Backdoors and Logic Bombs

Backdoor

• Originally placed in computer programs to bypass the normal security and authentication functions of those systems
  • "Used to bypass the normal security and authentication functions"
• Horrible and old security practice
• Most often put into systems by designers and programmers
  • Breach of secure programming best practices
• Remote Access Trojan (RAT) acts just like a backdoor in our modern networks
  • Can be placed by a threat actor on your computer to help them maintain persistent access to that system

Easter egg

• a hidden feature or novelty within a program that is typically inserted by the software developers as an inside joke
• Code often has significant vulnerabilities
• No real functionality, but a hidden/secret feature but adds additional code that may have vulnerabilities associated with them
• Doesn't always go through the same rigorous security protocols before releasing them as production/applicaiton code

Logic Bombs

• Malicious code that's inserted into a program, and the malicious code will only execute when certain conditions have been met
• "Execute every single day at midnight"
• 1993 Jurassic Park
  • Keep all the dinosaurs inside the electrified enclosure
  • His Logic bomb is designed to shut down the power for a few minutes so he can run in, steal some dinosaur embryos, and then sell them to get rich
  • There is no power, so he is able to go pass all the alarms
  • Dinosaurs ate him at the end (bad ending)
• "Create an action at a certain time"

Never include backdoors, easter eggs, or logic bombs, including them is considered a bad developer practice.