World Video | Defence | Foreign Affairs | Natural Events | Trade | NZ in World News | NZ National News Video | NZ Regional News | Search

 


Don't Worry Windows Users, Everything Will Bo2k

Press Contact: The Deth Vegetable
cDc Minister of Propaganda veggie@cultdeadcow.com

[July 19th, San Francisco] The CULT OF THE DEAD COW (cDc) publicly challenges Microsoft Corporation to voluntarily recall all copies of its Systems Management Server network software. In addition, cDc calls for the antivirus industry to respond with signature scanning for SMS files.

"Hypocrisy" is such an ugly word. So instead, why don't we just chalk this one up to Do-What-We-Say-Not-What-We-Do?

Microsoft evidently dislikes our new tool so much that they've taken to complaining about one of its key features. We're talking about Back Orifice 2000, and the feature in question is its stealth mode.

Microsoft has claimed that BO2K is a malicious tool with no legitimate use. Their primary evidence is BO2K's stealth feature, which gives you the option to run the server on the remote machine without it being evident to anybody sitting at that machine.

In fact, here's what they're saying right now on the Microsoft Security Advisor website:

BO2K is a program that, when installed on a Windows computer, allows the computer to be remotely controlled by another user. Remote control software is not malicious in and of itself; in fact, legitimate remote control software packages are available for use by system administrators. What is different about BO2K is that it is intended to be used for malicious purposes, and includes stealth behavior that has no purpose other than to make it difficult to detect. http://www.microsoft.com/security/bulletins/bo2k.asp

Now, we concede that on its face, this sounds like a valid criticism. Being able to operate a remote admin tool without the person at the other end knowing that it's running on the machine seems downright devious. (Keep in mind that BO2K's stealth feature is an OPTION, which is in fact disabled by default.)

Maybe Microsoft is right; perhaps this stealth feature in and of itself is enough to brand it a hacker tool with no redeeming social value.

But then, what are we to make of Systems Management Server (SMS)?

SMS is Microsoft's remote admin tool for Windows. As it happens, SMS has a nearly identical stealth feature. As a matter of fact, they explain this feature in a Word document available from the Microsoft website:

Security

Of all the operations that Systems Management Server allows you to do on a client, remote control is possibly the most "dangerous" in terms of security. Once an administrator is remote controlling a client, he has as many rights and access to that machine as if he were sitting at it. Added to this, there is also the possibility of carrying out a remote control session without the user at the client being aware of it. Thus, it is important to understand the different security options available and also to understand the legal implications of using some of them in certain jurisdictions."

Visible and Audible Indicators

It is possible to configure a remote control from a state where there is never any visible or audible indication that a remote control session is under way. It has been made this flexible due to customer demands ranging from one end of this spectrum to the other. When configuring the options available in the Remote Tools Client Agent properties, due notice must also be taken of company policy and local laws about what level of unannounced and unacknowledged intrusion is permitted."

http://www.microsoft.com/smsmgmt/techdetails/remote.asp

Notice that? Microsoft's own tool has the same evil capability as BO2K.

Now, Microsoft did not invent surreptitious desktop surveillance; there are other products on the market that perform these functions. Microsoft is just the largest supplier of the technology, as SMS comes bundled with each copy of Back Office.

Why is it that Microsoft can offer a tool having this illegitimate functionality without any moral qualms, but when WE do it, they throw a hissy fit? Well... we have a hunch.

"Microsoft wants to keep everybody talking about the evil software from us crazy computer hackers. So they paint BO2K as a dangerous application with no constructive uses," says Reid Fleming (cDc). "We beg to differ."

BO2K doesn't exploit any bugs in the Windows operating system that Microsoft is willing to categorize as such. So in order to convince the public that BO2K is a solely destructive tool, Microsoft is forced to criticize the tool's feature set. Evidently whoever dreamed up this press strategy was unaware of Systems Management Server and its stealth feature.

Of course, there's another possibility. Microsoft sells SMS for cash money. Meanwhile, BO2K is free. (It's also open source, and better constructed any way you measure it: size, efficiency, functionality, security.) Maybe this is just another example of Microsoft's alleged anticompetitiveness?

"BO2K, like SMS, is a powerful software tool. Like any powerful tool, it can be used either responsibly or irresponsibly," says Count Zero (cDc). "For Microsoft to claim that BO2K has no legitimate purpose is ridiculous. Their own SMS tool has nearly the same functionality as BO2K, and Microsoft is happy to let you pay $1,000+ for it."

Regardless of their motivations, Microsoft is selling software which does many of same things as Back Orifice 2000, including the pernicious ability to run hidden from the user. And if stealth mode is what makes BO2K a malicious program, then Microsoft's Systems Management Server is a malicious program too.

Consequently, we challenge Microsoft to recall all copies of the SMS administration tool, because its featureset contains stealth capability. This feature clearly illustrates that their software has no legitimate use. Furthermore, we urge all antivirus vendors to include signatures for SMS in their scanner utilities.

Back Orifice 2000 is available for download free of charge from http://www.bo2k.com/.

APPENDIX

Equally hypocritical quotes from Microsoft about Back Orifice:

"Users who are tricked into getting this thing installed on their system are vulnerable to the attacker, who can then do anything that the victim can do -- move the mouse, open files, run programs, etc. -- which is little different from what legitimate remote-control software can do. Back Orifice, however, is designed to be stealthy and evade detection by the user."

"In fact, it really ends up doing bad things -- that’s what a Trojan horse does. Back Orifice falls into that category because it is intentionally designed to hide itself from detection. The creators claim that this is a useful administration tool, but it doesn’t even prompt people when it installs itself on the system. It doesn’t warn them that it’s getting installed. And, once it’s installed, it makes the system available to other people on the Internet. That is a malicious act."

"It’s incomprehensible why a tool like this would be created. [...] [T]here’s no purpose for this tool other than harming actual users of software products."

-- Jason Garms, lead product manager for Windows NT security Microsoft's prefabricated interview, 8-July-1999


The CULT OF THE DEAD COW (cDc) is the most influential group of hackers in the world. Formed in 1984, the cDc has published the longest running e-zine on the Internet, swallowed swords, made waffles, and so on.

For more background information, journalists are invited to check out our Medialist at http://www.cultdeadcow.com/news/medialist.htm.

© Scoop Media

 
 
 
 
 
World Headlines

 

At The UN: Paris Climate Agreement Moves Closer To Entry Into Force

The Paris Agreement on climate change moved closer toward entering into force in 2016 as 31 more countries joined the agreement today at a special event hosted by United Nations Secretary-General Ban Ki-moon. More>>

ALSO:

Gordon Campbell: On The End Game In Spain (And Other World News)

The coverage of international news seems almost entirely dependent on a random selection of whatever some overseas news agency happens to be carrying overnight... Here are a few interesting international stories that have largely flown beneath the radar this past week. More>>

Amnesty/Human Rights Watch: Appalling Abuse, Neglect Of Refugees On Nauru

Refugees and asylum seekers on Nauru, most of whom have been held there for three years, routinely face neglect by health workers and other service providers who have been hired by the Australian government, as well as frequent unpunished assaults by local Nauruans. More>>

ALSO:

Other Australian Detention

Gordon Campbell: On The Censorship Havoc In South Africa’s State Broadcaster

Demands have included an order to staff that there should be no further negative news about the country’s President Jacob Zuma, and SABC camera operators responsible for choosing camera angles that have allegedly made the President ‘look shorter’ were to be retrained... More>>

ALSO:

Gordon Campbell: On A Bad Week For Malcolm Turnbull, And The Queen

Malcolm Turnbull’s immediate goal – mere survival – is still within his grasp... In every other respect though, this election has been a total disaster for the Liberals. More>>

ALSO:

Gordon Campbell: On Bidding Bye Bye To Boris

Boris Johnson’s exit from the contest for Conservative Party leadership supports the conspiracy theory that he never really expected the “Leave” option to win the referendum – and he has no intention now of picking up the poisoned chalice that managing the outcome will entail... More>>

ALSO:

Get More From Scoop

 
 
 
 
 
World
Search Scoop  
 
 
Powered by Vodafone
NZ independent news