Do all firewalls have a back door which is provided to secret service and law enforcement authorities?
If so, what is there to stop a member of such agencies who is in a cult to pass the back door info on to other members of his or her cult. (e.g. cultish subsets of Born Again Christianity)
David
I also discuss the subject in the "Firewall for win95?" thread where I point out that if cultish subsets of Born Again Chrsitianity have access to such back doors they should be investigated promptly since a subset of such cultish subsets of Born Again Christianity wish to bring about the end of the world via nulclear holocaust. I expect that those knowing of the existence of such back doors would be quick to poo poo such existence and may even be in such cultish subsets of Born Again Christianity themselves. But perhaps you are right, Walter, though cheap or free firewalls are more likely to have such programmed in back doors or otherwise have entry loopholes than expensive ones, I bet.
This did not go to alt.conspiracy . :-)
David
In article , David Dalton wrote: :Do all firewalls have a back door which is provided to :secret service and law enforcement authorities?
No. If you examine the Lawful Intercept RFC,
So what you are back to is that old chestnut about whether
3DES, AES, et al. contain backdoors. The consistant word on those is "None that anyone has been able to identify from the source or from several years of sophisticated examination.":If so, what is there to stop a member of such :agencies who is in a cult to pass the back door :info on to other members of his or her cult. :(e.g. cultish subsets of Born Again Christianity)
Reminds me of the old days when people were talking about Clipper and Mandatory Key Escrow.
I was tempted, but I restrained myself. :-)
In article , David Dalton wrote: :I expect that :those knowing of the existence of such back doors would :be quick to poo poo such existence and may even be :in such cultish subsets of Born Again Christianity themselves.
And how exactly would I go about proving that I am not a member of such a cult? Considering that if I were a member and did know about such things that I would possibly consider it to be my religious duty to lie?
:But perhaps you are right, Walter, though cheap or free :firewalls are more likely to have such programmed in :back doors or otherwise have entry loopholes than :expensive ones, I bet.
Not necessarily. Free firewalls might be open source, and you could examine the source code and compile it for yourself; and you could compile the compiler for yourself in case you don't trust the compiler. As I indicated, though, this gets you into the question of whether the mathematics of the encryption algorithm is robust or if there are known ways to break the algorithms. In response to that, the best that can be said is "A lot of researchers from all over the world have looked at the algorithms, and the best they have been able to do is find time/space tradeoffs for DES that reduces the time effort significantly, but require 1 or 64 terabytes of intermediate storage." I haven't read the papers myself to try to figure out how these would scale to 3DES.
On 04 Jan 2005, "Michael J. Pelletier" wrote in news:VRHCd.73104$QR1.32727@fed1read04:
Thank you for stating the obvious. All I could think of were tin foil hat jokes.
Nil wrote in news:Xns95D4EBD1A3FEFnilch1@
63.240.76.16:
If it didn't go to alt.conspiracy it sure the heck should of.
Jason
Hmmm, you seem to have a specific nemesis in mind? What did you do to them? ;P
Realistically, I would not put it past some programmers to integrate their own backdoors. As a general company policy I don't see this as viable though. There used to be for example a rumour that Checkpoint have integrated a backdoor for Mossad to use but it's like many things, how do you keep that information locked up? I have also read here and there references years ago about Checkpoint keeping their CAST encryption algo in checkpoint as it was independant of the US government (albeit, it was only 40bit afaik). People leave companies, there are internal security audits etc etc. I find it unlikely that such things persist in corporate products that have evolved several versions and are worked on by teams rather then an individual.
In addition to that, also consider that many sites will have mixed vendor equipment, so that the backdoor left say in a netscreen will still trigger traces in router logs, ids's etc.
My last point is directed at the legal implications. If that ever came out (people reverse engineer and fiddle alot please remember) that a company did that, I think you could bury them unless they found a scapegoat programmer to blame for it.
regards dc
A link to "Reflections on Trusting Trust" by Ken Thompson was posted recently in a similar discussion. He describes his backdoor in the Unix compiler.
That happened to some people I know. The Holy Mafia backdoored their PCs by turning off Zonealarm and downloaded the set of nukes one guy had saved in his My Documents folder. The other dude had a submarine in his temp directory which they stole. (apparently they recently used the sub and nukes to trigger an undersea earthquake in the Indian Ocean) What's *really* scary is the files were read-only and hidden.
The moral of the story is if you store nuclear weapons or multi-billion tonne military hardware on your PC is to *always* store it on removeable media like CD or floppies. And hide the floppies under the dogs bowl for extra security.
E.
P.S. can I get the name of your dealer?
I caught two inserted supposed typos above so this machine must have a spy wireless modem installed, since I am not connected by dialup. Some would like to suppress my theory.
In article , Ant wrote: |"Walter Roberson" wrote: |> Not necessarily. Free firewalls might be open source, and you could |> examine the source code and compile it for yourself; and you could |> compile the compiler for yourself in case you don't trust the |> compiler. [...]
|A link to "Reflections on Trusting Trust" by Ken Thompson was posted |recently in a similar discussion. He describes his backdoor in the |Unix compiler. |
Note, though, if you read carefully, he didn't say that he actually implimented the back door: he just shows some code snippets that, broadly speaking, would have that effect.
:I caught two inserted supposed typos above so :this machine must have a spy wireless modem :installed, since I am not connected by dialup. :Some would like to suppress my theory.
Which doesn't give us any information about the nature of the alleged typos, and gives us very little information about the sequence of operations that you went through. It also isn't clear which theory you are referring to.
If the referenced "theory" is anything similar to the ideas about firewall backdoors and cults that appeared earlier in this thread, then I would suggest that you are misusing the term "theory". According to the OED (Oxford English Dictionary), "theory" is defined as,
The ideas about firewall backdoors were, I would put to you, hypothesi:
hypothesis
:Some would like to suppress my theory.
David, what evidence would you accept as -disproving- a theory or hypothesis?
Hypothetically speaking, suppose you posted something that hadn't been demonstrated to be definitively true or false, but which in the course of 30 years of research by some extremely bright people had been demonstrated to be quite unlikely to be true. If that were ever to happen, then what you would imagine the public reaction to be? In such a case, would you expect the public reaction to be "You must be right since no-one has yet managed to prove you wrong!" ? Or would you expect the public reaction to be more along the lines of "We don't think that's true, and here is some references you could check out for further information." ?
Here's a theory. Pick up your keyboard, turn it over so the keys face down and give it a damn good shake. E.
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.