CNN: Don't blame Back Orifice for security problems

"BackOrifice is a remote administration tool for Microsoft Windows and, as Bruce Schneier, chief technology officer at San Jose-based managed security services firm Counterpane Internet Security Inc. (link below), points out, "one of the coolest hacking tools ever developed..."

"Perfectly respectable programs, like pcAnywhere or Microsoft Systems Management Server [SMS], do the same thing. They allow a network administrator to remotely troubleshoot a computer. If the server is installed on a computer without the knowledge or consent of its owner, the client can effectively "own" the victim's PC..."

"In Unix, an attacker would first have to get root privileges. Not in Windows. There's no such thing as limited privileges or administrator privileges or root privileges. This might have made some sense in the age of isolated desktop computers. But on the Internet, this is absurd."

Complete Story

Related Stories:

• The Battlefield(Aug 24, 1999)
• Internet Week: Hackers Kick Open Back Door To NT(Jul 23, 1999)
• PC Week: Has Back Orifice gone legit?(Jul 13, 1999)
• Back Orifice 2000 distributed with sources, under GPL(Jul 12, 1999)
• CNET News.com: Back Orifice 2000 makes its debut(Jul 11, 1999)
• InfoWorld: Hackers set to convene, unleash NT Trojan horse(Jul 08, 1999)
• PC World: Hacker Tool Targets Windows NT(Jul 03, 1999)