Windows Back Door
Yes Steve, there are back doors in Windows. I’m just not sure the SetAbortProc call in WMF files is one of them.
If we had a PC Hall of Fame, Steve Gibson would certainly be a candidate. Steve’s been digging into and writing about the core functionality of Windows since before Windows 3.0 went public. He gained fame and ushered in a new age of internet security with the creation of his ShieldsUp! web site. ShieldsUp! provides internet security tests so folks can check how well their firewall is working or if they have any nasty programs using open ports. Steve invites users to his ad-free ShieldUp! site free of charge. We now have many web sites duplicating and expanding his ideas like http://www.dslreports.com/tools and http://www.dnsstuff.com/.
Steve has also been responsible for finding a number of security flaws in Windows such as a vulnerability in how Microsoft implemented DCOM (Distributed Component Object Model). In 2003, Steve created a program called DCombobulator as a fix.
Steve has also been criticized at times for crying wolf when his alerts weren’t viewed by others as surprises or critical flaws. This week is another one of those times.
After some of his own testing and research, Steve has come to the conclusion that Microsoft intentionally put a “backdoor” into Windows via WMF’s. He’s published an audio and textual discussion with Leo Laporte on his website, http://www.grc.com/SecurityNow.htm#22.
Steve is so well known and respected that Microsoft responded the next day on its Microsoft Security Response Center Blog. The explanation is technical but knowing how things have changed over the years at Microsoft the explanation posted by Stephen Toulouse matches up with my own knowledge and research.
The story makes for good reading but I’m not surprised. Of course, there are back doors in Windows. Most back doors weren’t created for Microsoft use. They’re created to comply with federal laws.
Did you know what most printers include code to embed your printers serial number as a type of watermark in anything you print? Ever wonder why the government discourages open-source programming? The Homeland Security Department is now providing funds to Coverity, a company which tests open-source programs and servers. Alas, this is probably the topic of an entirely new article.