There was an interesting example in a NPS thesis about a decade ago
introducing a back door into a device driver.  I can't remember the
student's name, unfortunately.  Phil something-or-other.

On Thu, Dec 16, 2010 at 3:18 PM, Sebastian Schinzel <s...@seecurity.org> wrote:
> Hi all,
>
> I am looking for ideas how intentional backdoors in real software 
> applications may look like.
>
> Wikipedia already provides a good list of backdoors that were found in 
> software applications: http://en.wikipedia.org/wiki/Backdoor_(computing)
>
> Has anyone encountered backdoors during code audits, penetration tests, data 
> breaches?
> Could you share some details of how the backdoor looked like? I am really 
> interested in
> a technical and abstract description of the backdoor (e.g. informal 
> descriptions or pseudo-code).
> Anonymized and off-list replies are also very welcome.
>
> Thanks,
> Sebastian
> _______________________________________________
> Secure Coding mailing list (SC-L) SC-L@securecoding.org
> List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l
> List charter available at - http://www.securecoding.org/list/charter.php
> SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com)
> as a free, non-commercial service to the software security community.
> Follow KRvW Associates on Twitter at: http://twitter.com/KRvW_Associates
> _______________________________________________
>
_______________________________________________
Secure Coding mailing list (SC-L) SC-L@securecoding.org
List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l
List charter available at - http://www.securecoding.org/list/charter.php
SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com)
as a free, non-commercial service to the software security community.
Follow KRvW Associates on Twitter at: http://twitter.com/KRvW_Associates
_______________________________________________

Reply via email to