representative told the attendees that NSA is offering "billions" to any corporation or entity that can give them access to Skype communications. This would make sense -- all they have to do is buy their way into Skype. Since Skype is owned by E-bay, the NSA can just strong arm Ebay into putting in a backdoor (and with an offer of a lot of money).

Edit: here's the article. (http://www.theregister.co.uk/2009/02/12/nsa_offers_billions_for_skype_pwnage/)

If Skype is in the U.K. aren't they obligated to do something like this by default?

-{ Quote: "If Skype is in the U.K. aren't they obligated to do something like this by default?" }-
I don't think so, because Skype is based in Luxembourg, they only have an office in UK.

This cryptographer spent 4 months on his security review of Skype :thumb:
http://download.skype.com/share/security/2005-031%20security%20evaluation.pdf

Thanks for that.

I would like to nominate Windows 7 and later as a backdoored OS

Windows 7 and later give Microsoft the ability to remotely and silently add certificate authorities to your OS. This means undetectable Man-In-The-Middle attacks across every website and every service.

The real issue here is trusting Certificate Authorities, which are how SSL certs and https and other items are validated as "legit" or fake.

Further, I can confirm that this is the case and that governments, especially the US, are doing this. How do I know? Simple: intelligence product vendors are now offering DPI/MITM devices that work seamlessly at 40 Gbps speeds (internet backbone), and all you have to do is insert your strongarmed SSL certificate and it does the rest. There is no other legitimate reason for such a device to exist.

Now you may ask yourself, are these "trustworthy" Certificate Authorities, which are built into your OS, really complicit participants? Well, when I visited China, we saw valid but fake SSL certificates for Apple issued by the most trusted ssl certificate vendor on the planet.

For more information on Microsoft's backdoor, and the pitfalls of SSL and trust, please read Certified Lies: Detecting and Defeating Government Interception Attacks Against SSL (http://files.cloudprivacy.net/ssl-mitm.pdf).

@ SteveTX

Thanks for the info & PDF link :thumb: Long read, but i will do it :)

Glad i'm on XP with NO updates ;D

-{ Quote: "@ SteveTX

Thanks for the info & PDF link :thumb: Long read, but i will do it :)

Glad i'm on XP with NO updates ;D" }-
Yes, i still have several machines with XP Pro, and I don't plan on ditching XP ever unless they quit issuing security patches for it.

-{ Quote: "I would like to nominate Windows 7 and later as a backdoored OS

Windows 7 and later give Microsoft the ability to remotely and silently add certificate authorities to your OS. This means undetectable Man-In-The-Middle attacks across every website and every service.

The real issue here is trusting Certificate Authorities, which are how SSL certs and https and other items are validated as "legit" or fake.

Further, I can confirm that this is the case and that governments, especially the US, are doing this. How do I know? Simple: intelligence product vendors are now offering DPI/MITM devices that work seamlessly at 40 Gbps speeds (internet backbone), and all you have to do is insert your strongarmed SSL certificate and it does the rest. There is no other legitimate reason for such a device to exist.

Now you may ask yourself, are these "trustworthy" Certificate Authorities, which are built into your OS, really complicit participants? Well, when I visited China, we saw valid but fake SSL certificates for Apple issued by the most trusted ssl certificate vendor on the planet.

For more information on Microsoft's backdoor, and the pitfalls of SSL and trust, please read Certified Lies: Detecting and Defeating Government Interception Attacks Against SSL (http://files.cloudprivacy.net/ssl-mitm.pdf)." }-
Very nice literature to add my my collection on privacy, and anonymity. I'm reading though it now. Thanks for the post!

There is a difference between Windows 7 and other OSs in the details but how does that behaviour open a new "backdoor" that doesn't already exist in every other browser and OS combination which are all vulnerable to the presented compelled certificate creation attack?


Windows does have a backdoor, Windows Update. Even if it's not used in the typical fashion it technically is backdoor as it allows MS full remote access to the system (if you keep the default/recommended settings)
http://windowssecrets.com/2007/09/20/02-Protect-yourself-from-silent-Windows-updates

It's not just W7, but Vista too :thumbd:

From the ssl-mitm.pdf that SteveTX posted earlier :thumb:

224899

-{ Quote: "It's not just W7, but Vista too :thumbd:

From the ssl-mitm.pdf that SteveTX posted earlier :thumb:

224899" }-
Yes, I read the paper, so?
Linux distros and Mozilla push ca updates depending on your settings via automatic updates. But even if your local root certs are static you are vulnerable to (government level) attacks, especially through intermediate CAs. I fail to see the "backdoor".

Man in the middle attacks against SSL are not new (From 2005 same attack concept) (https://financialcryptography.com/mt/archives/000332.html). These kinds of attack have neen recognised as a fundamental flaw in the PKI architecture for a long time.

This kind of attack is also not specifically targeted against Windows 7 or later, In fact any operating system is potentially vulnerable, if there is a web browser installed (similar article related to Linux Breach of Trust» (http://www.linux-magazine.com/w3/issue/114/054-055_kurt.pdf) (PDF)) . Hence the extension Soghoian and Stamm present, which is for firefox ( Certificate Patrol (https://addons.mozilla.org/en-US/firefox/addon/certificate-patrol/) an alternative is Perspectives : Firefox Extension (http://search.yahoo.com/r/_ylt=A0oG7lVVzUZNl7kAYPVXNyoA;_ylu=X3oDMTBybnZlZnRlBHNlYwNzcgRwb3MDMQRjb2xvA2FjMgR2dGlkAw--/SIG=124i0rl00/EXP=1296514517/**http%3a//www.cs.cmu.edu/~perspectives/firefox.html)). There are also similar extensions available for IE and Chrome.

Interestingly, whilst this kind of attack could be used by unscrupulous government agencies, it's not exactly an ideal way of obtaining information without detection and thus not particularly useful for said bodies.

Here's a quote from an article regarding the Soghoian and Stamm paper:

-{ Quote: "
It's worth pointing out that, from the perspective of a law enforcement or intelligence agency, this sort of surveillance is far from ideal. A central requirement for most government wiretapping (mandated, for example, in the CALEA standards for telephone interception) is that surveillance be undetectable. But issuing a bogus web certificate carries with it the risk of detection by the target, either in real-time or after the fact, especially if it's for a web site already visited. Although current browsers don't ordinarily detect unusual or suspiciously changed certificates, there's no fundamental reason they couldn't (and the Soghoian/Stamm paper proposes a Firefox plugin to do just that). In any case, there's no reliable way for the wiretapper to know in advance whether the target will be alerted by a browser that scrutinizes new certificates.

Also, it's not clear how web interception would be particularly useful for many of the most common law enforcement investigative scenarios. If a suspect is buying books or making hotel reservations online, it's usually a simple (and legally relatively uncomplicated) matter to just ask the vendor about the transaction, no wiretapping required. This suggests that these products may be aimed less at law enforcement than at national intelligence agencies, who might be reluctant (or unable) to obtain overt cooperation from web site operators (who may be located abroad).
" }-

http://www.crypto.com/blog/spycerts/

The other consideration is one of legality. If a CA betrays the trust relationship with the customer by sharing private keys, it's questionable whether this would be legal in the US.

Here's a direct quote from Soghoian and Stamms' paper:

-{ Quote: "
10
The legal issues relating to this kind of compelled assis-
tance are far more complex. Any US government agencies
compelling such CA assistance would almost certainly rely on
the assistance provisions highlighted earlier. However, it is
unclear if such compelled assistance would be lawful, due to
the fact that it would interfere with the CA’s ability to pro-
vide identity verification services. Such compelled assistance
would also raise serious First Amendment concerns, due to
to the fact that the government would be ordering the CA to
affirmatively lie about the identity of a certificate recipient.
" }-

Of course, this only applies to the US and what may be illegal in that country may be relatively easily sanctioned in others.

-{ Quote: "Interestingly, whilst this kind of attack could be used by unscrupulous government agencies, it's not exactly an ideal way of obtaining information without detection and thus not particularly useful for said bodies." }-
Perhaps the primary goal is sowing distrust about internet security technologies.

So we switch to something more secure, raise awareness of such issues and educate the people. How noble!

But, that not how you meant it, right?

-{ Quote: "So we switch to something more secure, raise awareness of such issues and educate the people. How noble!

But, that not how you meant it, right?" }-
No, that's not how I meant it. Unless I've missed something, Steve hasn't even claimed that the Safehouse browser will protect against treacherous CAs. Indeed, given the system's flaws, protection may be impossible. Warning users about suspicious certificates would hardly be unique, given the availability of browser extensions.

In retrospect, the development of CA-based internet security reminds me of the infamous Clipper chip gambit -- except that it was subtle enough to succeed.