What are Backdoor & Logic bombs
b"
hello everyone my name is vijay kumar Devireddy and i am glad to have you back on my episode 09 today we are going to discuss about Backdoors and logic bombs.A backdoor was originally placed in computer programs to bypass the normal security and authentication functions. Now, if this sounds like a horrible idea to you, it really is, and it's a horrible security practice. This is something that was originally created back in the 80's, by manufacturers and programmers as a way for them to get back into the system to do maintenance and repairs, without having to go through all the authentications and going through the firewalls and the layers of security that they would if they went in the front door. Now, this is a horrible and bad practice, and it should not be used in current networks. And these days, it's actually considered a breach of good, secure coding practices. But, back in the 80's and the 90's, and even into the early 2000's, backdoors were a commonplace thing that were put in by programmers. Now these days, most software does not have a backdoor. It's been patched up and cleared up because they know how bad these are for security. But, there is something that acts just like a backdoor. What do you think that might be? Well, it's a remote access trojan. A remote access trojan can be placed by an attacker to maintain their persistent access to your system. So if I'm able to trick you into clicking a spearfishing link, and then you install malware based on clicking that link, now I have something that can make a call back to me. That can give me that remote access. I have a way to bypass your system's natural security and use that remote access trojan as a backdoor, to gain access to your system anytime I want. Another insecure coding practice that was used by programmers is what we refer to as an Easter Egg. An Easter Egg would be placed in the code as a joke or a form of gag gift. Essentially, there would be different things that would happen in different video games, or different pieces of software when certain code was executed. For example, a few years ago, you could go to Google.com and type in do a barrel roll, and the whole page would do a 360 degree rotation as if it was doing a barrel roll in an airplane. There was no real function to doing that except it was a joke, it was a gag. It was a joke that Google programmers decided to put into the code. Now, Easter Eggs are generally harmless but they do add additional code, that can have additional vulnerabilities. The reason for this is because their code, because it's a joke, is usually put in at the last minute and it doesn't undergo rigorous security testing. Now, why am I talking about Easter Eggs in this lesson? Well, it's because it brings us up to the subject of logic bombs. Logic bombs are a descendant of those earlier Easter Eggs. But logic bombs were designed with malicious intent in mind. Logic bombs are malicious code that's inserted into a program, and it will execute only when certain conditions have been met. For example, a disgruntled employee may insert a logic bomb into the server's code so that if that employee isn't on the payroll anymore, a bad action, like deleting all the files, could occur. One of my favorite examples of a logic bomb actually comes from the movie Jurassic Park. In the movie, the park's programmer, Dennis Nedry, decides he's going to put a logic bomb into the power grid system, so that it will go off at a certain time.He does this so that when the power gets turned off by the logic bomb, he's able to sneak out of the room, go past all the alarms and get into the nursery and steal some of the dinosaur embryos. He thinks he's going to get off and sell those embryos and become a millionaire.
"