Two programmers write a new secure application for the human resources department to store personal
identifiable information. The programmers make the application available to themselves using an uncommon
port along with an ID and password only they know.
Which of the following is this an example of?
A backdoor in a computer system (or cryptosystem or algorithm) is a method of bypassing normal
authentication, securing unauthorized remote access to a computer, obtaining access to plaintext, and so on,
while attempting to remain undetected. The backdoor may take the form of an installed program (e.g., Back
Orifice) or may subvert the system through a rootkit.
A backdoor in a login system might take the form of a hard coded user and password combination which gives
access to the system.
Although the number of backdoors in systems using proprietary software (software whose source code is not
publicly available) is not widely credited, they are nevertheless frequently exposed. Programmers have even
succeeded in secretly installing large amounts of benign code as Easter eggs in programs, although such
cases may involve official forbearance, if not actual permission.
Many computer worms, such as Sobig and Mydoom, install a backdoor on the affected computer (generally a
PC on broadband running Microsoft Windows and Microsoft Outlook). Such backdoors appear to be installed
so that spammers can send junk e-mail from the infected machines. Others, such as the Sony/BMG rootkit
distributed silently on millions of music CDs through late 2005, are intended as DRM measures—and, in that
case, as data gathering agents, since both surreptitious programs they installed routinely contacted central