|
cDc Calls for Voluntary Recall of Microsoft Software
Mike Hudack
OSAll Editor-in-Chief
Discuss Back Orifice on the OSAll BBSystem.
In a press release dated July 19, the Cult of the Dead Cow challenged Microsoft´s assertion that BO2k is malicious. BO2k, a remote administration tool released at this year´s DefCon, has drawn the ire of Microsoft and antivirus firms alike.
Microsoft´s assertion that BO2k is "malicious," which is largely explained in its advisory on the subject, is based mostly on a "stealth" feature built into the software. According to Microsoft, the ability for the BO2k server to run without the user´s knowledge is an unacceptable feature.
cDc, the makers of BO2k, have fired a return shot at Microsoft. They claim that Microsoft´s own remote administration tool, Systems Management Server, is equally malicious according to Microsoft´s definition.
The SMS documentation states in part:
It is possible to configure [SMS] from a state where there is never any visible or audible indication that a remote control session is under way. It has been made this flexible due to customer demands ranging from one end of this spectrum to the other. When configuring the options available in the Remote Tools Client Agent properties, due notice must also be taken of company policy and local laws about what level of unannounced and unacknowledged intrusion is permitted."
According to the cDc, this is exactly what BO2k does. It allows the administrator to choose the level of "stealth." In fact, the default position for stealth mode is zero -- the server does nothing to hide its existance from the user at any point.
According to Rod Fleming, a member of cDc, "Microsoft wants to keep everybody talking about the evil software from us crazy computer hackers. So they paint BO2K as a dangerous application with no constructive uses. We beg to differ."
Microsoft´s PR firm has released a statement to OSAll that effectively says the same thing they´ve been saying all along -- BO2k is malicious while SMS isn´t. |
