---

SecurityFocus: Security companies can make headlines by using the right jargon, even when it’s wrong

I have to question the choice of words used by computer
security company ISS in its latest advisory titled Backdoor
Password in Red Hat Linux Virtual Server Package.

“In it they claim “Internet Security Systems (ISS) X-Force has
identified a backdoor password in the Red Hat Linux Piranha
product. […] A backdoor password exists in the GUI portion of
Piranha that may allow remote attackers to execute commands on the
server.”

“A backdoor is normally understood in computer security circles
to refer to a system vulnerability deliberately put in place by
system designers or operators such that it would allow them to
bypass normal security checks. The “wemilo” password discovered in
the Cart32 shopping cart software last week is an example of a
genuine backdoor.”

Complete
Story

Get the Free Newsletter!

Subscribe to Developer Insider for top news, trends, & analysis